BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
US Hits Intellexa Spyware Maker With More Sanctions
/in General NewsThe US has imposed further sanctions on Intellexa, the maker of the Predator spyware, targeting individuals and entities associated with the company due to its opaque corporate structure designed to evade accountability.
Cyware News – Latest Cyber News – Read More
Intezer Raises $33M to Extend AI-Powered SOC Platform
/in General NewsIntezer is looking to tap into booming market for AI-powered tooling to address the severe shortage of skilled cybersecurity professionals.
The post Intezer Raises $33M to Extend AI-Powered SOC Platform appeared first on SecurityWeek.
SecurityWeek – Read More
EchoStrike: Generate Undetectable Reverse Shells, Perform Process Injection
/in General NewsEchoStrike features an interactive Python wizard for easy customization, various persistence techniques, binary padding for evasion, AES payload encryption, and dynamic binary download.
Cyware News – Latest Cyber News – Read More
North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware
/in General NewsNorth Korean hackers are using RustDoor malware to target cryptocurrency users on LinkedIn, posing as recruiters for legitimate decentralized finance (DeFi) companies like STON.fi.
Cyware News – Latest Cyber News – Read More
Update: PoC Exploit Released for Windows Hyper-V Zero-Day Vulnerability
/in General NewsThis critical flaw, actively exploited in the wild, allows attackers to elevate privileges to SYSTEM level, posing a significant risk to organizations using Microsoft’s Hyper-V virtualization technology.
Cyware News – Latest Cyber News – Read More
Supply Chain Attack on Google Cloud Composer Could Have Resulted in Remote Code Execution
/in General NewsGoogle has addressed a critical security flaw in Google Cloud Platform (GCP) Composer that could have allowed remote code execution via a supply chain attack known as dependency confusion.
Cyware News – Latest Cyber News – Read More
Hundreds Wounded After Pagers Detonate in Lebanon, Media and Security Officials Say
/in General NewsA Hezbollah official speculated that malware may have caused the pagers to heat up and explode.
The post Hundreds Wounded After Pagers Detonate in Lebanon, Media and Security Officials Say appeared first on SecurityWeek.
SecurityWeek – Read More
C/side Raises $6 Million to Secure the Browser Supply Chain
/in General NewsC/side has raised $6 million in a seed-stage funding round to help organizations protect against malicious browser third-party scripts.
The post C/side Raises $6 Million to Secure the Browser Supply Chain appeared first on SecurityWeek.
SecurityWeek – Read More
Cisco’s second layoff of 2024 affects thousands of employees
/in General NewsCisco’s executives made tens of millions in compensation, while cutting thousands of jobs in two separate rounds of layoffs.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Zero-Click Calendar Invite: Critical macOS Vulnerability Chain Uncovered
/in General NewsThe vulnerability, tracked as CVE-2022-46723, enables attackers to manipulate files within the macOS Calendar app environment and execute remote code during system upgrades.
Cyware News – Latest Cyber News – Read More