BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
- Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities
- Pulsegram - Integrated Keylogger With Telegram
Exploit DB
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
- [local] Microsoft - NTLM Hash Disclosure Spoofing (library-ms)
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
- [local] unzip-stream 0.3.1 - Arbitrary File Write
- [remote] OpenSSH server (sshd) 9.8p1 - Race Condition
- [local] tar-fs 3.0.0 - Arbitrary File Write/Overwrite
Fake IT Workers Funneled Millions to North Korea, DOJ Says
/in General NewsThe Justice Department announced indictments against 14 North Koreans for involvement in a scheme to pose as remote IT workers to violate sanctions and commit wire fraud, money laundering, and identity theft.
The post Fake IT Workers Funneled Millions to North Korea, DOJ Says appeared first on SecurityWeek.
SecurityWeek – Read More
Europol Cracks Down on Holiday DDoS Attacks
/in General NewsIn Operation PowerOFF, global authorities aim to deter individuals from engaging in malicious cyber acts.
darkreading – Read More
Screen Actors Guild Health Plan sued after September data breach exposes healthcare info
/in General NewsSAG-AFTRA Health Plan said investigators traced the breach back to a phishing email that compromised the account. Law enforcement has been notified and the investigation is ongoing.
The Record from Recorded Future News – Read More
Efforts to Secure US Telcos Beset by Salt Typhoon Might Fall Flat
/in General NewsThe rules necessary to secure US communications have already been in place for 30 years, argues Sen. Wyden, the FCC just hasn’t enforced them. It’s unclear if they will help.
darkreading – Read More
Authorities Shut Down 27 DDoS-for-Hire Platforms, Arrest 3 Admins
/in General NewsJust in time for the holidays!
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
The best VPN services for iPad: Expert tested and reviewed
/in General NewsWe tested the best VPNs for Apple iPad tablets, that offer rapid speeds, stable connections, and easy-to-use apps.
Latest stories for ZDNET in Security – Read More
ExpressVPN review: One of the fastest VPNs we’ve tested
/in General NewsExpressVPN is one of our favorite VPN services that excels at handling geo-restrictions and providing speedy, secure server connections – though it is a bit pricey.
Latest stories for ZDNET in Security – Read More
Silent Push Raises $10 Million for Preemptive Threat Intelligence Platform
/in General NewsThreat intel startup Silent Push has raised $10 million in a funding round co-led by Ten Eleven Ventures and Stepstone Group LP.
The post Silent Push Raises $10 Million for Preemptive Threat Intelligence Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Sublime Snags $60M Series B for Email Security Tech
/in General NewsSublime said the new capital was provided by IVP, Citi Ventures, Index Ventures, Decibel Partners, and Slow Ventures and brings the total raised to $93.8 million.
The post Sublime Snags $60M Series B for Email Security Tech appeared first on SecurityWeek.
SecurityWeek – Read More
Fortinet Acquires Perception Point Reportedly for $100 Million
/in General NewsFortinet has acquired Israeli collaboration and email security company Perception Point to expand its offering.
The post Fortinet Acquires Perception Point Reportedly for $100 Million appeared first on SecurityWeek.
SecurityWeek – Read More