BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI
- [remote] PCMan FTP Server 2.0.7 - Buffer Overflow
- [webapps] Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation
- [local] Parrot and DJI variants Drone OSes - Kernel Panic Exploit
- [remote] Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)
- [remote] AirKeyboard iOS App 1.0.5 - Remote Input Injection
- [webapps] PHP CGI Module 8.3.4 - Remote Code Execution (RCE)
- [remote] WebDAV Windows 10 - Remote Code Execution (RCE)
- [local] Microsoft Excel Use After Free - Local Code Execution
- [remote] Windows File Explorer Windows 10 Pro x64 - TAR Extraction
Michael Trites Joins Aembit as Senior Vice President of Global Sales
/in General NewsSilver Spring, Maryland, 5th February 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Ransomware payments drop for first time in years following law enforcement disruptions
/in General NewsResearchers at Chainalysis report that ransomware payments dropped in 2024, down approximately 35% from $1.25 billion to $812.55 million. Global law enforcement actions may have helped.
The Record from Recorded Future News – Read More
Riot Raises $30 Million for Employee Cybersecurity Solution
/in General NewsRiot has raised $30 million in Series B funding for a platform that helps employees improve their cybersecurity posture.
The post Riot Raises $30 Million for Employee Cybersecurity Solution appeared first on SecurityWeek.
SecurityWeek – Read More
Despite Catastrophic Hacks, Ransomware Payments Dropped Dramatically Last Year
/in General NewsRansomware gangs continued to wreak havoc in 2024, but new research shows that the amounts victims paid these cybercriminals fell by hundreds of millions of dollars.
Security Latest – Read More
Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine
/in General NewsRussian threat groups have been observed exploiting a zero-day vulnerability in 7-Zip against Ukrainian entities.
The post Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine appeared first on SecurityWeek.
SecurityWeek – Read More
Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities
/in General NewsChrome 133 and Firefox 135 were released with patches for multiple high-severity memory safety vulnerabilities.
The post Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers Using Fake Microsoft ADFS Login Pages to Steal Credentials
/in General NewsA global phishing campaign is actively exploiting a legacy Microsoft authentication system to steal user credentials and bypass multi-factor authentication (MFA), targeting over 150 organizations.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers
/in General NewsThe Taiwanese hardware maker says it has no plans patch the flaws impacting legacy router models
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
CISA Issues Exploitation Warning for .NET Vulnerability
/in General NewsCISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog.
The post CISA Issues Exploitation Warning for .NET Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days
/in General NewsMultiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched.
The post Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days appeared first on SecurityWeek.
SecurityWeek – Read More