BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Social Warfare WordPress Plugin 3.5.2 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
- [remote] Microsoft Excel 2024 Use after free - Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [local] Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)
- [remote] FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse
SEO Poisoning: How Cybercriminals Are Turning Search Engines into Traps
/in General NewsStay protected from SEO poisoning, a cyber threat exploiting search engine rankings to spread malware and phishing scams.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
WhatsApp Wins Lawsuit Against Israeli Spyware Maker NSO Group
/in General NewsA US court ruled against NSO Group, an Israeli spyware maker, finding them liable for hacking WhatsApp users. The ruling has major implications for the surveillance technology industry.”
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now
/in General NewsThe Apache Software Foundation (ASF) has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute arbitrary Structured Query Language (SQL) commands in the database.
The SQL injection vulnerability, tracked as CVE-2024-45387, is rated 9.9 out of 10.0 on the CVSS scoring system.
“An SQL injection
The Hacker News – Read More
Ruijie Networks’ Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks
/in General NewsCybersecurity researchers have discovered several security flaws in the cloud management platform developed by Ruijie Networks that could permit an attacker to take control of the network appliances.
“These vulnerabilities affect both the Reyee platform, as well as Reyee OS network devices,” Claroty researchers Noam Moshe and Tomer Goldschmidt said in a recent analysis. “The vulnerabilities, if
The Hacker News – Read More
The Fintech Wild West: Why Preventive Cybersecurity Is Essential for Survival
/in General NewsFintech thrives on innovation, but cybersecurity requires a proactive approach. AI, predictive intelligence, and tailored strategies safeguard against…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Home for the holidays? Share this top cybersecurity advice with friends and family
/in General NewsSharing security advice can go a long way in protecting your loved ones from the most common and damaging online threats.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Iran’s Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware
/in General NewsThe Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware called BellaCiao.
Russian cybersecurity company Kaspersky, which dubbed the new version BellaCPP, said it discovered the artifact as part of a “recent” investigation into a compromised machine in Asia that was also infected with the BellaCiao malware.
BellaCiao was first
The Hacker News – Read More
You Need to Create a Secret Password With Your Family
/in General NewsAI voice cloning and deepfakes are supercharging scams. One method to protect your loved ones and yourself is to create secret code words to verify someone’s identity in real time.
Security Latest – Read More
Postman Workspaces Leak 30000 API Keys and Sensitive Tokens
/in General NewsThousands of Postman workspaces leaked sensitive data like API keys and tokens. Learn best practices to secure your API development environment and protect your organization
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Python Malware in Zebo-0.1.0 and Cometlogger-0.1 Found Stealing User Data
/in General NewsFortinet discovers two malicious Python packages, Zebo-0.1.0 and Cometlogger-0.1, designed to steal data, capture keystrokes, and gain system control. Learn about their malicious behavior and how to protect yourself
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More