BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Bytesrevealer - Online Reverse Enginerring Viewer
- CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations
- Maryam - Open-source Intelligence(OSINT) Framework
- TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog
- PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data
- Wappalyzer-Next - Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies
- Telegram-Checker - A Python Tool For Checking Telegram Accounts Via Phone Numbers Or Usernames
- Torward - An Improved Version Based On The Torghost-Gn And Darktor Scripts, Designed To Enhance Anonymity On The Internet
- Instagram-Brute-Force-2024 - Instagram Brute Force 2024 Compatible With Python 3.13 / X64 Bit / Only Chrome Browser
- QuickResponseC2 - A Command & Control Server That Leverages QR Codes To Send Commands And Receive Results From Remote Systems
Exploit DB
- [webapps] FoxCMS 1.2.5 - Remote Code Execution (RCE)
- [webapps] Drupal 11.x-dev - Full Path Disclosure
- [webapps] Apache Commons Text 1.10.0 - Remote Code Execution
- [webapps] Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
- [webapps] Tatsu 3.3.11 - Unauthenticated RCE
- [remote] Langflow 1.3.0 - Remote Code Execution (RCE)
- [webapps] UJCMS 9.6.3 - User Enumeration via IDOR
- [webapps] Inventio Lite 4 - SQL Injection
- [webapps] KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
- [hardware] ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution
American Airlines now lets you track your luggage with AirTags – here’s how
/in General NewsA mishandled bag might make its way back to you quicker than ever.
Latest stories for ZDNET in Security – Read More
Apple Drops iCloud’s Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands
/in General NewsApple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect following government demands for backdoor access to encrypted user data.
The development was first reported by Bloomberg.
ADP for iCloud is an optional setting that ensures that users’ trusted devices retain sole access to the encryption keys used to unlock data stored in its
The Hacker News – Read More
Nations Open ‘Data Embassies’ to Protect Critical Info
/in General NewsEstonia and Monaco back up their citizens’ information to a data center in Luxembourg, while Singapore looks to India as its safe haven for data. But geopolitical challenges remain.
darkreading – Read More
Apple Pulls Advanced Data Protection for New UK Users Amid Backdoor Demand
/in General NewsApple says it can no longer offer end-to-end encrypted cloud backups in the UK and insists it will never build a backdoor or master key.
The post Apple Pulls Advanced Data Protection for New UK Users Amid Backdoor Demand appeared first on SecurityWeek.
SecurityWeek – Read More
Apple pulls iCloud end-to-end encryption feature for UK users after government demanded backdoor
/in General NewsIn an unprecedented step, Apple caved to a reported U.K. government’s demand to prevent users from using end-to-end encryption in iCloud.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Freelance Software Developers in North Korean Malware Crosshairs
/in General NewsESET says hundreds of freelance software developers have fallen victim to North Korean hackers posing as recruiters.
The post Freelance Software Developers in North Korean Malware Crosshairs appeared first on SecurityWeek.
SecurityWeek – Read More
Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics
/in General NewsCisco Talos observed Chinese hackers pivoting from a compromised device operated by one telecom to target a device in another telecom.
The post Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics appeared first on SecurityWeek.
SecurityWeek – Read More
Ukrainian hackers claim breach of Russian loan company linked to Putin’s ex-wife
/in General NewsA pro-Ukraine hacking group claimed that it was behind an attack on CarMoney, a Russian microfinance company with reported connections to Vladimir Putin’s ex-wife.
The Record from Recorded Future News – Read More
4 Low-Cost Ways to Defend Your Organization Against Deepfakes
/in General NewsEvery organization should be exploring a layered approach in which artificial and human intelligences come together to form a rich, dynamic, and multifaceted deepfake defense strategy tailored to its needs.
darkreading – Read More
The US Is Considering a TP-Link Router Ban—Should You Worry?
/in General NewsSeveral government departments are investigating TP-Link routers over Chinese cyberattack fears, but the company denies links.
Security Latest – Read More