BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Ingress-NGINX 4.11.0 - Remote Code Execution (RCE)
- [local] Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)
- [remote] FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse
- [remote] Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)
- [remote] PCMan FTP Server 2.0.7 - Buffer Overflow
- [webapps] Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation
- [local] Parrot and DJI variants Drone OSes - Kernel Panic Exploit
- [webapps] PHP CGI Module 8.3.4 - Remote Code Execution (RCE)
- [remote] AirKeyboard iOS App 1.0.5 - Remote Input Injection
- [webapps] Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI
Cybercriminal Campaign Spreads Infostealers, Highlighting Risks to Web3 Gaming
/in General NewsThe campaign targets Web3 gamers, exploiting their potential lack of cyber hygiene in the pursuit of profits. It represents a significant cross-platform threat, utilizing a variety of malware to compromise users’ systems.
Cyware News – Latest Cyber News – Read More
Cyberattacks Cost Financial Firms $12 Billion, Says IMF
/in General NewsFinancial services firms have been hit with $12bn in losses over the last two decades as a result of cyber attacks, according to a recently published report from the International Monetary Fund (IMF).
Cyware News – Latest Cyber News – Read More
US Data Breach Reports Surge 90% Annually in Q1
/in General NewsThe first three months of 2024 saw 841 publicly reported “data compromises” – up 90% on the same period last year, according to the Identity Theft Resource Center (ITRC).
Cyware News – Latest Cyber News – Read More
CISA Makes its “Malware Next-Gen” Analysis System Publicly Available
/in General NewsMalware Next-Gen was originally designed to allow U.S. federal, state, local, tribal, and territorial government agencies to submit suspicious files and receive automated malware analysis through static and dynamic analysis tools.
Cyware News – Latest Cyber News – Read More
Russia Tops Global Cybercrime Index, New Study Reveals
/in General NewsRussia is the most significant source of global cybercrime and serves as the top hub for digital threat actors worldwide, according to the newly released World Cybercrime Index.
Cyware News – Latest Cyber News – Read More
Update: Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack
/in General NewsThreat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday.
Cyware News – Latest Cyber News – Read More
CISA Adds Multiple D-Link NAS Device Bugs to its Known Exploited Vulnerabilities Catalog
/in General NewsAccording to BOD 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.
Cyware News – Latest Cyber News – Read More
GSMA Releases Mobile Threat Intelligence Framework
/in General NewsGSM Association’s Fraud and Security Group (FASG) has published the first version of a framework for describing, in a structured way, how adversaries attack and use mobile networks, based on the tactics, techniques, and procedures (TTPs) used.
Cyware News – Latest Cyber News – Read More
US Claims to Have Recovered $1.4bn in COVID Fraud
/in General NewsThe COVID-19 Fraud Enforcement Task Force (CFETF) was set up in 2021 to tackle what is believed to be fraud on a vast scale, taking advantage of generous government loans and relief payments during the pandemic.
Cyware News – Latest Cyber News – Read More
How Israel Is Defending Against Iran’s Drone Attack
/in General NewsThe Iron Dome is going to be put to the test—but it’s not Israel’s only line of defense.
Security Latest – Read More