BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
- Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
BBTok Targeting Brazil Using the AppDomain Manager Injection Technique
/in General NewsThe Brazilian-targeted threat BBTok has a complex infection chain that starts with an email containing an ISO image. The malware compiles C# code directly on the infected machine and uses the AppDomain Manager Injection technique.
Cyware News – Latest Cyber News – Read More
Hackers Deploy AI-Written Malware in Targeted Attacks
/in General NewsHackers are now using AI-generated malware in targeted attacks. In a recent email campaign in France, researchers found malicious code crafted with the help of generative AI to distribute the AsyncRAT malware.
Cyware News – Latest Cyber News – Read More
Why Microsoft’s security initiative and Apple’s cloud privacy matter to enterprises now
/in General NewsMicrosoft’s Secure Future Initiative (SFI) and Apple’s Private Cloud Compute (PCC)’s goals are to harden cloud security and privacy at scale.Read More
Security News | VentureBeat – Read More
UK national hacked public companies for stock trading intel, DOJ says
/in General NewsRobert Westbrook is accused of stealing information ahead of 14 different earnings announcements.
The Record from Recorded Future News – Read More
Millions of Kia Vehicles Open to Remote Hacks via License Plate
/in General NewsThe vulnerability is the latest discovered in connected vehicles in recent years, and it points out the cyber dangers lurking in automotive APIs.
darkreading – Read More
How Should CISOs Navigate the SEC Cybersecurity and Disclosure Rules?
/in General NewsCompanies that commit to risk management have a strong cybersecurity foundation that makes it easier to comply with the SEC’s rules. Here is what you need to know about 8K and 10K filings.
darkreading – Read More
Novel Exploit Chain Enables Windows UAC Bypass
/in General NewsAdversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it’s not really a vulnerability.
darkreading – Read More
Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian
/in General NewsMimecast tells TechRepublic that AI may exacerbate phishing risks in Australia.
Security | TechRepublic – Read More
Torq Secures $70M Series C for HyperSOC
/in General NewsThe New York late-stage startup banks $70 million in a new funding round led by Evolution Equity Partners.
The post Torq Secures $70M Series C for HyperSOC appeared first on SecurityWeek.
SecurityWeek RSS Feed – Read More
US government charges three Iranian hackers with Trump campaign hack
/in General NewsThree Iranian hackers working for the Islamic Revolutionary Guard Corps (IRGC) targeted the Trump campaign in an attempted hack-and-leak operation, according to the Department of Justice.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More