BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog
- PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data
- Wappalyzer-Next - Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies
- Telegram-Checker - A Python Tool For Checking Telegram Accounts Via Phone Numbers Or Usernames
- Torward - An Improved Version Based On The Torghost-Gn And Darktor Scripts, Designed To Enhance Anonymity On The Internet
- Instagram-Brute-Force-2024 - Instagram Brute Force 2024 Compatible With Python 3.13 / X64 Bit / Only Chrome Browser
- QuickResponseC2 - A Command & Control Server That Leverages QR Codes To Send Commands And Receive Results From Remote Systems
- Telegram-Scraper - A Powerful Python Script That Allows You To Scrape Messages And Media From Telegram Channels Using The Telethon Library
- Moukthar - Android Remote Administration Tool
- Lobo Guará - Cyber Threat Intelligence Platform
Exploit DB
- [webapps] FoxCMS 1.2.5 - Remote Code Execution (RCE)
- [webapps] Drupal 11.x-dev - Full Path Disclosure
- [webapps] Apache Commons Text 1.10.0 - Remote Code Execution
- [webapps] Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
- [webapps] Tatsu 3.3.11 - Unauthenticated RCE
- [remote] Langflow 1.3.0 - Remote Code Execution (RCE)
- [webapps] UJCMS 9.6.3 - User Enumeration via IDOR
- [webapps] Inventio Lite 4 - SQL Injection
- [webapps] KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
- [hardware] ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution
Fake Recruiters Defraud Facebook Users via Remote-Work Offers
/in General NewsScammers are targeting multiple brands with “job offers” on Meta’s social media platform, that go as far as to offer what look like legitimate job contracts to victims.
darkreading – Read More
Mirai-based NoaBot Botnet Targeting Linux Systems with Cryptominer
/in General NewsBy Deeba Ahmed
Another day, another malware threat against Linux systems!
This is a post from HackRead.com Read the original post: Mirai-based NoaBot Botnet Targeting Linux Systems with Cryptominer
Hackread – Latest Cybersecurity News, Press Releases & Technology Today – Read More
Anonymous Sudan Launches Cyberattack on Chad Telco
/in General NewsHacktivists attack infrastructure, including routers, network administration systems, and devices.
darkreading – Read More
New Python-based FBot Hacking Toolkit Aims at Cloud and SaaS Platforms
/in General NewsA new Python-based hacking tool called FBot has been discovered, targeting web servers, cloud services, content management systems, and SaaS platforms like Amazon Web Services and Microsoft 365.
Cyware News – Latest Cyber News – Read More
Hospitals Must Treat Patient Data and Health With Equal Care
/in General NewsAll companies are under the data privacy compliance gun — but healthcare companies have a target on their backs.
darkreading – Read More
Coming Soon to a Network Near You: More Shadow IoT
/in General NewsConsumer IoT devices will increase the threat to commercial, government, healthcare, educational, and other organizations.
The post Coming Soon to a Network Near You: More Shadow IoT appeared first on SecurityWeek.
SecurityWeek – Read More
Child Abusers Are Getting Better at Using Crypto to Cover Their Tracks
/in General NewsCrypto tracing firm Chainalysis found that sellers of child sexual abuse materials are successfully using “mixers” and “privacy coins” like Monero to launder their profits and evade law enforcement.
Security Latest – Read More
AI-Powered Misinformation is the World’s Biggest Short-Term Threat, Davos Report Says
/in General NewsFalse and misleading information supercharged with cutting-edge AI that threatens to erode democracy and polarize society, the World Economic Forum said in a new report.
The post AI-Powered Misinformation is the World’s Biggest Short-Term Threat, Davos Report Says appeared first on SecurityWeek.
SecurityWeek – Read More
UK: NCSC Publishes Practical Security Guidance for SMBs
/in General NewsSmaller organizations are increasingly reliant on cloud and online services, making them vulnerable to cyber threats. The guide provides practical advice on choosing the right service, securing user accounts, and recovering from a cyberattack.
Cyware News – Latest Cyber News – Read More
Dutch Man Deployed Stuxnet via Water Pump to Disable Iran’s Nukes
/in General NewsBy Deeba Ahmed
Beyond Bush and Obama: Dutch Investigation Uncovers Hidden Secrets of Stuxnet’s Billion-Dollar Attack.
This is a post from HackRead.com Read the original post: Dutch Man Deployed Stuxnet via Water Pump to Disable Iran’s Nukes
Hackread – Latest Cybersecurity News, Press Releases & Technology Today – Read More