BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Campcodes Online Hospital Management System 1.0 - SQL Injection
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
- [remote] Windows File Explorer Windows 11 (23H2) - NTLM Hash Disclosure
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Buffer Overflow
- [webapps] WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass
- [local] Microsoft Windows Server 2016 - Win32k Elevation of Privilege
- [remote] Windows 2024.15 - Unauthenticated Desktop Screenshot Capture
CISA Urges Agencies to Patch Critical “Array Networks” Flaw Amid Active Attacks
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild.
The vulnerability, tracked as CVE-2023-28461 (CVSS score: 9.8), concerns a case of missing authentication that
The Hacker News – Read More
Retailers struggle after ransomware attack on supply chain tech provider Blue Yonder
/in General NewsThe company’s customers range from supermarket chains like Morrisons to consumer goods firms like Amway, Anheuser-Busch, Dole and Gap. Other customers include Microsoft, Ford, Lenovo, Mitsubishi and Nestle.
The Record from Recorded Future News – Read More
Ransomware Attack on Blue Yonder Hits Starbucks, Supermarkets
/in General NewsThe incident is typical of the heightened threats organizations face during the holidays, when most companies reduce their security operations staff by around 50%.
darkreading – Read More
Phishing Prevention Framework Reduces Incidents by Half
/in General NewsThe anti-fraud plan calls for companies to create a pipeline for compiling attack information, along with formal processes to disseminate that intelligence across business groups.
darkreading – Read More
New York fines Geico, Travelers $11 million for exposed driver’s license numbers
/in General NewsNew York Attorney General Letitia James and New York State Department of Financial Services Superintendent Adrienne Harris hit both companies with penalties for having “poor data security” which allowed the sensitive information to be exposed.
The Record from Recorded Future News – Read More
GLASSBRIDGE: Google Blocks Thousands of Pro-China Fake News Sites
/in General NewsGoogle reveals GLASSBRIDGE: A network of thousands of fake news sites pushing pro-China narratives globally. These sites, run by PR firms, spread disinformation and lack transparency.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
China’s Salt Typhoon hackers target telecom firms in Southeast Asia with new malware
/in General NewsSalt Typhoon has been in the spotlight recently following a China-linked espionage campaign that compromised the networks of multiple U.S. telecom firms including Verizon, AT&T, Lumen Technologies and T-Mobile.
The Record from Recorded Future News – Read More
Cyber Resiliency in the AI Era: Building the Unbreakable Shield
/in General NewsDigital networks are the backbone of global business and communication, making cyber resiliency essential for organizations to thrive.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Tech winners and losers of 2024: For every triumph, a turkey
/in General NewsAI flourished, Arm chips dominated, and open source thrived. Meanwhile, Elon Musk gets credit for two of the biggest losers, and Apple makes it onto both the nice and naughty lists.
Latest stories for ZDNET in Security – Read More
Authorities catch ‘SMS blaster’ gang that drove around Bangkok sending thousands of phishing messages
/in General NewsThai authorities said the crime gang sent around a million malicious SMS text messages to nearby residents over a three-day period in November.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More