BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Campcodes Online Hospital Management System 1.0 - SQL Injection
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
- [remote] Windows File Explorer Windows 11 (23H2) - NTLM Hash Disclosure
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Buffer Overflow
- [webapps] WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass
- [local] Microsoft Windows Server 2016 - Win32k Elevation of Privilege
- [remote] Windows 2024.15 - Unauthenticated Desktop Screenshot Capture
Volkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theft
/in General NewsVolkswagen has issued a statement after the 8Base ransomware group claimed to have stolen valuable data from the company’s systems.
The post Volkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theft appeared first on SecurityWeek.
SecurityWeek – Read More
New Telekopye Scam Toolkit Targeting Booking.com and Airbnb Users
/in General NewsESET Research found the Telekopye scam network targeting Booking.com and Airbnb. Scammers use phishing pages via compromised accounts…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT
/in General NewsCybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan (RAT) called DarkVision RAT.
The activity, observed by Zscaler ThreatLabz in July 2024, involves a multi-stage process to deliver the RAT payload.
“DarkVision RAT communicates with its command-and-control (C2) server using a custom network
The Hacker News – Read More
Cyberattackers Unleash Flood of Potentially Disruptive Election-Related Activity
/in General NewsOrganizations should be on high alert until next month’s US presidential election to ensure the integrity of the voting process, researchers warn.
darkreading – Read More
CISO Conversations: Julien Soriano (Box) and Chris Peake (Smartsheet)
/in General NewsCISOS from Box and Smartsheet discuss the route toward, the role within, and the future of being a successful CISO.
The post CISO Conversations: Julien Soriano (Box) and Chris Peake (Smartsheet) appeared first on SecurityWeek.
SecurityWeek – Read More
LLMs Are a New Type of Insider Adversary
/in General NewsThe inherent intelligence of large language models gives them unprecedented capabilities like no other enterprise tool before.
darkreading – Read More
Splunk Enterprise Update Patches Remote Code Execution Vulnerabilities
/in General NewsSplunk has released patches for multiple vulnerabilities in Splunk Enterprise, including two high-severity remote code execution flaws.
The post Splunk Enterprise Update Patches Remote Code Execution Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
99% of UK Businesses Faced Cyber Attacks in the Last Year
/in General NewsNearly half of respondents blamed remote work for these incidents.
Security | TechRepublic – Read More
Critical Vulnerability Patched in 101 Releases of WordPress Plugin Jetpack
/in General NewsAutomattic has rolled out updates for 101 Jetpack versions released over the past eight years to resolve a critical vulnerability.
The post Critical Vulnerability Patched in 101 Releases of WordPress Plugin Jetpack appeared first on SecurityWeek.
SecurityWeek – Read More
It Seemed Like an AI Crime-Fighting Super Tool. Then Defense Attorneys Started Asking Questions
/in General NewsGlobal Intelligence claims its Cybercheck technology can help cops find key evidence to nail a case. But a WIRED investigation reveals the smoking gun often appears far less solid.
Security Latest – Read More