BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Cloudflare’s VPN app among half-dozen pulled from Indian app stores
/in General NewsMore than half-a-dozen VPN apps, including Cloudflare’s widely-used 1.1.1.1, have been pulled from India’s Apple App Store and Google Play Store following intervention from government authorities, TechCrunch has learned. The Indian Ministry of Home Affairs issued removal orders for the apps, according to a document reviewed by TechCrunch and a disclosure made by Google to […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Apple to Pay $95 Million to Settle Lawsuit Accusing Siri of Snoopy Eavesdropping
/in General NewsApple isn’t acknowledging any wrongdoing in the settlement, which must be approved by a Judge and represents a sliver of the $705 billion in profits that Apple has pocketed since September 2014.
The post Apple to Pay $95 Million to Settle Lawsuit Accusing Siri of Snoopy Eavesdropping appeared first on SecurityWeek.
SecurityWeek – Read More
Unpatched Active Directory Flaw Can Crash Any Microsoft Server
/in General NewsWindows servers are vulnerable to a dangerous LDAP vulnerability that could be used to crash multiple servers at once and should be patched immediately.
darkreading – Read More
ZDNET joins CNET Group to award the Best of CES, and you can submit your entry now
/in General NewsOur experts will sift through the thousands of CES exhibitors to find the best tech and bring it to you.
Latest stories for ZDNET in Security – Read More
CDAO Sponsors Crowdsourced AI Assurance Pilot in the Context of Military Medicine
/in General NewsPost Content
darkreading – Read More
Apple settles Siri lawsuit for $95 million – here’s how much you could get
/in General NewsThe class action privacy suit contends that Siri recorded and shared Apple users’ conversations. Apple isn’t the only tech giant in the crosshairs of such legal action.
Latest stories for ZDNET in Security – Read More
US Soldier Arrested in Verizon, AT&T Hacks
/in General NewsWagenius posted about hacking more than 15 telecom providers on the Telegram messaging service.
darkreading – Read More
VicOne and Zero Day Initiative (ZDI) to Lead Pwn2Own Automotive
/in General NewsPost Content
darkreading – Read More
Hackers target dozens of VPN and AI extensions for Google Chrome to compromise data
/in General NewsAs of Wednesday, a total of 36 Chrome extensions injected with data-stealing code have been detected, mostly related to artificial intelligence tools and virtual private networks.
The Record from Recorded Future News – Read More
China-Linked Cyber Threat Group Hacks US Treasury Department
/in General NewsThreat actors entered Treasury Department systems through BeyondTrust. The breach may be related to the Salt Typhoon attacks reported throughout the year.
Security | TechRepublic – Read More