BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
US sanctions Chinese cyber firm linked to Flax Typhoon hacks
/in General NewsU.S. officials say the sanctioned Chinese firm provided botnet infrastructure for the China-backed hacking group Flax Typhoon
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Californians Say X Blocked Them From Viewing Amber Alert About Missing 14-Year-Old
/in General NewsMany people reported they hit a screen preventing them from seeing the alert unless they signed in.
Security Latest – Read More
The Psychology of Phishing: Why Smart People Fall for Scams
/in General NewsDo you know that feeling of dread when you realize you’ve clicked on a suspicious link? I know it perfectly. It has happened to me several times in the last year! The positive aspect of it is that it happened in a secluded environment, with periodically phishing training by our company’s internal cybersecurity experts. While negative aspect of it is the fact that it actually happened. Not once.
Source
TechSplicer – Read More
Online gift card store exposed hundreds of thousands of people’s identity documents
/in General NewsThe gift card store secured the public cloud storage server containing customer ID documents, which was not protected with a password.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Why Small Businesses Can’t Rely Solely on AI to Combat Threats
/in General NewsThe growing complexity of cyber threats, paired with limited resources, makes it essential for companies to adopt a more comprehensive approach that combines human vigilance with AI’s capabilities.
darkreading – Read More
Chrome Extension Compromises Highlight Software Supply Challenges
/in General NewsThe Christmas Eve compromise of data-security firm Cyberhaven’s Chrome extension spotlights the challenges in shoring up third-party software supply chains.
darkreading – Read More
This Trusted App Helps Sluggish PCs Work Faster
/in General NewsCCleaner speeds up sluggish PCs by clearing junk files, fixing registry issues, and optimizing performance.
Security | TechRepublic – Read More
Atos, contractor for French military and intelligence agencies, dismisses ransomware attack claims
/in General NewsAtos, the company that secures communications for France’s military and intelligence services, says a ransomware group’s claims are “unfounded.”
The Record from Recorded Future News – Read More
In Other News: Volkswagen Data Leak, DoubleClickjacking, China Denies Hacking US Treasury
/in General NewsNoteworthy stories that might have slipped under the radar: location data of 800,000 electric Volkswagen cars leaked, DoubleClickjacking attack, China denies hacking US Treasury.
The post In Other News: Volkswagen Data Leak, DoubleClickjacking, China Denies Hacking US Treasury appeared first on SecurityWeek.
SecurityWeek – Read More
Exploit Code Published for Potentially Dangerous Windows LDAP Vulnerability
/in General NewsProof-of-concept (PoC) code was published for CVE-2024-49113, a denial-of-service (DoS) vulnerability in Windows LDAP.
The post Exploit Code Published for Potentially Dangerous Windows LDAP Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More