BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via the Chat Transfer Function
- [webapps] Simple File List WordPress Plugin 4.2.2 - File Upload to RCE
- [webapps] Pie Register WordPress Plugin 3.7.1.4 - Authentication Bypass to RCE
- [webapps] Joomla JS Jobs plugin 1.4.2 - SQL injection
- [remote] Microsoft Edge Windows 10 Version 1511 - Cross Site Scripting (XSS)
- [remote] Tenda FH451 1.0.0.9 Router - Stack-based Buffer Overflow
- [webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Telegram Bot Username
- [webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Operator Surname
- [webapps] Discourse 3.1.1 - Unauthenticated Chat Message Access
- [webapps] LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Department Assignment Alias Nick Field
What is an encryption backdoor?
/in General NewsTalk of backdoors in encrypted services is once again doing the rounds after reports emerged that the U.K. government is seeking to force Apple to open up iCloud’s end-to-end encrypted (E2EE) device backup offering. Officials were said to be leaning on Apple to create a “backdoor” in the service that would allow state actors to […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
The Official DOGE Website Launch Was a Security Mess
/in General NewsPlus: Researchers find RedNote lacks basic security measures, surveillance ramps up around the US-Mexico border, and the UK ordering Apple to create an encryption backdoor comes under fire.
Security Latest – Read More
Android’s New Feature Blocks Fraudsters from Sideloading Apps During Calls
/in General NewsGoogle is working on a new security feature for Android that blocks device owners from changing sensitive settings when a phone call is in progress.
Specifically, the in-call anti-scammer protections include preventing users from turning on settings to install apps from unknown sources and granting accessibility access. The development was first reported by Android Authority.
Users who attempt
The Hacker News – Read More
Top US Election Security Watchdog Forced to Stop Election Security Work
/in General NewsThe US Cybersecurity and Infrastructure Security Agency has frozen efforts to aid states in securing elections, according to an internal memo viewed by WIRED.
Security Latest – Read More
RansomHub: The New King of Ransomware? Targeted 600 Firms in 2024
/in General NewsRansomHub emerges as a major ransomware threat in 2024, targeting 600 organizations after ALPHV and LockBit disruptions. Group-IB…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Police risk losing society’s trust in fight against cybercrime, warns Europol chief
/in General NewsCatherine De Bolle, the chief of Europol, said at the Munich Cyber Security Conference that societies must understand why law enforcement agencies need new powers to fight increasingly sophisticated cybercrime operations.
The Record from Recorded Future News – Read More
SailPoint IPO Signals Bright Spot for Cybersecurity
/in General NewsIn a signal move for the cybersecurity sector, identity and access management (IAM) vendor SailPoint has made its return to public markets.
The post SailPoint IPO Signals Bright Spot for Cybersecurity appeared first on SecurityWeek.
SecurityWeek – Read More
Perplexity just made AI research crazy cheap—what that means for the industry
/in General NewsPerplexity AI launches free Deep Research tool that matches $75,000/month enterprise AI capabilities, forcing OpenAI and Google to justify premium pricing while scoring higher on key benchmarks.Read More
Security News | VentureBeat – Read More
New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution
/in General NewsCybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account.
“If executed at scale, this attack could be used to gain access to thousands of accounts,” Datadog Security Labs researcher Seth Art said in a report
The Hacker News – Read More
N. Korean Hackers Suspected in DEEP#DRIVE Attacks Against S. Korea
/in General NewsA phishing attack dubbed DEEP#DRIVE is targeting South Korean entities, with thousands already affected. North Korean hackers from…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More