BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TightVNC 2.8.83 - Control Pipe Manipulation
- [remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)
- [webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection
- [local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
China Protests US Sanctions for Its Alleged Role in Hacking, Complains of Foreign Hacker Attacks
/in General NewsChina has slammed a decision by the US Treasury to sanction a Beijing-based cybersecurity company for its alleged role in multiple hacking incidents targeting critical infrastructure.
The post China Protests US Sanctions for Its Alleged Role in Hacking, Complains of Foreign Hacker Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
5 browser extension rules to keep your system safe in 2025
/in General NewsIf you use browser extensions, you should be careful about which ones you install and use. Here’s how you can do that.
Latest stories for ZDNET in Security – Read More
Moxa Alerts Users to High-Severity Vulnerabilities in Cellular and Secure Routers
/in General NewsTaiwan-based Moxa has warned of two security vulnerabilities impacting its cellular routers, secure routers, and network security appliances that could allow privilege escalation and command execution.
The list of vulnerabilities is as follows –
CVE-2024-9138 (CVSS 4.0 score: 8.6) – A hard-coded credentials vulnerability that could allow an authenticated user to escalate privileges and gain
The Hacker News – Read More
U.S. Sanctions Chinese Cybersecurity Firm Over Cyberattacks
/in General NewsUS sanctions Beijing-based Integrity Technology Group for aiding “Flax Typhoon” hackers in cyberattacks on American infrastructure, freezing assets…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
In Appreciation: Amit Yoran, Tenable CEO, Passes Away
/in General NewsCybersecurity industry visionary and renowned executive Amit Yoran has passed away after an almost one-year battle with cancer.
darkreading – Read More
China’s Salt Typhoon Adds Charter, Windstream to Telecom Victim List
/in General NewsThese latest attacks follow a long string of cyberattacks and breaches targeting US and global telecom and ISP companies.
darkreading – Read More
Washington sues T-Mobile over 2021 data breach that spilled 79 million customer records
/in General NewsThe 2021 breach affected at least 2 million Washington state residents, and tens of millions more customers around the United States.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
New PhishWP Plugin on Russian Forum Turns Sites into Phishing Pages
/in General NewsSlashNext has discovered a malicious WordPress plugin, PhishWP, which creates convincing fake payment pages to steal your credit card information, 3DS codes, and personal data.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
School districts in Maine, Tennessee respond to holiday cyberattacks
/in General NewsOfficials from South Portland Public Schools in Maine and Rutherford County Schools in Tennessee said they were investigating intrusions by malicious hackers.
The Record from Recorded Future News – Read More
Pig butchering victim sues banks for allowing scammers to open accounts
/in General NewsA California plaintiff says three banks were of no help after he realized he transferred hundreds of thousands of dollars to accounts held by scammers.
The Record from Recorded Future News – Read More