BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] CrushFTP 11.3.1 - Authentication Bypass
- [remote] Invision Community 5.0.6 - Remote Code Execution (RCE)
- [local] Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
Former NSA official says federal worker cuts will have ‘devastating impact’ on cyber and national security
/in General NewsFormer top U.S. cybersecurity official Rob Joyce told lawmakers on Wednesday that cuts to federal probationary employees will have a “devastating impact” on U.S. national security. Joyce, who was the director of cybersecurity for the National Security Agency until retiring in 2024, was providing testimony to the U.S. House Committee on the Chinese Communist Party, […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Chinese Silk Typhoon Group Targets IT Tools for Network Breaches
/in General NewsMicrosoft warns that Chinese espionage group Silk Typhoon now exploits IT tools like remote management apps and cloud services to breach networks.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
SpecterOps Scores $75M Series B to Scale BloodHound Enterprise Platform
/in General NewsSpecterOps has raised an unusually large $75 million Series B funding round to accelerate the growth of its BloodHound Enterprise platform.
The post SpecterOps Scores $75M Series B to Scale BloodHound Enterprise Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Justice Department charges Chinese hackers-for-hire linked to Treasury breach
/in General NewsThe individuals are accused of hacking over 100 U.S. organizations over the course of a decade
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Why Security Leaders Are Opting for Consulting Gigs
/in General NewsMany CISOs are weighing the benefits of going virtual as a consultant. Can the pendulum swing in the other direction?
darkreading – Read More
China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access
/in General NewsThe China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks.
That’s according to new findings from the Microsoft Threat Intelligence team, which said the Silk Typhoon (formerly Hafnium) hacking
The Hacker News – Read More
China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain
/in General NewsSilk Typhoon APT caught using IT supply chain entry points to conduct reconnaissance, siphon data, and move laterally on victim networks.
The post China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain appeared first on SecurityWeek.
SecurityWeek – Read More
Broadcom urges VMware customers to patch ‘emergency’ zero-day bugs under active exploitation
/in General NewsSecurity experts warn of ‘huge impact’ of actively exploited hypervisor flaws that allow sandbox escape
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Defending against USB drive attacks with Wazuh
/in General NewsUSB drive attacks constitute a significant cybersecurity risk, taking advantage of the everyday use of USB devices to deliver malware and circumvent traditional network security measures. These attacks lead to data breaches, financial losses, and operational disruptions, with lasting impacts on an organization’s reputation. An example is the Stuxnet worm discovered in 2010, a malware designed to
The Hacker News – Read More
Alli AI Announces Upcoming Public Launch of AI-Powered Content Creation Platform
/in General NewsLondon, United Kingdom, 5th March 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More