BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
Phishing Prevention Framework Reduces Incidents by Half
/in General NewsThe anti-fraud plan calls for companies to create a pipeline for compiling attack information, along with formal processes to disseminate that intelligence across business groups.
darkreading – Read More
New York fines Geico, Travelers $11 million for exposed driver’s license numbers
/in General NewsNew York Attorney General Letitia James and New York State Department of Financial Services Superintendent Adrienne Harris hit both companies with penalties for having “poor data security” which allowed the sensitive information to be exposed.
The Record from Recorded Future News – Read More
GLASSBRIDGE: Google Blocks Thousands of Pro-China Fake News Sites
/in General NewsGoogle reveals GLASSBRIDGE: A network of thousands of fake news sites pushing pro-China narratives globally. These sites, run by PR firms, spread disinformation and lack transparency.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
China’s Salt Typhoon hackers target telecom firms in Southeast Asia with new malware
/in General NewsSalt Typhoon has been in the spotlight recently following a China-linked espionage campaign that compromised the networks of multiple U.S. telecom firms including Verizon, AT&T, Lumen Technologies and T-Mobile.
The Record from Recorded Future News – Read More
Cyber Resiliency in the AI Era: Building the Unbreakable Shield
/in General NewsDigital networks are the backbone of global business and communication, making cyber resiliency essential for organizations to thrive.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Tech winners and losers of 2024: For every triumph, a turkey
/in General NewsAI flourished, Arm chips dominated, and open source thrived. Meanwhile, Elon Musk gets credit for two of the biggest losers, and Apple makes it onto both the nice and naughty lists.
Latest stories for ZDNET in Security – Read More
Authorities catch ‘SMS blaster’ gang that drove around Bangkok sending thousands of phishing messages
/in General NewsThai authorities said the crime gang sent around a million malicious SMS text messages to nearby residents over a three-day period in November.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Fancy Bear ‘Nearest Neighbor’ Attack Uses Nearby Wi-Fi Network
/in General NewsIn a “new class of attack,” the Russian APT breached a target in Washington, DC, by credential-stuffing wireless networks in close proximity to it and daisy-chaining a vector together in a resourceful and creative way, according to researchers.
darkreading – Read More
Recent Zyxel Firewall Vulnerability Exploited in Ransomware Attacks
/in General NewsA ransomware group has been observed exploiting a recently patched command injection vulnerability in Zyxel firewalls for initial access.
The post Recent Zyxel Firewall Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
Top 5 Platforms for Identifying Smart Contract Vulnerabilities
/in General NewsHow well do you know your smart contracts’ health? This article highlights the top five platforms that DeFi…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More