BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE)
- [remote] CrushFTP 11.3.1 - Authentication Bypass
- [remote] Invision Community 5.0.6 - Remote Code Execution (RCE)
- [local] Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
/in General NewsA dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication.
The findings once again highlight how hard-coded credentials pose a severe security risk to users and organizations alike, not to mention compounding the problem when LLMs end up suggesting insecure coding practices to their users.
Truffle
The Hacker News – Read More
Microsoft Names Suspects in Lawsuit Against AI Hackers
/in General NewsIn a lawsuit targeting cybercriminals who abuse AI services, Microsoft has named individuals from Iran, the UK, China and Vietnam.
The post Microsoft Names Suspects in Lawsuit Against AI Hackers appeared first on SecurityWeek.
SecurityWeek – Read More
Targeted by Ransomware, Middle East Banks Shore Up Security
/in General NewsAs the UAE financial sector finished up its annual cyberattack exercise, its worries about ransomware compromises and geopolitical attacks are on the rise.
darkreading – Read More
GHOSTR Hacker Linked to 90+ Data Breaches Arrested
/in General NewsA hacker using the alias GHOSTR, linked to 90+ data breaches, was arrested in a joint effort by law enforcement in Thailand, Singapore, and cybersecurity firm Group-IB.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
eCommerce Customer Service Tips For Online Support: The Basics
/in General NewsStrong eCommerce customer service builds trust, boosts loyalty, and drives sales. Learn key strategies, best practices, and tools to enhance online support.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Nakivo Fixes Critical Flaw in Backup & Replication Tool
/in General NewsThe vendor’s products fall in a category that ransomware operators like to target to circumvent victims’ ability to recover from a successful attack.
darkreading – Read More
How to Use Slack for Business: Workplace Communication
/in General NewsDo you want to have the best communication system at your workplace? Learn how to maximize the benefits…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Cleveland Municipal Court Remains Closed After Cyber Incident
/in General NewsNo details yet on what forced the court to shut down affected systems and halt operations as of late Feb. 23.
darkreading – Read More
New Backdoor Auto-color Linux Targets Systems in US and Asia
/in General NewsAuto-color: New Linux backdoor malware targeting the US and Asia. Learn about its advanced evasion, persistence, and detection…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Spyzie stalkerware is spying on thousands of Android and iPhone users
/in General NewsAnother little-known phone monitoring outfit has quietly amassed half a million customers, whose email addresses are now in Have I Been Pwned.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More