BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Orion Security Raises $6 Million to Tackle Insider Threats and Data Leaks with AI-Driven DLP
/in General NewsOrion protects against data exfiltration by using AI to compare actual data flows against permitted and expected data flows.
The post Orion Security Raises $6 Million to Tackle Insider Threats and Data Leaks with AI-Driven DLP appeared first on SecurityWeek.
SecurityWeek – Read More
Analytics company Dataminr secures $85M to fund growth
/in General NewsDataminr, a data analytics company that counts NATO and OpenAI among its customers, has raised $85 million in a combination of convertible financing and credit, Dataminr announced on Wednesday. It’s chump change for Dataminr, which closed a $475 million round at a $4.1 billion valuation in 2021. But the company has seen its fair share […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk?
/in General NewsBy simply sending HTTP requests, attackers can trigger the deserialisation of malicious data in Tomcat’s session storage and gain control.
Security | TechRepublic – Read More
Half a million people impacted by Pennsylvania State Education Association data breach
/in General NewsMore than 500,000 people were impacted by a cyberattack on the Pennsylvania State Education Association (PSEA) that took place in July 2024.
The Record from Recorded Future News – Read More
US teachers’ union says hackers stole sensitive personal data on over 500,000 members
/in General NewsPSEA says it “took steps to ensure” its stolen data was deleted, suggesting a ransom demand was paid
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Researchers Use AI Jailbreak on Top LLMs to Create Chrome Infostealer
/in General NewsNew Immersive World LLM jailbreak lets anyone create malware with GenAI. Discover how Cato Networks researchers tricked ChatGPT, Copilot, and DeepSeek into coding infostealers – In this case, a Chrome infostealer.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
What’s Behind Google’s $32 Billion Wiz Acquisition?
/in General NewsNews analysis: Google positions itself to compete with Microsoft for enterprise security dollars. How does this deal affect startup ecosystem?
The post What’s Behind Google’s $32 Billion Wiz Acquisition? appeared first on SecurityWeek.
SecurityWeek – Read More
Cape opens $99/month beta of its privacy-first mobile plan, inks Proton deal, raises $30M
/in General NewsMobile networks continue to be a major target for cybersecurity breaches, and Chinese hacking group Salt Typhoon‘s persistent attacks on multiple carriers are only the latest known examples. The mobile carrier startup Cape is taking a novel approach to addressing the problem: it has built a service it says can provide a more secure, private […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Infosys to Pay $17.5 Million in Settlement Over 2023 Data Breach
/in General NewsInfosys McCamish System has agreed to pay $17.5 million to settle six class action lawsuits filed over a 2023 data breach.
The post Infosys to Pay $17.5 Million in Settlement Over 2023 Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
Why Cybersecurity Needs More Business-Minded Leaders
/in General NewsThe question is no longer “Are we compliant?” but “Are we truly resilient?”
darkreading – Read More