BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover
- [remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)
- [remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
- [local] Sudo chroot 1.9.17 - Local Privilege Escalation
- [local] Sudo 1.9.17 Host Option - Elevation of Privilege
- [local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
- [webapps] Discourse 3.2.x - Anonymous Cache Poisoning
- [remote] Microsoft Outlook - Remote Code Execution (RCE)
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
Alleged Ryuk ransomware gang member arrested in Ukraine and extradited to US
/in General NewsA 33-year-old man arrested in Ukraine will face charges in the U.S. of working for the Ryuk cybercrime operation, known for high-profile targets and large ransom demands.
The Record from Recorded Future News – Read More
Security Evolution: From Pothole Repair to Road Building
/in General NewsInstead of constantly fixing security vulnerabilities, organizations should proactively build secure foundations that enable businesses to move faster while reducing risk.
darkreading – Read More
Paragon Commercial Spyware Infects Prominent Journalists
/in General NewsAn unnamed customer of Paragon’s Graphite product used the commercial spyware to target at least two prominent European journalists in recent months.
darkreading – Read More
New Campaigns Distribute Malware via Open Source Hacking Tools
/in General NewsTrend Micro and ReversingLabs uncovered over 100 GitHub accounts distributing malware embedded in open source hacking tools.
The post New Campaigns Distribute Malware via Open Source Hacking Tools appeared first on SecurityWeek.
SecurityWeek – Read More
N. Korean Hackers Use PylangGhost Malware in Fake Crypto Job Scam
/in General NewsNorth Korean hackers deploy PylangGhost malware through fake crypto job interviews targeting blockchain professionals with phishing and remote access tools.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Encryption Backdoors: The Security Practitioners’ View
/in General NewsAfter decades of failed attempts to access encrypted communications, governments are shifting from persuasion to coercion—security experts say the risks are too high.
The post Encryption Backdoors: The Security Practitioners’ View appeared first on SecurityWeek.
SecurityWeek – Read More
Krispy Kreme Confirms Data Breach After Ransomware Attack
/in General NewsKrispy Kreme is sending notifications to thousands of people impacted by the data breach that came to light at the end of 2024.
The post Krispy Kreme Confirms Data Breach After Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Chain IQ, UBS Data Stolen in Ransomware Attack
/in General NewsA ransomware group has claimed the theft of millions of files from procurement service provider Chain IQ and 19 other companies.
The post Chain IQ, UBS Data Stolen in Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Choosing a Clear Direction in the Face of Growing Cybersecurity Demands
/in General NewsIn a rapidly changing AI environment, CISOs are worried about investing in the wrong solution or simply not investing because they can’t decide what the best option is.
The post Choosing a Clear Direction in the Face of Growing Cybersecurity Demands appeared first on SecurityWeek.
SecurityWeek – Read More
High-Severity Vulnerabilities Patched by Cisco, Atlassian
/in General NewsCisco has resolved a high-severity vulnerability in Meraki MX and Meraki Z devices. Atlassian pushed patches for multiple third-party dependencies.
The post High-Severity Vulnerabilities Patched by Cisco, Atlassian appeared first on SecurityWeek.
SecurityWeek – Read More