BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others
/in General NewsDecember marked a quiet month with 70 vulnerabilities patched, plus updates from outside of Microsoft.
Security | TechRepublic – Read More
Apple Pushes Major iOS, macOS Security Updates
/in General NewsCupertino ships iOS 18.2 and macOS Sequoia 15.2 patches to fix data leakage, sandbox escapes and code exection vulnerabilities.
The post Apple Pushes Major iOS, macOS Security Updates appeared first on SecurityWeek.
SecurityWeek – Read More
Krispy Kreme Cyber Attack Disrupted Online Ordering in the US
/in General NewsSUMMARY Popular doughnut chain Krispy Kreme has become the latest victim of a cyber attack. The incident, which…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
No Doughnuts Today? Cyberattack Puts Krispy Kreme in a Sticky Situation
/in General NewsThe doughnut and coffeehouse chain confirmed a cyberattack took out parts of its online ordering system in parts of the United States.
The post No Doughnuts Today? Cyberattack Puts Krispy Kreme in a Sticky Situation appeared first on SecurityWeek.
SecurityWeek – Read More
US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack
/in General NewsChinese cybersecurity firm Sichuan Silence has been sanctioned for exploiting a vulnerability in Sophos firewalls used at critical infrastructure organizations in the U.S.
Security | TechRepublic – Read More
Krispy Kreme discloses cyberattack that is disrupting online orders
/in General NewsDoughnut multinational Krispy Kreme disclosed a cyberattack that disrupted certain operations, including online ordering in the United States.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Russian government spies targeted Ukraine using tools developed by cybercriminals
/in General NewsResearchers say a hacking group linked to the FSB used tools developed by a cybercrime group to target Ukraine’s Army and Border Guard.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Russia claims to bust global scam network linked to Georgian ex-defense minister
/in General NewsKnown as Milton Group, the network allegedly operated call centers that defrauded over 100,000 people, including those from the European Union, the U.K., Canada, Brazil, India and Japan.
The Record from Recorded Future News – Read More
BadRAM Attack Uses $10 Equipment to Break AMD Processor Protections
/in General NewsAcademic researchers devise BadRAM, a new attack that uses $10 equipment to break AMD’s latest trusted execution environment protections.
The post BadRAM Attack Uses $10 Equipment to Break AMD Processor Protections appeared first on SecurityWeek.
SecurityWeek – Read More
AuthQuake Flaw Allowed MFA Bypass Across Azure, Office 365 Accounts
/in General NewsSUMMARY Cybersecurity researchers at Oasis Security have identified a vulnerability in Microsoft’s Multi-Factor Authentication (MFA), known as AuthQuake,…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More