BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Starbucks Shifts to Manual Processes After Contractor Ransomware Attack
/in General NewsRansomware attack cripples Starbucks operations, forcing the coffee giant to rely on manual processes for employee scheduling and…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
British hospital group declares ‘major incident’ following cyberattack
/in General NewsSeveral hospitals in northwest England are struggling to care for patients after an unspecified cybersecurity incident.
The Record from Recorded Future News – Read More
Tips and Tools for Social Media Safety
/in General NewsProtect your social media presence with tools like privacy checkups, monitoring services, and digital footprint scanners. Stay secure by avoiding oversharing, limiting third-party app permissions, and using strong passwords.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
New York Fines Geico and Travelers $11 Million Over Data Breaches
/in General NewsNew York has announced $11 million settlements with Geico and Travelers over data breaches affecting 120,000 people.
The post New York Fines Geico and Travelers $11 Million Over Data Breaches appeared first on SecurityWeek.
SecurityWeek – Read More
Emergency Vehicle Lights Can Screw Up a Car’s Automated Driving System
/in General NewsNewly published research finds that the flashing lights on police cruisers and ambulances can cause “digital epileptic seizures” in image-based automated driving systems, potentially risking wrecks.
Security Latest – Read More
Critical Vulnerabilities Found in Anti-Spam Plugin Used by 200,000 WordPress Sites
/in General NewsTwo vulnerabilities in the Anti-Spam by CleanTalk WordPress plugin allowed attackers to execute arbitrary code remotely.
The post Critical Vulnerabilities Found in Anti-Spam Plugin Used by 200,000 WordPress Sites appeared first on SecurityWeek.
SecurityWeek – Read More
Starbucks, Grocery Stores Hit by Blue Yonder Ransomware Attack
/in General NewsSupply chain management software provider Blue Yonder has been targeted in a ransomware attack that caused significant disruptions for some customers.
The post Starbucks, Grocery Stores Hit by Blue Yonder Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
CISA Urges Agencies to Patch Critical “Array Networks” Flaw Amid Active Attacks
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild.
The vulnerability, tracked as CVE-2023-28461 (CVSS score: 9.8), concerns a case of missing authentication that
The Hacker News – Read More
Retailers struggle after ransomware attack on supply chain tech provider Blue Yonder
/in General NewsThe company’s customers range from supermarket chains like Morrisons to consumer goods firms like Amway, Anheuser-Busch, Dole and Gap. Other customers include Microsoft, Ford, Lenovo, Mitsubishi and Nestle.
The Record from Recorded Future News – Read More
Ransomware Attack on Blue Yonder Hits Starbucks, Supermarkets
/in General NewsThe incident is typical of the heightened threats organizations face during the holidays, when most companies reduce their security operations staff by around 50%.
darkreading – Read More