BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Social Warfare WordPress Plugin 3.5.2 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
- [remote] Microsoft Excel 2024 Use after free - Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [local] Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)
- [remote] FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse
FICORA, CAPSAICIN Botnets Exploit Old D-Link Router Flaws for DDoS Attacks
/in General NewsMirai and Keksec botnet variants are exploiting critical vulnerabilities in D-Link routers. Learn about the impact, affected devices, and how to protect yourself from these attacks.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Wiping your Android phone? Here’s the easiest way to erase all personal data
/in General NewsBefore you sell or trash your old Android phone, you should properly delete all sensitive information. Here’s the best (and simplest) way to do it.
Latest stories for ZDNET in Security – Read More
15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials
/in General NewsA high-severity flaw impacting select Four-Faith routers has come under active exploitation in the wild, according to new findings from VulnCheck.
The vulnerability, tracked as CVE-2024-12856 (CVSS score: 7.2), has been described as an operating system (OS) command injection bug affecting router models F3x24 and F3x36.
The severity of the shortcoming is lower due to the fact that it only works
The Hacker News – Read More
North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign
/in General NewsNorth Korean threat actors behind the ongoing Contagious Interview campaign have been observed dropping a new JavaScript malware called OtterCookie.
Contagious Interview (aka DeceptiveDevelopment) refers to a persistent attack campaign that employs social engineering lures, with the hacking crew often posing as recruiters to trick individuals looking for potential job opportunities into
The Hacker News – Read More
Cyberhaven says it was hacked to publish a malicious update to its Chrome extension
/in General NewsThe data-loss startup says it was targeted as part of a “wider campaign to target Chrome extension developers.”
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Deepfakes, Quantum Attacks Loom Over APAC in 2025
/in General NewsOrganizations in the region should expect to see threat actors accelerate their use of AI tools and mount ongoing “harvest now, decrypt later” attacks for various malicious use cases.
darkreading – Read More
Hackers Are Hot for Water Utilities
/in General NewsThe US water sector suffered a stream of cyberattacks over the past year and half, from a mix of cybercriminals, hacktivists, and nation-state hacking teams. Here’s how the industry and ICS/OT security experts are working to better secure vulnerable drinking and wastewater utilities.
darkreading – Read More
Record-breaking ransoms and breaches: A timeline of ransomware in 2024
/in General NewsFrom LoanDepot to Evolve Bank and Blue Yonder, these ransomware attacks affect tens of millions of people.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Defining & Defying Cybersecurity Staff Burnout
/in General NewsSometimes it feels like burnout is an inevitable part of working in cybersecurity. But a little bit of knowledge can help you and your staff stay healthy.
darkreading – Read More
The Paper Passport Is Dying
/in General NewsSmartphones and face recognition are being combined to create new digital travel documents. The paper passport’s days are numbered—despite new privacy risks.
Security Latest – Read More