BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
US sanctions prominent Chinese cyber company for role in Flax Typhoon attacks
/in General NewsThe Treasury Department said Integrity Technology provided Flax Typhoon actors with infrastructure between the summer of 2022 and fall of 2023 — with the state-backed groups sharing and receiving information from the company.
The Record from Recorded Future News – Read More
A New Dawn for Storytelling: The Intersection of AI and Cinema
/in General NewsDiscover how AI (Artificial Intelligence) transforms storytelling in filmmaking with scriptwriting, casting, editing, and immersive viewer experiences. The…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Apple Offers $95M to Settle Siri Privacy Lawsuit
/in General NewsThe proposed settlement would amount to roughly $20 per Apple product that has Siri enabled, for each plaintiff.
darkreading – Read More
US sanctions Chinese cyber firm linked to Flax Typhoon hacks
/in General NewsU.S. officials say the sanctioned Chinese firm provided botnet infrastructure for the China-backed hacking group Flax Typhoon
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Californians Say X Blocked Them From Viewing Amber Alert About Missing 14-Year-Old
/in General NewsMany people reported they hit a screen preventing them from seeing the alert unless they signed in.
Security Latest – Read More
The Psychology of Phishing: Why Smart People Fall for Scams
/in General NewsDo you know that feeling of dread when you realize you’ve clicked on a suspicious link? I know it perfectly. It has happened to me several times in the last year! The positive aspect of it is that it happened in a secluded environment, with periodically phishing training by our company’s internal cybersecurity experts. While negative aspect of it is the fact that it actually happened. Not once.
Source
TechSplicer – Read More
Online gift card store exposed hundreds of thousands of people’s identity documents
/in General NewsThe gift card store secured the public cloud storage server containing customer ID documents, which was not protected with a password.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Why Small Businesses Can’t Rely Solely on AI to Combat Threats
/in General NewsThe growing complexity of cyber threats, paired with limited resources, makes it essential for companies to adopt a more comprehensive approach that combines human vigilance with AI’s capabilities.
darkreading – Read More
Chrome Extension Compromises Highlight Software Supply Challenges
/in General NewsThe Christmas Eve compromise of data-security firm Cyberhaven’s Chrome extension spotlights the challenges in shoring up third-party software supply chains.
darkreading – Read More
This Trusted App Helps Sluggish PCs Work Faster
/in General NewsCCleaner speeds up sluggish PCs by clearing junk files, fixing registry issues, and optimizing performance.
Security | TechRepublic – Read More