BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
- Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities
Exploit DB
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] Microsoft - NTLM Hash Disclosure Spoofing (library-ms)
Meet the startup that just won the Pentagon’s first AI defense contract
/in General NewsThe Pentagon awards its first-ever generative AI defense contract worth $1.8M to Jericho Security, targeting deepfake attacks and AI-powered threats against military personnel including drone pilots.Read More
Security News | VentureBeat – Read More
Canadian authorities say they arrested hacker linked to Snowflake data breaches
/in General NewsAlexander Moucka was arrested in October in Canada. Moucka is suspected of being linked to the series of Snowflake data breaches this year.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
VMWare Explore Barcelona 2024: VMWAre Tanzu Platform 10 Enters General Availability
/in General NewsAbout a year after Broadcom’s acquisition of VMWare, the company released VMware Tanzu Data Services to make connections to some third-party data engines easier.
Security | TechRepublic – Read More
How to Win at Cyber by Influencing People
/in General NewsZero trust is a mature approach that will improve your organization’s security.
darkreading – Read More
Canadian Authorities Arrest Suspected Snowflake Hacker
/in General NewsCanadian authorities have arrested Alexander ‘Connor’ Moucka, suspected of hacking multiple Snowflake accounts earlier this year.
The post Canadian Authorities Arrest Suspected Snowflake Hacker appeared first on SecurityWeek.
SecurityWeek – Read More
Oh, the Humanity! How to Make Humans Part of Cybersecurity Design
/in General NewsGovernment and industry want to jump-start the conversation around “human-centric cybersecurity” to boost the usability and effectiveness of security products and services.
darkreading – Read More
Enhance customer experiences with Generative AI
/in General NewsThe advent of Generative AI and its application in real-life use cases has been on the cards for…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
DocuSign Abused to Deliver Fake Invoices
/in General NewsCybercriminals are abusing DocuSign APIs to send bogus email messages that bypass protections such as spam and phishing filters.
The post DocuSign Abused to Deliver Fake Invoices appeared first on SecurityWeek.
SecurityWeek – Read More
New Android Banking Malware ‘ToxicPanda’ Targets Users with Fraudulent Money Transfers
/in General NewsOver 1,500 Android devices have been infected by a new strain of Android banking malware called ToxicPanda that allows threat actors to conduct fraudulent banking transactions.
“ToxicPanda’s main goal is to initiate money transfers from compromised devices via account takeover (ATO) using a well-known technique called on-device fraud (ODF),” Cleafy researchers Michele Roviello, Alessandro Strino
The Hacker News – Read More
Hackers Deploy CRON#TRAP for Persistent Linux System Backdoors
/in General NewsCRON#TRAP is a new phishing attack using emulated Linux environments to bypass security and establish persistent backdoors. Leveraging…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More