BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
- Uro - Declutters Url Lists For Crawling/Pentesting
- Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
Citrine Sleet Poisons PyPI Packages With Mac & Linux Malware
/in General NewsA North Korean advanced persistent threat (APT) actor (aka Gleaming Pisces) tried to sneak simple backdoors into public software packages.
darkreading – Read More
More than $44 million in cryptocurrency stolen from Singaporean platform BingX
/in General NewsSingaporean crypto platform BingX said Friday that more than $44 million was stolen from their platform in a cyberattack.
The Record from Recorded Future News – Read More
Zero-Click MediaTek Bug Opens Phones, Wi-Fi to Takeover
/in General NewsCritical-rated CVE-2024-20017 allows remote code execution (RCE) on a range of phones and Wi-Fi access points from a variety of OEMs.
darkreading – Read More
Police Broke Tor Anonymity to Arrest Dark Web Users in Major CSAM Bust
/in General NewsGerman authorities dismantled Boystown, a notorious Dark Web platform for CSAM, by deanonymizing Tor users in 2021. This…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Airline exec settles hack-for-hire case against law firm, pledging to ‘vigorously’ prosecute other alleged conspirators
/in General NewsThe aviation executive Farhad Azima settled litigation this week against the law firm Dechert and two of its former attorneys who he alleged were involved in the hacking of his personal accounts in order to smear his reputation.
The Record from Recorded Future News – Read More
Ukraine Bans Telegram Messenger App on State-Issued Devices Because of Russian Security Threat
/in General NewsUkraine issued the Telegram ban for the official devices of government employees, military personnel, security and defense workers, and critical infrastructure employees.
The post Ukraine Bans Telegram Messenger App on State-Issued Devices Because of Russian Security Threat appeared first on SecurityWeek.
SecurityWeek – Read More
Internet surveillance firm Sandvine says it’s leaving 56 “non-democratic” countries
/in General NewsSandvine sold its internet surveillance products to authoritarian regimes, including Belarus, Egypt, Eritrea, the United Arab Emirates, and Uzbekistan.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
LinkedIn Addresses User Data Collection for AI Training
/in General NewsThe company announced an update to its privacy policy, acknowledging it is using customer data to train its AI models.
darkreading – Read More
HackerOne: Nearly Half of Security Professionals Believe AI Is Risky
/in General NewsThe Hacker-Powered Security Report showed mixed feelings toward AI in the security community, with many seeing leaked training data as a threat.
Security | TechRepublic – Read More
Upgrading to MacOS Sequoia? Here’s why you may want to hold off
/in General NewsThe new version of Apple’s MacOS is breaking the functionality of security products from Microsoft, CrowdStrike, SentinelOne, and other vendors. But that’s not all.
Latest stories for ZDNET in Security – Read More