BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Campcodes Online Hospital Management System 1.0 - SQL Injection
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
- [remote] Windows File Explorer Windows 11 (23H2) - NTLM Hash Disclosure
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Buffer Overflow
- [webapps] WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass
- [local] Microsoft Windows Server 2016 - Win32k Elevation of Privilege
- [remote] Windows 2024.15 - Unauthenticated Desktop Screenshot Capture
Sweden, Finland partner to take down Sipulitie criminal marketplace
/in General NewsLaunched in February 2023 on the Tor network, the Sipulitie marketplace originally focused on Finland before expanding to cover other Scandinavian countries. A predecessor was created in April 2019 but was shut down by Finnish Customs and Polish authorities in December 2020.
The Record from Recorded Future News – Read More
Some Americans are still using Kaspersky’s antivirus despite U.S. government ban
/in General NewsNot everyone in the U.S. has given up on the Russian-made antivirus. Some Americans have found ways to get around the ban and are still using Kaspersky’s antivirus.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Volkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theft
/in General NewsVolkswagen has issued a statement after the 8Base ransomware group claimed to have stolen valuable data from the company’s systems.
The post Volkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theft appeared first on SecurityWeek.
SecurityWeek – Read More
New Telekopye Scam Toolkit Targeting Booking.com and Airbnb Users
/in General NewsESET Research found the Telekopye scam network targeting Booking.com and Airbnb. Scammers use phishing pages via compromised accounts…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT
/in General NewsCybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan (RAT) called DarkVision RAT.
The activity, observed by Zscaler ThreatLabz in July 2024, involves a multi-stage process to deliver the RAT payload.
“DarkVision RAT communicates with its command-and-control (C2) server using a custom network
The Hacker News – Read More
Cyberattackers Unleash Flood of Potentially Disruptive Election-Related Activity
/in General NewsOrganizations should be on high alert until next month’s US presidential election to ensure the integrity of the voting process, researchers warn.
darkreading – Read More
CISO Conversations: Julien Soriano (Box) and Chris Peake (Smartsheet)
/in General NewsCISOS from Box and Smartsheet discuss the route toward, the role within, and the future of being a successful CISO.
The post CISO Conversations: Julien Soriano (Box) and Chris Peake (Smartsheet) appeared first on SecurityWeek.
SecurityWeek – Read More
LLMs Are a New Type of Insider Adversary
/in General NewsThe inherent intelligence of large language models gives them unprecedented capabilities like no other enterprise tool before.
darkreading – Read More
Splunk Enterprise Update Patches Remote Code Execution Vulnerabilities
/in General NewsSplunk has released patches for multiple vulnerabilities in Splunk Enterprise, including two high-severity remote code execution flaws.
The post Splunk Enterprise Update Patches Remote Code Execution Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
99% of UK Businesses Faced Cyber Attacks in the Last Year
/in General NewsNearly half of respondents blamed remote work for these incidents.
Security | TechRepublic – Read More