BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
‘CitrixBleed 2’ Shows Signs of Active Exploitation
/in General NewsIf exploited, the critical vulnerability allows attackers to maintain access for longer periods of time than the original CitrixBleed flaw, all while remaining undetected.
darkreading – Read More
How Anthropic’s new initiative will prepare for AI’s looming economic impact
/in General NewsThe program, which includes research grants and public forums, follows the company CEO’s dire predictions about widespread AI-induced job loss.
Latest stories for ZDNET in Security – Read More
New Stealthy Remcos Malware Campaigns Target Businesses and Schools
/in General NewsForcepoint’s X-Labs reveals Remcos malware using new tricky phishing emails from compromised accounts and advanced evasion techniques like…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign
/in General NewsThreat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used to facilitate a prolonged cyber espionage infrastructure campaign for China-nexus hacking groups.
The Operational Relay Box (ORB) network has been codenamed LapDogs by SecurityScorecard’s STRIKE team.
“The LapDogs network has a high concentration of victims
The Hacker News – Read More
Windows’ Infamous ‘Blue Screen of Death’ Will Soon Turn Black
/in General NewsAfter more than 40 years of being set against a very recognizable blue, the updated error message will soon be displayed across a black background.
The post Windows’ Infamous ‘Blue Screen of Death’ Will Soon Turn Black appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers Make Hay? Smart Tractors Vulnerable to Full Takeover
/in General NewsHackers can spy on tens of thousands of connected tractors in the latest IoT threat, and brick them too, thanks to poor security in an aftermarket steering system.
darkreading – Read More
US Supreme Court Upholds Texas Porn ID Law
/in General NewsIn a 6-3 decision, the Supreme Court held that age verification for explicit sites is constitutional. In a dissent, Justice Elena Kagan warned it burdens adults and ignores First Amendment precedent.
Security Latest – Read More
Hackers stole data on 2.2 million people in cyberattack affecting American grocery chains
/in General NewsThe Dutch conglomerate behind Hannaford, Stop & Shop and other major grocery brands informed state regulators of the scope of a November cyberattack that hampered online orders and leaked sensitive data.
The Record from Recorded Future News – Read More
In Other News: Norway Dam Hacked, $177M Data Breach Settlement, UNFI Attack Update
/in General NewsNoteworthy stories that might have slipped under the radar: Norwegian dam hacked, AT&T agrees to $177 million data breach settlement, Whole Foods distributor restores systems after attack.
The post In Other News: Norway Dam Hacked, $177M Data Breach Settlement, UNFI Attack Update appeared first on SecurityWeek.
SecurityWeek – Read More
Vulnerability Debt: How Do You Put a Price on What to Fix?
/in General NewsPutting a vulnerability debt figure together involves work, but having vulnerability debt figures lets you measure real-world values against your overall security posture.
darkreading – Read More