BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
Hackers Target Job Seekers with AppLite Trojan Using Fake Job Emails
/in General NewsSUMMARY AppLite banking trojan is a newly discovered stealthy mobile malware threat targeting mobile devices. Learn about its…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Cybersecurity News Round-Up 2024: 10 Biggest Stories That Dominated the Year
/in General NewsTechRepublic looks back at the biggest cybersecurity stories of 2024, from record data breaches to rising ransomware threats and CISO burnout.
Security | TechRepublic – Read More
Cohesity completes its merger with Veritas; here’s how they’ll integrate
/in General NewsData protection startup Cohesity completed its merger with Veritas’ enterprise data protection business, creating one entity with 12,000 customers that is valued at $7 billion. The deal was originally announced in February 2024. Cohesity valued Carlyle-owned Veritas’ data protection business at $3 billion at the time, according to CRN reporting. Cohesity declined to comment on […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
EU Cyber Resilience Act: What You Need to Know
/in General NewsManufacturers, importers, and distributors of products with digital components operating in the E.U. must comply.
Security | TechRepublic – Read More
How Red Teaming Helps Meet DORA Requirements
/in General NewsThe Digital Operational Resilience Act (DORA) sets strict EU rules for financial institutions and IT providers, emphasizing strong…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Astrix Security Banks $45M Series B to Secure Non-Human Identities
/in General NewsTel Aviv company building software to secure non-human identities banks a $45 million funding round led by Menlo Ventures.
The post Astrix Security Banks $45M Series B to Secure Non-Human Identities appeared first on SecurityWeek.
SecurityWeek – Read More
Microsoft Rolls Out Default NTLM Relay Attack Mitigations
/in General NewsMicrosoft has rolled out new default security protections that mitigate NTLM relaying attacks across on-premises Exchange, AD CS, and LDAP services.
The post Microsoft Rolls Out Default NTLM Relay Attack Mitigations appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers are exploiting a flaw in popular file-transfer tools to launch mass hacks, again
/in General NewsThreat actors are exploiting a high-risk bug in Cleo software – and Huntress warns that fully-patched systems are vulnerable
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Sprawling ‘Operation Digital Eye’ Attack Targets European IT Orgs
/in General NewsA Chinese threat actor infiltrated several IT and security companies in a bring-your-own VS code, with an eye to carrying out a supply-chain-based espionage attack.
darkreading – Read More
Ongoing Phishing and Malware Campaigns in December 2024
/in General NewsCyber attackers never stop inventing new ways to compromise their targets. That’s why organizations must stay updated on the latest threats.
Here’s a quick rundown of the current malware and phishing attacks you need to know about to safeguard your infrastructure before they reach you.
Zero-day Attack: Corrupted Malicious Files Evade Detection by Most Security Systems
The analyst
The Hacker News – Read More