BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
- Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
SambaSpy RAT Targets Italian Users in a Unique Malware Campaign
/in General NewsThis unique malware campaign stood out for its precise targeting of Italian victims, with checks implemented to ensure the system language was set to Italian before infecting the device.
Cyware News – Latest Cyber News – Read More
New PondRAT Malware Hidden in Python Packages Targets Software Developers
/in General NewsThreat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called PondRAT as part of an ongoing campaign.
PondRAT, according to new findings from Palo Alto Networks Unit 42, is assessed to be a lighter version of POOLRAT (aka SIMPLESEA), a known macOS backdoor that has been previously attributed to the Lazarus Group and deployed in
The Hacker News – Read More
Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware
/in General NewsA suspected advanced persistent threat (APT) originating from China targeted a government organization in Taiwan, and possibly other countries in the Asia-Pacific (APAC) region, by exploiting a recently patched critical security flaw impacting OSGeo GeoServer GeoTools.
The intrusion activity, which was detected by Trend Micro in July 2024, has been attributed to a threat actor dubbed Earth Baxia
The Hacker News – Read More
China’s ‘Earth Baxia’ Spies Exploit Geoserver to Target APAC Orgs
/in General NewsThe APT group uses spear-phishing and a vulnerability in a geospatial data-sharing server to compromise organizations in Taiwan, Japan, the Philippines, and South Korea.
darkreading – Read More
Hackers Claim Second Dell Data Breach in One Week
/in General NewsAnother day, another claim of Dell data breach!
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
The TechCrunch Cyber Glossary
/in General NewsThis glossary includes some of the most common terms and expressions we use in our articles, and explanations of how — and why — we use them.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
‘Harvest now, decrypt later’: Why hackers are waiting for quantum computing
/in General NewsQuantum computing may soon help hackers steal sensitive data. Enterprises should prepare now for quantum computing cracking cryptography. Read More
Security News | VentureBeat – Read More
Apple’s macOS Sequoia Update Breaks Security Tools
/in General NewsApple’s macOS Sequoia update is causing major compatibility issues with popular security tools. Reportedly, users are facing disruptions…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks
/in General NewsA hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber attacks against Russian targets.
“Rather than demand a ransom for decrypting data, Twelve prefers to encrypt victims’ data and then destroy their infrastructure with a wiper to prevent recovery,” Kaspersky said in a Friday analysis.
“The approach is indicative of a
The Hacker News – Read More
Ukraine Bans Telegram Use for Government and Military Personnel
/in General NewsUkraine has restricted the use of the Telegram messaging app by government officials, military personnel, and other defense and critical infrastructure workers, citing national security concerns.
The ban was announced by the National Coordination Centre for Cybersecurity (NCCC) in a post shared on Facebook.
“I have always advocated and advocate for freedom of speech, but the issue of Telegram is
The Hacker News – Read More