BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Security Validation Firm Pentera Banks $60M Series D
/in General NewsIsraeli startup in the automated security validation space secures a $60 million round led by Evolution Equity Partners.
The post Security Validation Firm Pentera Banks $60M Series D appeared first on SecurityWeek.
SecurityWeek – Read More
Picklescan Vulnerabilities Could Let Hackers Bypass AI Security Checks
/in General NewsSonatype researchers uncover critical vulnerabilities in picklescan. Learn how these flaws impact AI model security, Hugging Face, and…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Volt Typhoon Strikes Massachusetts Power Utility
/in General NewsThe prolonged attack, which lasted 300+ days, is the first known compromise of the US electric grid by the Voltzite subgroup of the Chinese APT; during it, the APT attempted to exfiltrate critical OT infrastructure data.
darkreading – Read More
Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers
/in General NewsChina-nexus cyberespionage group caught planting custom backdoors on end-of-life Juniper Networks Junos OS routers.
The post Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers appeared first on SecurityWeek.
SecurityWeek – Read More
Chinese Cyber Espionage Group UNC3886 Backdoored Juniper Routers
/in General NewsUNC3886 hackers target Juniper routers with custom backdoor malware, exploiting outdated systems for stealthy access and espionage. Learn how to stay protected.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
The Violent Rise of ‘No Lives Matter’
/in General News“No Lives Matter” has emerged in recent months as a particularly violent splinter group within the extremist crime network known as Com and 764, and experts are at a loss for how to stop its spread.
Security Latest – Read More
‘Ballista’ Botnet Exploits 2023 Vulnerability in TP-Link Routers
/in General NewsIn the past, the vulnerability was exploited to drop Mirai botnet malware. Today, it’s being used once more for another botnet campaign with its own malware.
darkreading – Read More
Garantex administrator arrested in India under extradition law
/in General NewsGarantex co-founder Aleksej Besciokov was arrested in India’s Kerala on Tuesday under the country’s extradition law.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
360 Privacy Raises $36 Million for Digital Executive Protection Platform
/in General News360 Privacy has raised $36 million in equity investment to scour the surface and dark web for leaked PII and remove it.
The post 360 Privacy Raises $36 Million for Digital Executive Protection Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Fraud Losses Reached $12.5 Billion in 2024: FTC
/in General NewsFTC says reported losses to fraud exceeded $12.5 billion in 2024, with $5.7 billion lost to investment scams.
The post Fraud Losses Reached $12.5 Billion in 2024: FTC appeared first on SecurityWeek.
SecurityWeek – Read More