BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Remote Access Infra Remains Riskiest Corp. Attack Surface
/in General NewsExposed login panels for VPNs and remote access systems leave companies open to attack, sometimes tripling the risk of ransomware and making it harder to get cyber insurance.
darkreading – Read More
Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom
/in General NewsCyber threats evolve daily. In this live webinar, learn exactly how ransomware attacks unfold—from the initial breach to the moment hackers demand payment.
Join Joseph Carson, Delinea’s Chief Security Scientist and Advisory CISO, who brings 25 years of enterprise security expertise. Through a live demonstration, he will break down every technical step of a ransomware attack, showing you how
The Hacker News – Read More
RSA Conference Playbook: Smart Strategies from Seasoned Attendees
/in General NewsYour guide on how to get through the conference with your sanity, energy, and key performance indicators (KPIs) intact.
The post RSA Conference Playbook: Smart Strategies from Seasoned Attendees appeared first on SecurityWeek.
SecurityWeek – Read More
New CCA Jailbreak Method Works Against Most AI Models
/in General NewsTwo Microsoft researchers have devised a new jailbreak method that bypasses the safety mechanisms of most AI systems.
The post New CCA Jailbreak Method Works Against Most AI Models appeared first on SecurityWeek.
SecurityWeek – Read More
UK’s secret iCloud backdoor order triggers civil rights challenge
/in General NewsThe U.K. government’s secret order to Apple demanding it backdoor the end-to-end encrypted version of its iCloud storage service has now been challenged by two civil rights groups, Liberty and Privacy International, which filed complaints Thursday. They called the order “unacceptable and disproportionate” and warned of “global consequences” as the access order is thought to […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
A New Era of Attacks on Encryption Is Starting to Heat Up
/in General NewsThe UK, France, Sweden, and EU have made fresh attacks on end-to-end encryption. Some of the attacks are more “crude” than those in recent years, experts say.
Security Latest – Read More
Recent Fortinet Vulnerabilities Exploited in ‘SuperBlack’ Ransomware Attacks
/in General NewsThe newly discovered SuperBlack ransomware has been exploiting two vulnerabilities in Fortinet firewalls.
The post Recent Fortinet Vulnerabilities Exploited in ‘SuperBlack’ Ransomware Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions
/in General NewsUsers searching for pirated software are the target of a new malware campaign that delivers a previously undocumented clipper malware called MassJacker, according to findings from CyberArk.
Clipper malware is a type of cryware (as coined by Microsoft) that’s designed to monitor a victim’s clipboard content and facilitate cryptocurrency theft by substituting copied cryptocurrency wallet addresses
The Hacker News – Read More
OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection
/in General NewsA new malware campaign has been observed leveraging social engineering tactics to deliver an open-source rootkit called r77.
The activity, condemned OBSCURE#BAT by Securonix, enables threat actors to establish persistence and evade detection on compromised systems. It’s currently not known who is behind the campaign.
The rootkit “has the ability to cloak or mask any file, registry key or task
The Hacker News – Read More
Ransomware attack takes down health system network in Micronesia
/in General NewsOne of the four states that make up the Pacific nation of Micronesia is battling against ransomware hackers who have forced all of the computers used by its government health agency offline.
The Record from Recorded Future News – Read More