BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Cleo File Transfer Tool Vulnerability Exploited in Wild Against Enterprises
/in General NewsCVE-2024-50623, an improperly patched vulnerability affecting Cleo file transfer tools, has been exploited in the wild.
The post Cleo File Transfer Tool Vulnerability Exploited in Wild Against Enterprises appeared first on SecurityWeek.
SecurityWeek – Read More
Lessons From the Largest Software Supply Chain Incidents
/in General NewsThe software supply chain is a growing target, and organizations need to take special care to safeguard it.
darkreading – Read More
Hackers Target Job Seekers with AppLite Trojan Using Fake Job Emails
/in General NewsSUMMARY AppLite banking trojan is a newly discovered stealthy mobile malware threat targeting mobile devices. Learn about its…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Cybersecurity News Round-Up 2024: 10 Biggest Stories That Dominated the Year
/in General NewsTechRepublic looks back at the biggest cybersecurity stories of 2024, from record data breaches to rising ransomware threats and CISO burnout.
Security | TechRepublic – Read More
Cohesity completes its merger with Veritas; here’s how they’ll integrate
/in General NewsData protection startup Cohesity completed its merger with Veritas’ enterprise data protection business, creating one entity with 12,000 customers that is valued at $7 billion. The deal was originally announced in February 2024. Cohesity valued Carlyle-owned Veritas’ data protection business at $3 billion at the time, according to CRN reporting. Cohesity declined to comment on […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
EU Cyber Resilience Act: What You Need to Know
/in General NewsManufacturers, importers, and distributors of products with digital components operating in the E.U. must comply.
Security | TechRepublic – Read More
How Red Teaming Helps Meet DORA Requirements
/in General NewsThe Digital Operational Resilience Act (DORA) sets strict EU rules for financial institutions and IT providers, emphasizing strong…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Astrix Security Banks $45M Series B to Secure Non-Human Identities
/in General NewsTel Aviv company building software to secure non-human identities banks a $45 million funding round led by Menlo Ventures.
The post Astrix Security Banks $45M Series B to Secure Non-Human Identities appeared first on SecurityWeek.
SecurityWeek – Read More
Microsoft Rolls Out Default NTLM Relay Attack Mitigations
/in General NewsMicrosoft has rolled out new default security protections that mitigate NTLM relaying attacks across on-premises Exchange, AD CS, and LDAP services.
The post Microsoft Rolls Out Default NTLM Relay Attack Mitigations appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers are exploiting a flaw in popular file-transfer tools to launch mass hacks, again
/in General NewsThreat actors are exploiting a high-risk bug in Cleo software – and Huntress warns that fully-patched systems are vulnerable
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More