BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
- Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities
- Pulsegram - Integrated Keylogger With Telegram
Exploit DB
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
- [local] Microsoft - NTLM Hash Disclosure Spoofing (library-ms)
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
- [local] unzip-stream 0.3.1 - Arbitrary File Write
- [remote] OpenSSH server (sshd) 9.8p1 - Race Condition
- [local] tar-fs 3.0.0 - Arbitrary File Write/Overwrite
UK data watchdog confirms it’s investigating MoneyGram data breach
/in General NewsThe world’s second-largest money transfer provider, which filed a data breach notice with U.K. authorities, serves over 50 million people.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Is Google Password Manager Safe to Use in 2024?
/in General NewsGoogle Password Manager is a free password management service built into Chrome and Google apps. Learn how it works and how secure it is in this detailed review.
Security | TechRepublic – Read More
G2 Names INE 2024 Enterprise and Small Business Leader
/in General NewsCary, North Carolina, 27th September 2024, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
VLC Media Player Update Needed: CVE-2024-46461 Discovered
/in General NewsVLC Media Player users are urged to update their software due to the critical CVE-2024-46461 vulnerability, which could crash the program or lead to code execution by malicious actors.
Cyware News – Latest Cyber News – Read More
Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected
/in General NewsA researcher has disclosed the details of an unpatched vulnerability that was expected to pose a serious threat to many Linux systems.
The post Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected appeared first on SecurityWeek.
SecurityWeek – Read More
Tesla’s Cybertruck Goes, Inevitably, to War
/in General NewsA handful of Tesla’s electric pickup trucks are armed and ready for battle in the hands of Chechen forces fighting in Ukraine as part of Russia’s ongoing invasion. Can the EV take the heat?
Security Latest – Read More
Kaspersky, Pango Respond to User Backlash as Transition to UltraAV Nearly Complete
/in General NewsUsers continue to flame Kaspersky and Pango Group as the automatic, forced transition to UltraAV gradually progresses.
The post Kaspersky, Pango Respond to User Backlash as Transition to UltraAV Nearly Complete appeared first on SecurityWeek.
SecurityWeek – Read More
Critical Vulnerabilities Found in NVIDIA Container Toolkit
/in General NewsNvidia Container Toolkit has critical vulnerabilities (CVE-2024-0132 and CVE-2024-0133) up to v1.16.1, allowing attackers to access the host file system, execute code, escalate privileges, and disrupt services.
Cyware News – Latest Cyber News – Read More
U.S. Sanctions Two Crypto Exchanges for Facilitating Cybercrime and Money Laundering
/in General NewsThe U.S. government on Thursday sanctioned two cryptocurrency exchanges and unsealed an indictment against a Russian national for his alleged involvement in the operation of several money laundering services that were offered to cybercriminals.
The virtual currency exchanges, Cryptex and PM2BTC, have been alleged to facilitate the laundering of cryptocurrencies possibly obtained through
The Hacker News – Read More
Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers
/in General NewsA critical security flaw has been disclosed in the NVIDIA Container Toolkit that, if successfully exploited, could allow threat actors to break out of the confines of a container and gain full access to the underlying host.
The vulnerability, tracked as CVE-2024-0132, carries a CVSS score of 9.0 out of a maximum of 10.0. It has been addressed in NVIDIA Container Toolkit version v1.16.2 and
The Hacker News – Read More