BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
CISA: More than 300 critical infrastructure orgs attacked by Medusa ransomware
/in General NewsAn advisory from the FBI, Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) on Wednesday said the group and its affiliates have attacked organizations in the medical, education, legal, insurance, technology and manufacturing industries.
The Record from Recorded Future News – Read More
Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days
/in General NewsMicrosoft’s March 2025 Patch Tuesday includes six actively exploited zero-day vulnerabilities. Learn about the critical vulnerabilities and why immediate updates are essential.
Security | TechRepublic – Read More
Security Validation Firm Pentera Banks $60M Series D
/in General NewsIsraeli startup in the automated security validation space secures a $60 million round led by Evolution Equity Partners.
The post Security Validation Firm Pentera Banks $60M Series D appeared first on SecurityWeek.
SecurityWeek – Read More
Picklescan Vulnerabilities Could Let Hackers Bypass AI Security Checks
/in General NewsSonatype researchers uncover critical vulnerabilities in picklescan. Learn how these flaws impact AI model security, Hugging Face, and…
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Volt Typhoon Strikes Massachusetts Power Utility
/in General NewsThe prolonged attack, which lasted 300+ days, is the first known compromise of the US electric grid by the Voltzite subgroup of the Chinese APT; during it, the APT attempted to exfiltrate critical OT infrastructure data.
darkreading – Read More
Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers
/in General NewsChina-nexus cyberespionage group caught planting custom backdoors on end-of-life Juniper Networks Junos OS routers.
The post Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers appeared first on SecurityWeek.
SecurityWeek – Read More
Chinese Cyber Espionage Group UNC3886 Backdoored Juniper Routers
/in General NewsUNC3886 hackers target Juniper routers with custom backdoor malware, exploiting outdated systems for stealthy access and espionage. Learn how to stay protected.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
The Violent Rise of ‘No Lives Matter’
/in General News“No Lives Matter” has emerged in recent months as a particularly violent splinter group within the extremist crime network known as Com and 764, and experts are at a loss for how to stop its spread.
Security Latest – Read More
‘Ballista’ Botnet Exploits 2023 Vulnerability in TP-Link Routers
/in General NewsIn the past, the vulnerability was exploited to drop Mirai botnet malware. Today, it’s being used once more for another botnet campaign with its own malware.
darkreading – Read More
Garantex administrator arrested in India under extradition law
/in General NewsGarantex co-founder Aleksej Besciokov was arrested in India’s Kerala on Tuesday under the country’s extradition law.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More