BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
Russian Hackers Exploit Firefox and Windows 0-Days to Deploy Backdoor
/in General NewsWatch out for the Russian hackers from the infamous RomRom group, also known as Storm-0978, Tropical Scorpius, or UNC2596, and their use of a custom backdoor.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
How Learning to Fly Made Me a Better Cybersecurity CEO
/in General NewsThe lessons I’ve learned soaring through the skies have extended far beyond the runway.
darkreading – Read More
Starbucks, Supermarkets Targeted in Ransomware Attack
/in General NewsBlue Yonder, a prominent supply chain software provider, has been targeted in a ransomware attack, leading to disruption at major retail outlets.
Security | TechRepublic – Read More
AmberWolf Launches NachoVPN Tool to Tackle VPN Security Risks
/in General NewsResearchers reveal major vulnerabilities in popular corporate VPN clients, allowing remote attacks. Discover the NachoVPN tool and expert…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Russian Script Kiddie Assembles Massive DDoS Botnet
/in General NewsOver the past year, “Matrix” has used publicly available malware tools and exploit scripts to target weakly secured IoT devices — and enterprise servers.
darkreading – Read More
Microsoft Finally Releases Recall as Part of Windows Insider Preview
/in General NewsThe original version of Recall lacked basic encryption and other data protection measures. The preview version now includes multiple security-focused additions Microsoft had promised to include, such as SecureBoot, BitLocker, and Windows Hello.
darkreading – Read More
Source Code of $3,000-a-Month macOS Malware ‘Banshee Stealer’ Leaked
/in General NewsThe Banshee Stealer macOS malware operation, which emerged earlier this year, was reportedly shut down following a source code leak.
The post Source Code of $3,000-a-Month macOS Malware ‘Banshee Stealer’ Leaked appeared first on SecurityWeek.
SecurityWeek – Read More
Philippine Entrepreneur Combines Blockchain Innovation with Environmental Conservation through Ora Coin Foundation
/in General NewsCebu, Philippines, 27th November 2024, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Bipartisan Legislation Seeks Stronger Healthcare Cybersecurity
/in General NewsUS senators introduce new legislation to protect health data and strengthen the cybersecurity of the country’s healthcare sector.
The post Bipartisan Legislation Seeks Stronger Healthcare Cybersecurity appeared first on SecurityWeek.
SecurityWeek – Read More
Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets
/in General NewsThe Russia-linked RomCom APT has been observed chaining two zero-days in Firefox and Windows for backdoor delivery.
The post Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets appeared first on SecurityWeek.
SecurityWeek – Read More