BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
API Security in Open Banking: Balancing Innovation with Risk Management
/in General NewsAny technological innovation comes with security risks, and open banking is no exception. Open banking relies on APIs…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Sharing your Max password? That’s about to get more difficult
/in General NewsLike other streaming services, Discovery Max will give you the chance to officially add someone to your account.
Latest stories for ZDNET in Security – Read More
Veeam Urges Updates After Discovering Critical Vulnerability
/in General NewsThe vulnerability affects certain versions of the Veeam Service Provider Console that can only be fixed by updating with the latest patch.
darkreading – Read More
Are We on the Brink of Saying Goodbye to Passwords?
/in General NewsExplore the transition from passwords to a passwordless future: enhanced security, convenience, and cutting-edge innovations in biometrics and…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Pegasus Spyware Infections Proliferate Across iOS, Android Devices
/in General NewsThe notorious spyware from Israel’s NSO Group has been found targeting journalists, government officials, and corporate executives in multiple variants discovered in a threat scan of 3,500 mobile phones.
darkreading – Read More
Veeam Warns of Critical Vulnerability in Service Provider Console
/in General NewsVeeam releases patches for two vulnerabilities in Service Provider Console, including a critical-severity remote code execution bug.
The post Veeam Warns of Critical Vulnerability in Service Provider Console appeared first on SecurityWeek.
SecurityWeek – Read More
Germany arrests suspected admin of country’s largest criminal marketplace
/in General NewsGerman federal police said they had seized cars and cryptocurrency in raids that led to the arrest of the alleged technical administrator of Crimenetwork — a marketplace for stolen goods, illicit drugs and other illegal items.
The Record from Recorded Future News – Read More
Russia-Linked Turla Exploits Pakistani Hackers’ Servers to Target Afghan and Indian Entities
/in General NewsThe Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to conduct its own operations since 2022.
The activity, first observed in December 2022, is the latest instance of the nation-state adversary “embedding
The Hacker News – Read More
FBI, CISA urge Americans to use secure messaging apps in wake of massive cyberattack
/in General NewsYour unencrypted RCS messages between iPhones and Android devices can be spied on by foreign attackers. Here’s how to protect yourself.
Latest stories for ZDNET in Security – Read More
Senators say U.S. military is failing to secure its phones from foreign spies
/in General NewsSenators Ron Wyden and Eric Schmitt are demanding the Department of Defense to do more to secure its telecommunications.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More