BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Bytesrevealer - Online Reverse Enginerring Viewer
- CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations
- Maryam - Open-source Intelligence(OSINT) Framework
- TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog
- PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data
- Wappalyzer-Next - Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies
- Telegram-Checker - A Python Tool For Checking Telegram Accounts Via Phone Numbers Or Usernames
- Torward - An Improved Version Based On The Torghost-Gn And Darktor Scripts, Designed To Enhance Anonymity On The Internet
- Instagram-Brute-Force-2024 - Instagram Brute Force 2024 Compatible With Python 3.13 / X64 Bit / Only Chrome Browser
- QuickResponseC2 - A Command & Control Server That Leverages QR Codes To Send Commands And Receive Results From Remote Systems
Exploit DB
- [webapps] FoxCMS 1.2.5 - Remote Code Execution (RCE)
- [webapps] Drupal 11.x-dev - Full Path Disclosure
- [webapps] Apache Commons Text 1.10.0 - Remote Code Execution
- [webapps] Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
- [webapps] Tatsu 3.3.11 - Unauthenticated RCE
- [remote] Langflow 1.3.0 - Remote Code Execution (RCE)
- [webapps] UJCMS 9.6.3 - User Enumeration via IDOR
- [webapps] Inventio Lite 4 - SQL Injection
- [webapps] KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
- [hardware] ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution
Russian officials warn of potential compromise of major tech services provider
/in General NewsIn an unusual public disclosure, the Russian government said that subsidiaries of LANIT, a major tech services provider, had potentially been breached.
The Record from Recorded Future News – Read More
Chinese Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts
/in General NewsA China-linked botnet powered by 130,000 hacked devices has targeted Microsoft 365 accounts with password spraying attacks.
The post Chinese Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts appeared first on SecurityWeek.
SecurityWeek – Read More
Crypto and Cybersecurity: The Rising Threats and Why Reliable Wallets Matter
/in General NewsCybersecurity threats in crypto are rising, from the Bybit hack to fake wallets stealing funds. Learn how to…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Hackers Exploit Fake GitHub Repositories to Spread GitVenom Malware
/in General NewsKaspersky’s Securelist exposes the GitVenom campaign involving fake GitHub repositories to distribute malware. Targeting developers with seemingly legitimate…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
You could get a cut of Avast’s $16.5 million FTC settlement – how to file a claim
/in General NewsHere’s why Avast settled with the FTC and how to determine if you’re eligible for a refund.
Latest stories for ZDNET in Security – Read More
Offensive AI Startup Dreadnode Secures $14M to Stress-Test AI Systems
/in General NewsDreadnode is building “offensive machine learning” tools to safely simulate how AI models might be exploited in the wild.
The post Offensive AI Startup Dreadnode Secures $14M to Stress-Test AI Systems appeared first on SecurityWeek.
SecurityWeek – Read More
Skybox Security Shuts Down, Lays off Entire Workforce
/in General NewsThe sudden shutdown follows the sale of Skybox Security’s business and technology assets to rival Israeli cybersecurity firm Tufin.
The post Skybox Security Shuts Down, Lays off Entire Workforce appeared first on SecurityWeek.
SecurityWeek – Read More
Edera Banks $15M for Kubernetes Workload Isolation Tech
/in General NewsSeattle startup building technology to mitigate lateral movement and block “living off the land” techniques wins interest from investors.
The post Edera Banks $15M for Kubernetes Workload Isolation Tech appeared first on SecurityWeek.
SecurityWeek – Read More
Background check and drug testing provider DISA Global Solutions reports data breach
/in General NewsHouston-based employee screening company DISA Global Solutions says a 2024 data breach exposed the information of more than 3.3 million people.
The Record from Recorded Future News – Read More
Leader of North Korean Hackers Sanctioned by EU
/in General NewsThe EU has announced new sanctions against entities aiding Russia’s war against Ukraine, including an individual who leads North Korean hackers.
The post Leader of North Korean Hackers Sanctioned by EU appeared first on SecurityWeek.
SecurityWeek – Read More