BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] CrushFTP 11.3.1 - Authentication Bypass
- [remote] Invision Community 5.0.6 - Remote Code Execution (RCE)
- [local] Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
SimilarWeb data: This obscure AI startup grew 8,658% while OpenAI crawled at 9%
/in General NewsSimilarWeb data reveals dramatic AI market upheaval with Deepseek (8,658% growth) and Lovable (928% growth) dominating.Read More
Security News | VentureBeat – Read More
China’s Silk Typhoon APT Shifts to IT Supply Chain Attacks
/in General NewsThe nation-state threat group has been breaching providers of remote management tools, identity management providers, and other IT companies to access networks of targeted entities, according to Microsoft.
darkreading – Read More
Two decades of visitor data at the Toronto Zoo stolen in cyberattack
/in General NewsThe organization also lost years of wildlife conservation research as a result of the January 2024 cyber incident.
The Record from Recorded Future News – Read More
Qualcomm, MediaTek Release Security Fix Bonanza
/in General NewsThe chipmakers patched bugs, mostly critical and high severity, that affect everything from smartphones to TVs to artificial intelligence platforms.
darkreading – Read More
Catalan court says NSO Group executives can be charged in spyware investigation
/in General NewsThe ruling said that a lower court can charge two NSO Group co-founders and a former executive of two affiliate companies for the alleged hacking of a lawyer.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
US Indicts China’s iSoon ‘Hackers-for-Hire’ Operatives
/in General Newsi-Soon employees charged with conducting extensive hacking campaigns on behalf of Beijing’s security services.
The post US Indicts China’s iSoon ‘Hackers-for-Hire’ Operatives appeared first on SecurityWeek.
SecurityWeek – Read More
‘Crafty Camel’ APT Targets Aviation, OT With Polygot Files
/in General NewsThe Iran-linked nation-state group made its debut with a stealthy, sophisticated, and laser-focused cyber-espionage attack on targets in UAE.
darkreading – Read More
Bogus ‘BianLian’ Gang Sends Snail-Mail Extortion Letters
/in General NewsThe letters mimic typical ransom notes and threaten to delete or leak compromised data if payments aren’t made, though none of the organizations that received them had active ransomware attacks.
darkreading – Read More
Organizations Still Not Patching OT Due to Disruption Concerns: Survey
/in General NewsCyber-physical systems security company TXOne Networks has published its 2024 Annual OT/ICS Cybersecurity Report.
The post Organizations Still Not Patching OT Due to Disruption Concerns: Survey appeared first on SecurityWeek.
SecurityWeek – Read More
Apple Taking Legal Action Against UK Over Backdoor Demands
/in General NewsApple told TechRepublic it is “gravely disappointed” to remove Advanced Data Protection in the U.K., as it fights government demands for an iCloud backdoor.
Security | TechRepublic – Read More