BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Meet three incoming EU lawmakers in charge of key tech policy areas
/in General NewsThe European Union looks to have clinched political agreement on the team of 26 commissioners who will be implementing President Ursula von der Leyen’s policy plan for the next five years. A final vote is still pending next week, but on Thursday, Politico’s Brussels Playbook newsletter reported a deal in the European Parliament on the […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn
/in General NewsThe North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period.
These findings come from Microsoft, which said that multiple threat activity clusters with ties to the country have been observed creating fake profiles on LinkedIn, posing as both
The Hacker News – Read More
Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites
/in General NewsGovernment agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077.
The adversary, believed to be active since at least January 2024, has also conducted cyber attacks against the Defense Industrial Base (DIB), aviation, telecommunications, and financial and legal services across the world, Microsoft said.
The Hacker News – Read More
Andrew Tate’s ‘Educational Platform’ Was Hacked
/in General NewsPlus: The worst telecom hack in US history rolls on, iPhones are harder to break into, and more of the week’s top security news.
Security Latest – Read More
RSA Conference to invest $5 million in sandbox contest finalists
/in General NewsThe owner of the RSA Conference announced it’s investing $50 million in finalists for the Innovation Sandbox (ISB) contest, which has helped dozens of cybersecurity companies get off the ground.
The Record from Recorded Future News – Read More
Faux ChatGPT, Claude API Packages Deliver JarkaStealer
/in General NewsAttackers are betting that the hype around generative AI (GenAI) is attracting less technical, less cautious developers who might be more inclined to download an open source Python code package for free access, without vetting it or thinking twice.
darkreading – Read More
The US Is Calling Out Foreign Influence Campaigns Faster Than Ever
/in General NewsThe 2024 elections were a high-water mark for naming and shaming threat actors from foreign governments. There’s still work to be done, though, on how to attribute disinformation campaigns most effectively.
Security Latest – Read More
This new wireless carrier promises ultra-secure mobile phone service
/in General NewsThis mobile provider service was available only to government users but has since expanded. If you fall into these categories, you may be eligible today, but the service will expand to the general public soon, too.
Latest stories for ZDNET in Security – Read More
Yakuza Victim Data Leaked in Japanese Agency Attack
/in General NewsA local government resource for helping Japanese citizens cut ties with organized crime was successfully phished in a tech support scam, and could have dangerous consequences.
darkreading – Read More
Operation Lunar Peek: More Than 2,000 Palo Alto Network Firewalls Hacked
/in General NewsThe Shadowserver Foundation reports over 2,000 Palo Alto Networks firewalls have been hacked via two zero-day vulnerabilities: CVE-2024-0012…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More