BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
Microsoft: Schools Grapple With Thousands of Cyberattacks Weekly
/in General NewsEducation, including K-12 schools and universities, has become the third most targeted sector due to the high variety of sensitive data it stores in its databases.
darkreading – Read More
Pokémon Gaming Company Employee Info Leaked in Hack
/in General NewsThe gaming company reports that the server has been rebuilt after the leak, but has not confirmed what kind of information was compromised.
darkreading – Read More
Gmail users, beware of new AI scam that looks very authentic
/in General NewsA spoofed phone number, an email address plus an AI voice are all it takes to steal your Google credentials. Here’s what to look out for, just in case, you happen to find yourself in such a situation.
Latest stories for ZDNET in Security – Read More
Central Tickets Confirms Data Breach as Hacker Leaks Data of 1 Million Users
/in General NewsAnother day, another ticketing platform breached!
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Iran-linked hackers increasingly spy on governments in Gulf region, researchers say
/in General NewsAn Iran-linked cyberespionage group has stepped up its attacks in recent months against government agencies in the United Arab Emirates (UAE) and the broader Gulf region, according to a new report.
The Record from Recorded Future News – Read More
The biggest data breaches in 2024: 1 billion stolen records and rising
/in General NewsSome of the largest, most damaging breaches of 2024 already account for over a billion stolen records. Plus, some special shout-outs.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
ConfusedPilot Attack Can Manipulate RAG-Based AI Systems
/in General NewsAttackers can introduce a malicious document in systems such as Microsoft 365 Copilot to confuse the system, potentially leading to widespread misinformation and compromised decision-making processes.
darkreading – Read More
Internet Archive’s Wayback Machine is back up after data breach – with a catch
/in General NewsThe site is accessible but with a few limitations. Here’s why.
Latest stories for ZDNET in Security – Read More
Fighting Crime With Technology: Safety First
/in General NewsBy combining human and nonhuman identity management in one solution, Flock Safety is helping law enforcement solve an impressive number of criminal cases every day.
darkreading – Read More
National Public Data, the hacked data broker that lost millions of Social Security numbers and more, files for bankruptcy
/in General NewsThe data broker who lost one of the biggest databases of Social Security numbers in a data breach earlier this year, files for bankruptcy protection.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More