BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Supply Chain Attack on Google Cloud Composer Could Have Resulted in Remote Code Execution
/in General NewsGoogle has addressed a critical security flaw in Google Cloud Platform (GCP) Composer that could have allowed remote code execution via a supply chain attack known as dependency confusion.
Cyware News – Latest Cyber News – Read More
Hundreds Wounded After Pagers Detonate in Lebanon, Media and Security Officials Say
/in General NewsA Hezbollah official speculated that malware may have caused the pagers to heat up and explode.
The post Hundreds Wounded After Pagers Detonate in Lebanon, Media and Security Officials Say appeared first on SecurityWeek.
SecurityWeek – Read More
C/side Raises $6 Million to Secure the Browser Supply Chain
/in General NewsC/side has raised $6 million in a seed-stage funding round to help organizations protect against malicious browser third-party scripts.
The post C/side Raises $6 Million to Secure the Browser Supply Chain appeared first on SecurityWeek.
SecurityWeek – Read More
Cisco’s second layoff of 2024 affects thousands of employees
/in General NewsCisco’s executives made tens of millions in compensation, while cutting thousands of jobs in two separate rounds of layoffs.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Zero-Click Calendar Invite: Critical macOS Vulnerability Chain Uncovered
/in General NewsThe vulnerability, tracked as CVE-2022-46723, enables attackers to manipulate files within the macOS Calendar app environment and execute remote code during system upgrades.
Cyware News – Latest Cyber News – Read More
The Current Cybersecurity Landscape: New Threats, Same Security Mistakes
/in General NewsIt is imperative to develop robust policies for new tech and future-proofing by favoring investments in security.
darkreading – Read More
Russia’s RT News Agency Has ‘Cyber Operational Capabilities,’ Assists in Military Procurement, State Department Says
/in General NewsRussia’s RT news agency is involved in covert cyber operations to assist in military procurement and spread propaganda globally, according to the U.S. State Department. It has a cyber unit with operational capabilities linked to Russian intelligence.
Cyware News – Latest Cyber News – Read More
The cybersecurity labor gap now stands at 4M+ open jobs. Intezer has raised $33M for AI tools to plug it
/in General NewsWhen it comes to talent shortages in tech, cybersecurity is one of the biggest and most urgent that needs filling. Malicious attacks are on the rise, and the techniques being used to worm into networks are also scaling up. Yet the World Economic Forum recently found that there are 4 million positions unfilled globally — […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Hydden Raises $4.4M in Seed Funding for Identity Security Platform
/in General NewsHydden has raised $4.4 million in seed funding for a solution designed to provide deep visibility into identities, accounts and privileges.
The post Hydden Raises $4.4M in Seed Funding for Identity Security Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Metabase Q Raises $11M in Series A Extension Funding
/in General NewsMetabase Q, an IT cybersecurity management company based in San Francisco, has raised $11M in its Series A extension funding. Backers include SYN Ventures and John Watters.
Cyware News – Latest Cyber News – Read More