BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
- Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
Idaho Man Gets 10 Years for Hacking, Cyber Extortion
/in General NewsIn addition to his prison sentence, he will have to pay more than $1 million in restitution to his victims.
darkreading – Read More
These 8 Apps on Google Play Store Contain Android/FakeApp Trojan
/in General NewsEight Android apps on the Google Play Store, downloaded by millions, contain the Android.FakeApp trojan, stealing user data…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Malware being delivered by mail, warns Swiss cyber agency
/in General NewsThe postal letters, dated to 12 November, claim to be offering people in the country a new weather app developed by the country’s meteorological agency, however they contain a QR code redirecting people to a malicious application developed by fraudsters.
The Record from Recorded Future News – Read More
The 10 most popular passwords of 2024 are also the worst: 5 easy ways to do better
/in General NewsPeople are still opting for easy-to-guess passwords, says NordPass. Here’s how to better protect your accounts and why you should.
Latest stories for ZDNET in Security – Read More
Building complex gen AI models? This data platform wants to be your one-stop shop
/in General NewsExclusive: Encord puts multimodal AI data – including audio – all in one platform.
Latest stories for ZDNET in Security – Read More
Iranian Hackers Target Aerospace Industry in ‘Dream Job’ Campaign
/in General NewsIran-linked Charming Kitten hackers have been running a ‘dream job’ campaign targeting the aerospace industry with the SnailResin malware.
The post Iranian Hackers Target Aerospace Industry in ‘Dream Job’ Campaign appeared first on SecurityWeek.
SecurityWeek – Read More
The Vendor’s Role in Combating Alert Fatigue
/in General NewsAs alerts pile up, the complexity can overwhelm security professionals, allowing real threats to be missed. This is where vendors must step up.
darkreading – Read More
Hungary confirms hack of defense procurement agency
/in General NewsHungarian officials said the network of the NATO ally’s defense procurement agency had been hacked. A ransomware gang had claimed earlier that it stole data from the agency.
The Record from Recorded Future News – Read More
Anthropic’s new AI tools promise to simplify prompt writing and boost accuracy by 30%
/in General NewsAnthropic introduces new AI tools, including a prompt improver and example management, designed to automate prompt engineering, boost accuracy by 30%, and enhance enterprise AI development.Read More
Security News | VentureBeat – Read More
Securing the AI frontier: Protecting enterprise systems against AI-driven threats
/in General NewsIt’s the weaponized AI attacks targeting identities, unseen and often the most costly to recover from that most threaten enterprises.Read More
Security News | VentureBeat – Read More