BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover
- [remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)
- [remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
- [local] Sudo chroot 1.9.17 - Local Privilege Escalation
- [local] Sudo 1.9.17 Host Option - Elevation of Privilege
- [local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
- [webapps] Discourse 3.2.x - Anonymous Cache Poisoning
- [remote] Microsoft Outlook - Remote Code Execution (RCE)
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
Google Patches Critical Chrome Vulnerability
/in General NewsGoogle patches CVE-2024-4058, a critical Chrome vulnerability for which researchers earned a $16,000 reward.
The post Google Patches Critical Chrome Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
Threat Actor Uses Multiple Infostealers in Global Campaign
/in General NewsA threat actor tracked as CoralRaider has been using multiple infostealers to harvest credentials from users worldwide.
The post Threat Actor Uses Multiple Infostealers in Global Campaign appeared first on SecurityWeek.
SecurityWeek – Read More
Russian APT28 Exploiting Windows Vulnerability with GooseEgg Tool
/in General NewsBy Waqas
Update Windows Now or Get Hacked: Microsoft Warns of Actively Exploited Vulnerability!
This is a post from HackRead.com Read the original post: Russian APT28 Exploiting Windows Vulnerability with GooseEgg Tool
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation
/in General NewsCISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild.
The post CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation appeared first on SecurityWeek.
SecurityWeek – Read More
Veeam Acquires Coveware to Boost its Ransomware Protection Capabilities
/in General NewsVeeam Software announced the acquisition of Coveware, a provider of cyber-extortion incident response. It brings ransomware recovery and first responder capabilities to further strengthen Veeam’s radical resilience solutions for customers.
Cyware News – Latest Cyber News – Read More
Nagomi Security Emerges From Stealth With $30 Million in Funding
/in General NewsNagomi Security, a company that helps customers prevent threats by leveraging existing security tools, emerged from stealth with $30 million in funding.
The post Nagomi Security Emerges From Stealth With $30 Million in Funding appeared first on SecurityWeek.
SecurityWeek – Read More
US Treasury Sanctions Iranians Linked to Government Cyberattacks
/in General NewsThe Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned four Iranian nationals for their involvement in cyberattacks against the U.S. government, defense contractors, and private companies.
Cyware News – Latest Cyber News – Read More
Prophet Security Emerges From Stealth Mode With $11 Million in Funding
/in General NewsBain Capital Ventures and angel investors invest $11 million in automated alerts analysis startup Prophet Security.
The post Prophet Security Emerges From Stealth Mode With $11 Million in Funding appeared first on SecurityWeek.
SecurityWeek – Read More
SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking
/in General NewsSD-WAN must be scalable, stable, secure, and fully operational to serve as a strong base for seamless modernization and progression to SASE.
The post SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking appeared first on SecurityWeek.
SecurityWeek – Read More
FTC Commercial Surveillance Rules Could Arrive Within Months, Sources Say
/in General NewsAccording to two sources familiar with the FTC’s plans, the rules will emphasize data security and data minimization, or the idea that companies should only collect the data they need to conduct business with consumers and delete it when concluded.
Cyware News – Latest Cyber News – Read More