BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations
- Maryam - Open-source Intelligence(OSINT) Framework
- TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog
- PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data
- Wappalyzer-Next - Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies
- Telegram-Checker - A Python Tool For Checking Telegram Accounts Via Phone Numbers Or Usernames
- Torward - An Improved Version Based On The Torghost-Gn And Darktor Scripts, Designed To Enhance Anonymity On The Internet
- Instagram-Brute-Force-2024 - Instagram Brute Force 2024 Compatible With Python 3.13 / X64 Bit / Only Chrome Browser
- QuickResponseC2 - A Command & Control Server That Leverages QR Codes To Send Commands And Receive Results From Remote Systems
- Telegram-Scraper - A Powerful Python Script That Allows You To Scrape Messages And Media From Telegram Channels Using The Telethon Library
Exploit DB
- [webapps] FoxCMS 1.2.5 - Remote Code Execution (RCE)
- [webapps] Drupal 11.x-dev - Full Path Disclosure
- [webapps] Apache Commons Text 1.10.0 - Remote Code Execution
- [webapps] Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
- [webapps] Tatsu 3.3.11 - Unauthenticated RCE
- [remote] Langflow 1.3.0 - Remote Code Execution (RCE)
- [webapps] UJCMS 9.6.3 - User Enumeration via IDOR
- [webapps] Inventio Lite 4 - SQL Injection
- [webapps] KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
- [hardware] ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution
Want to avoid a drone disaster? Don’t skip your pre-flight and post-flight checklists
/in General NewsDrones can be pricey and most crashes are caused by user error. Doing proper pre- and post-flight checks can help you avoid accidents and extend the life of your tech. Here’s everything not to skip.
Latest stories for ZDNET in Security – Read More
Several local governments struggling with cyberattacks limiting services
/in General NewsGovernment services offered by one of the largest counties in Maryland are still being limited more than a week after it was targeted by a cyberattack.
The Record from Recorded Future News – Read More
CISA: No Change on Defending Against Russian Cyber Threats
/in General NewsThe CISA public clarification follows news the Trump administration is temporarily pausing offensive cyber operations against Moscow.
The post CISA: No Change on Defending Against Russian Cyber Threats appeared first on SecurityWeek.
SecurityWeek – Read More
How to Automate Security Questionnaires and Reduce Response Time
/in General NewsSecurity questionnaires take a lot of time and repetitively answering the same questions manually chews up business time…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
US said to halt offensive cyber operations against Russia
/in General NewsThe reported policy shift comes as the U.S. government signals a change in its threat assessment of Russia
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Vishing attacks surged 442% last year – how to protect yourself
/in General NewsPhishing isn’t limited to your inbox anymore.
Latest stories for ZDNET in Security – Read More
New Malware Campaign Exploits Microsoft Graph API to Infect Windows
/in General NewsFortiGuard Labs discovers an advanced attack using modified Havoc Demon and SharePoint. Explore the attack’s evasion techniques and security measures.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
EU’s New Product Liability Directive & Its Cybersecurity Impact
/in General NewsBy proactively addressing liabilities tied to software updates, data loss, and AI technologies, businesses can mitigate risks and achieve compliance.
darkreading – Read More
Latin American Orgs Face 40% More Attacks Than Global Average
/in General NewsTechnological adoption, demographics, politics, and uniquely Latin American law enforcement challenges have combined to make the region uniquely fertile for cyberattacks.
darkreading – Read More
Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites
/in General NewsCybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc.
“The threat actor hides each malware stage behind a SharePoint site and uses a modified version of Havoc Demon in conjunction with the Microsoft Graph API to obscure C2 communications within trusted, well-known
The Hacker News – Read More