BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Cyberattack Causes Disruptions at Omni Hotels
/in General NewsOmni Hotels & Resorts tells customers that recent disruptions have been caused by a cyberattack that forced it to shut down systems.
The post Cyberattack Causes Disruptions at Omni Hotels appeared first on SecurityWeek.
SecurityWeek – Read More
Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems
/in General NewsA critical OS command injection in Progress Flowmon can be exploited to gain remote, unauthenticated access to the system.
The post Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems appeared first on SecurityWeek.
SecurityWeek – Read More
Cloud Threat Detection Firm Permiso Raises $18 million
/in General NewsCloud security firm provides a detection platform able to detect and predict the likely behavior of ‘bad’ identities.
The post Cloud Threat Detection Firm Permiso Raises $18 million appeared first on SecurityWeek.
SecurityWeek – Read More
SurveyLama Data Breach Impacts 4.4 Million Users
/in General NewsData breach impacting users’ personal information prompts survey rewards platform SurveyLama to reset passwords.
The post SurveyLama Data Breach Impacts 4.4 Million Users appeared first on SecurityWeek.
SecurityWeek – Read More
Center Identity Launches Patented Passwordless Authentication for Businesses
/in General NewsBy Cyber Newswire
Portland, Oregon, April 4th, 2024, CyberNewsWire Center Identity, a pioneering cybersecurity company, is excited to unveil its patented…
This is a post from HackRead.com Read the original post: Center Identity Launches Patented Passwordless Authentication for Businesses
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
US Cancer Center Data Breach Impacting 800,000
/in General NewsCity of Hope is notifying 800,000 individuals of a data breach impacting their personal and health information.
The post US Cancer Center Data Breach Impacting 800,000 appeared first on SecurityWeek.
SecurityWeek – Read More
AI’s Dual Role on SMB Brand Spoofing
/in General NewsCybercriminals are using AI to impersonate small businesses. Security architects are using it to help small businesses fight back.
darkreading – Read More
Report: 73% Brace for Cybersecurity Impact on Business in the Next Year or Two
/in General NewsOnly 3% of organizations across the globe have the ‘mature’ level of readiness needed to be resilient against modern cybersecurity risks, according to Cisco. The readiness is down from one year ago, when 15% of companies were ranked mature.
Cyware News – Latest Cyber News – Read More
Targeted Phishing Linked to ‘The Com’ Surges in the US, the UK, and Canada
/in General NewsA persistent social engineering threat faced by enterprises involves attackers trying to obtain login credentials for identity and access management (IAM), cloud resources, or single sign-on (SSO)-enabled systems.
Cyware News – Latest Cyber News – Read More
Distinctive Campaign Evolution of Pikabot Malware
/in General NewsPikaBot, along with other malicious loaders like QBot and DarkGate, heavily depends on spam campaigns for distribution. Its initial access strategies are intricately crafted, utilizing geographically targeted spam emails for specific countries.
Cyware News – Latest Cyber News – Read More