BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
“HM Surf” macOS Flaw Lets Attackers Access Camera and Mic – Patch Now!
/in General NewsResearchers at Microsoft discovered a new macOS vulnerability, “HM Surf” (CVE-2024-44133), which bypasses TCC protections, allowing unauthorized access…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
The AI edge in cybersecurity: Predictive tools aim to slash response times
/in General NewsAI’s ability to sift through massive amounts of data, identify patterns and constantly learn makes it invaluable in cybersecurity.Read More
Security News | VentureBeat – Read More
Mirai-Inspired Gorilla Botnet Hits 0.3 Million Targets Across 100 Countries
/in General NewsA new Gorilla Botnet has launched massive DDoS attacks, targeting over 100 countries, according to cybersecurity firm NSFOCUS.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials
/in General NewsUnknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as part of a phishing attack designed to steal user credentials.
Russian cybersecurity company Positive Technologies said it discovered last month that an email was sent to an unspecified governmental organization located in one of the Commonwealth of
The Hacker News – Read More
North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data
/in General NewsNorth Korean information technology (IT) workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but are also stepping up by demanding ransoms in order to not leak it, marking a new twist to their financially motivated attacks.
“In some instances, fraudulent workers demanded ransom payments from their former employers after gaining
The Hacker News – Read More
Hackers Use Fake ESET Emails to Target Israeli Firms with Wiper Malware
/in General NewsHackers impersonate ESET in phishing attacks targeting Israeli organizations. Malicious emails, claiming to be from ESET, deliver wiper…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
23andMe faces an uncertain future — so does your genetic data
/in General NewsFinancial and security chaos at the once-pioneering genetic testing firm has intensified concerns about user data. Here’s how to take action.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Google Chrome’s uBlock Origin Purge Has Begun
/in General NewsPlus: The alleged SEC X account hacker gets charged, Kroger wriggles out of a face recognition scandal, and Microsoft deals with missing customer security logs.
Security Latest – Read More
Acronym Overdose – Navigating the Complex Data Security Landscape
/in General NewsIn the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to piece together an effective security strategy. This article aims to demystify some of the most important acronyms
The Hacker News – Read More
Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks
/in General NewsA nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of disrupting business operations and financial gain.
“The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk, PsExec, and others,”
The Hacker News – Read More