BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
LinkedIn Hit With $335M Fine for Data Privacy Violations
/in General NewsThe networking company found liable for illegally gathering user data for targeted advertising by the Irish Data Protection Commission.
darkreading – Read More
Russia’s APT29 Mimics AWS to Steal Windows Credentials
/in General NewsKremlin intelligence carried out a wide-scale phishing campaign in contrast to its usual, more targeted operations.
darkreading – Read More
SEC Fines Companies Millions for Downplaying SolarWinds Breach
/in General NewsFour companies — Avaya, Check Point, Mimecast, and Unisys — have been charged by the SEC for misleading disclosures in the aftermath of the 2020 SolarWinds compromise.
darkreading – Read More
UnitedHealth Reveals 100M Compromised in Change Healthcare Breach
/in General NewsEight months after the breach occurred, Change Healthcare has finally sent out millions of notices of compromised data to affected individuals.
darkreading – Read More
Apple will pay you up to $1 million if you can hack into Apple Intelligence servers
/in General NewsThe company’s bug bounty is designed to test the security of the servers that process Apple Intelligence requests.
Latest stories for ZDNET in Security – Read More
Change Healthcare Cyberattack Exposed Data of Over 100 Million People
/in General NewsNearly one-third of Americans may have been affected by the ransomware attack, which has been attributed to the BlackCat gang.
Security | TechRepublic – Read More
Prominent crypto critic says someone offered bribes to take down a blog post
/in General NewsCrypto critic Molly White received emails from a purported lawyer and someone working for a “reputation management company” offering bribes in exchange for the takedown of a blog post about the arrest of an alleged crypto fraudster.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
RansomHub gang allegedly behind attack on Mexican airport operator
/in General NewsGrupo Aeroportuario del Centro Norte announced last Friday that a cyber incident forced its IT team to turn to backup systems in an effort to continue running the airports it controls across central and northern Mexico.
The Record from Recorded Future News – Read More
Four REvil members sentenced to more than four years in prison
/in General NewsREvil ransomware gang leader Daniil Puzyrevsky received a six-year sentence in a Russian court, while three other members got terms of at least four years.
The Record from Recorded Future News – Read More
Kremlin-linked hackers target Ukraine’s state, military agencies in new espionage campaign
/in General NewsA hacker group associated with a Russian intelligence agency has been targeting Ukrainian state and military services, as well as industrial enterprises, in a new espionage campaign.
The Record from Recorded Future News – Read More