BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] CrushFTP 11.3.1 - Authentication Bypass
- [remote] Invision Community 5.0.6 - Remote Code Execution (RCE)
- [local] Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
Apache Tomcat RCE Vulnerability Under Fire With 2-Step Exploit
/in General NewsThe researchers who discovered the initial assault warned that the simple, staged attack is just the beginning for advanced exploit sequences that will test cyber defenses in new and more difficult ways.
darkreading – Read More
Texas man faces prison for activating ‘kill switch’ on former employer’s network
/in General NewsSoftware developer Davis Lu was found guilty of sabotaging the company’s systems.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
NIST Announces HQC as Fifth Standardized Post Quantum Algorithm
/in General NewsFirst choices for both KEMs and DSAs are already standardized, and organizations should not wait for the backups to be available before migrating to PQC.
The post NIST Announces HQC as Fifth Standardized Post Quantum Algorithm appeared first on SecurityWeek.
SecurityWeek – Read More
Custom vs. Off-the-shelf Educational Software
/in General NewsEducational institutions and businesses looking to implement technology-driven learning solutions often face a key decision: should they invest…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
5 clever ways to use Chromecast on your TV (including one for smart home enthusiasts)
/in General NewsGoogle’s trusty casting device has been around for over a decade and will eventually be replaced. Until then, you can use it for more than just streaming shows.
Latest stories for ZDNET in Security – Read More
All your Alexa recordings will go to the cloud soon, as Amazon sunsets Echo privacy
/in General NewsCome March 28, Amazon is disabling an option that allows your Alexa voice conversations to be processed locally instead of in the cloud.
Latest stories for ZDNET in Security – Read More
Hackers are exploiting Fortinet firewall bugs to plant ransomware
/in General NewsSecurity researchers say that a threat actor it calls Mora_001 has ‘close ties’ to the Russia-linked hacking group
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
RansomHub Taps FakeUpdates to Target US Government Sector
/in General NewsA ransomware activity wave using the SocGholish MaaS framework for initial access also has affected banking and consulting firms in the US, Taiwan, and Japan since the beginning of the year.
darkreading – Read More
8,000 New WordPress Vulnerabilities Reported in 2024
/in General NewsNearly 8,000 new vulnerabilities affecting the WordPress ecosystem were reported last year, nearly all in plugins and themes.
The post 8,000 New WordPress Vulnerabilities Reported in 2024 appeared first on SecurityWeek.
SecurityWeek – Read More
How ‘Open Innovation’ Can Help Solve Problems Faster, Better & Cheaper
/in General NewsCybersecurity is not just a technical challenge but also a very human one. The more humans that organizations can get involved, the more diverse perspectives and experiences that can be tapped into.
darkreading – Read More