BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
What Talent Gap? Hiring Practices Are the Real Problem
/in General NewsWhile the need for cybersecurity talent still exists, the budget may not. Here’s how to maximize security staff despite hiring freezes.
darkreading – Read More
You can finally test Microsoft’s controversial Recall feature – here’s how
/in General NewsWhat was supposed to be a signature feature of the AI-powered Copilot+ PCs for Windows 11 was delayed after a firestorm of privacy and security complaints. But It’s ready for testing now, if you have the right hardware.
Latest stories for ZDNET in Security – Read More
Leaky Cybersecurity Holes Put Water Systems at Risk
/in General NewsAt least 97 major water systems in the US have serious cybersecurity vulnerabilities and compliance issues, raising concerns that cyberattacks could disrupt businesses, industry, and the lives of millions of citizens.
darkreading – Read More
Cyberattack Disrupts Systems of Gambling Giant IGT
/in General NewsGambling giant IGT says it has taken certain systems offline in response to a cyberattack discovered over the weekend.
The post Cyberattack Disrupts Systems of Gambling Giant IGT appeared first on SecurityWeek.
SecurityWeek – Read More
US and Europe Account for 73% of Global Exposed ICS Systems
/in General News73% of globally exposed ICS systems are in the US and Europe, with the US leading at 38%.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
China’s Cyber Offensives Built in Lockstep With Private Firms, Academia
/in General NewsThe scale of Beijing’s systematic tapping of private industry and universities to build up its formidable hacking and cyber-warfare capabilities is larger than previously understood.
darkreading – Read More
In Other News: Nvidia Fixes Critical Flaw, Chinese Linux Backdoor, New Details in WhatsApp-NSO Lawsuit
/in General NewsNoteworthy stories that might have slipped under the radar: Nvidia fixes vulnerability with rare ‘critical’ severity, Chinese APT’s first Linux backdoor, new details emerge from the WhatsApp-NSO lawsuit.
The post In Other News: Nvidia Fixes Critical Flaw, Chinese Linux Backdoor, New Details in WhatsApp-NSO Lawsuit appeared first on SecurityWeek.
SecurityWeek – Read More
I deleted my personal info from the internet with this service (and it’s on sale for Black Friday)
/in General NewsDeleteMe helps remove your address, phone number, and other personal information from online platforms to protect you from identity theft, robocalls, and data breaches — and it’s 25% off for Black Friday.
Latest stories for ZDNET in Security – Read More
US Takes Down Stolen Credit Card Marketplace PopeyeTools
/in General NewsThe US government has announced the seizure of stolen credit card marketplace PopeyeTools and charges against its administrators.
The post US Takes Down Stolen Credit Card Marketplace PopeyeTools appeared first on SecurityWeek.
SecurityWeek – Read More
Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack
/in General NewsIn a first, Russia’s APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street.
Security Latest – Read More