BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
- Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
Cybercrime Gangs Abscond With Thousands of AWS Credentials
/in General NewsThe Nemesis and ShinyHunters attackers scanned millions of IP addresses to find exploitable cloud-based flaws, though their operation ironically was discovered due to a cloud misconfiguration of their own doing.
darkreading – Read More
US Senator announces new bill to secure telecom companies in wake of Chinese hacks
/in General NewsU.S. Democratic Senator Ron Wyden announced a new draft bill with the goal of securing American telephone networks and Americans’ communications in response to the massive hack of telecom providers allegedly done by Chinese government hackers. In a press release on Tuesday, Wyden announced the Secure American Communications Act. The bill would order the Federal […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Cleo File Transfer Tool Vulnerability Exploited in Wild Against Enterprises
/in General NewsCVE-2024-50623, an improperly patched vulnerability affecting Cleo file transfer tools, has been exploited in the wild.
The post Cleo File Transfer Tool Vulnerability Exploited in Wild Against Enterprises appeared first on SecurityWeek.
SecurityWeek – Read More
Lessons From the Largest Software Supply Chain Incidents
/in General NewsThe software supply chain is a growing target, and organizations need to take special care to safeguard it.
darkreading – Read More
Hackers Target Job Seekers with AppLite Trojan Using Fake Job Emails
/in General NewsSUMMARY AppLite banking trojan is a newly discovered stealthy mobile malware threat targeting mobile devices. Learn about its…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Cybersecurity News Round-Up 2024: 10 Biggest Stories That Dominated the Year
/in General NewsTechRepublic looks back at the biggest cybersecurity stories of 2024, from record data breaches to rising ransomware threats and CISO burnout.
Security | TechRepublic – Read More
Cohesity completes its merger with Veritas; here’s how they’ll integrate
/in General NewsData protection startup Cohesity completed its merger with Veritas’ enterprise data protection business, creating one entity with 12,000 customers that is valued at $7 billion. The deal was originally announced in February 2024. Cohesity valued Carlyle-owned Veritas’ data protection business at $3 billion at the time, according to CRN reporting. Cohesity declined to comment on […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
EU Cyber Resilience Act: What You Need to Know
/in General NewsManufacturers, importers, and distributors of products with digital components operating in the E.U. must comply.
Security | TechRepublic – Read More
How Red Teaming Helps Meet DORA Requirements
/in General NewsThe Digital Operational Resilience Act (DORA) sets strict EU rules for financial institutions and IT providers, emphasizing strong…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Astrix Security Banks $45M Series B to Secure Non-Human Identities
/in General NewsTel Aviv company building software to secure non-human identities banks a $45 million funding round led by Menlo Ventures.
The post Astrix Security Banks $45M Series B to Secure Non-Human Identities appeared first on SecurityWeek.
SecurityWeek – Read More