BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
The Power of Process in Creating a Successful Security Posture
/in General NewsEstablishing realistic, practitioner-driven processes prevents employee burnout, standardizes experiences, and closes many of the gaps exposed by repeated one-offs.
darkreading – Read More
North Korean Hackers Use Fake News to Spread ‘Hidden Risk’ Malware
/in General NewsNorth Korean hackers are targeting cryptocurrency businesses with a sophisticated new malware campaign, dubbed “Hidden Risk.” Learn how…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Embed Security Raises $6 Million to Help Overworked Analysts
/in General NewsEmbed Security has raised $6 million in an early stage funding round led by Paladin Capital Group.
The post Embed Security Raises $6 Million to Help Overworked Analysts appeared first on SecurityWeek.
SecurityWeek – Read More
North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS
/in General NewsA threat actor with ties to the Democratic People’s Republic of Korea (DPRK) has been observed targeting cryptocurrency-related businesses with a multi-stage malware capable of infecting Apple macOS devices.
Cybersecurity company SentinelOne, which dubbed the campaign Hidden Risk, attributed it with high confidence to BlueNoroff, which has been previously linked to malware families such as
The Hacker News – Read More
‘SteelFox’ Miner and Information Stealer Bundle Emerges
/in General NewsImpersonating legitimate software such as Foxit PDF Editor and AutoCAD, the SteelFox crimeware bundle steals user information.
The post ‘SteelFox’ Miner and Information Stealer Bundle Emerges appeared first on SecurityWeek.
SecurityWeek – Read More
Canada orders shutdown of TikTok offices over security risks (but won’t block app)
/in General NewsWith all eyes on how a new Trump administration in the U.S. will interface with China Tech in the years ahead, its neighbor to the north has levelled a blow to one of the biggest apps to come out of the country. Canada has ordered the closure of ByteDance’s operations in Canada — specifically the […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Cyberattack on Microlise Disables Tracking in Prison Vans, Courier Vehicles
/in General NewsVehicle tracking services for Serco, DHL, and other fleets were disrupted after Microlise fell victim to a cyberattack.
The post Cyberattack on Microlise Disables Tracking in Prison Vans, Courier Vehicles appeared first on SecurityWeek.
SecurityWeek – Read More
Canada Orders TikTok’s Canadian Business to Be Dissolved but Won’t Block App
/in General NewsCanada won’t block access to TikTok but is ordering the dissolution of its Canadian business after a national security review.
The post Canada Orders TikTok’s Canadian Business to Be Dissolved but Won’t Block App appeared first on SecurityWeek.
SecurityWeek – Read More
SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims
/in General NewsAn ongoing phishing campaign is employing copyright infringement-related themes to trick victims into downloading a newer version of the Rhadamanthys information stealer since July 2024.
Cybersecurity firm Check Point is tracking the large-scale campaign under the name CopyRh(ight)adamantys. Targeted regions include the United States, Europe, East Asia, and South America.
“The campaign
The Hacker News – Read More
Android Banking Trojan ToxicPanda Targets Europe
/in General NewsToxicPanda is a China-linked Android banking trojan spotted targeting over a dozen banks in Europe and Latin America.
The post Android Banking Trojan ToxicPanda Targets Europe appeared first on SecurityWeek.
SecurityWeek – Read More