BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
- [remote] Microsoft Excel 2024 Use after free - Remote Code Execution (RCE)
New Stealthy Remcos Malware Campaigns Target Businesses and Schools
/in General NewsForcepoint’s X-Labs reveals Remcos malware using new tricky phishing emails from compromised accounts and advanced evasion techniques like…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign
/in General NewsThreat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used to facilitate a prolonged cyber espionage infrastructure campaign for China-nexus hacking groups.
The Operational Relay Box (ORB) network has been codenamed LapDogs by SecurityScorecard’s STRIKE team.
“The LapDogs network has a high concentration of victims
The Hacker News – Read More
Windows’ Infamous ‘Blue Screen of Death’ Will Soon Turn Black
/in General NewsAfter more than 40 years of being set against a very recognizable blue, the updated error message will soon be displayed across a black background.
The post Windows’ Infamous ‘Blue Screen of Death’ Will Soon Turn Black appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers Make Hay? Smart Tractors Vulnerable to Full Takeover
/in General NewsHackers can spy on tens of thousands of connected tractors in the latest IoT threat, and brick them too, thanks to poor security in an aftermarket steering system.
darkreading – Read More
US Supreme Court Upholds Texas Porn ID Law
/in General NewsIn a 6-3 decision, the Supreme Court held that age verification for explicit sites is constitutional. In a dissent, Justice Elena Kagan warned it burdens adults and ignores First Amendment precedent.
Security Latest – Read More
Hackers stole data on 2.2 million people in cyberattack affecting American grocery chains
/in General NewsThe Dutch conglomerate behind Hannaford, Stop & Shop and other major grocery brands informed state regulators of the scope of a November cyberattack that hampered online orders and leaked sensitive data.
The Record from Recorded Future News – Read More
In Other News: Norway Dam Hacked, $177M Data Breach Settlement, UNFI Attack Update
/in General NewsNoteworthy stories that might have slipped under the radar: Norwegian dam hacked, AT&T agrees to $177 million data breach settlement, Whole Foods distributor restores systems after attack.
The post In Other News: Norway Dam Hacked, $177M Data Breach Settlement, UNFI Attack Update appeared first on SecurityWeek.
SecurityWeek – Read More
Vulnerability Debt: How Do You Put a Price on What to Fix?
/in General NewsPutting a vulnerability debt figure together involves work, but having vulnerability debt figures lets you measure real-world values against your overall security posture.
darkreading – Read More
United Natural Foods says week-long cyber incident will impact quarterly income
/in General NewsUNFI, the biggest supplier to Whole Foods stores, reported that its income will take a hit for the quarter that ends in August because of a recent cyberattack that disrupted operations.
The Record from Recorded Future News – Read More
Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage
/in General NewsMicrosoft is preparing a private preview of new Windows endpoint security platform capabilities to help antimalware vendors create solutions that run outside the kernel.
The post Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage appeared first on SecurityWeek.
SecurityWeek – Read More