BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Cybersecurity Community Celebrates Documentary Premiere at Tampa Theatre
/in General NewsPost Content
darkreading – Read More
South Korea Digital Forensics Market to Hit US $3.52B by 2031
/in General NewsPost Content
darkreading – Read More
Security News This Week: A Creative Trick Makes ChatGPT Spit Out Bomb-Making Instructions
/in General NewsPlus: New evidence emerges about who may have helped 9/11 hijackers, UK police arrest a teen in connection with an attack on London’s transit system, and Poland’s spyware scandal enters a new phase.
Security Latest – Read More
GitLab Warns of Critical Pipeline Execution Vulnerability
/in General NewsGitLab released updates covering versions 17.1.7, 17.2.5, and 17.3.2 for GitLab Community Edition (CE) and Enterprise Edition (EE), addressing a total of 18 security issues.
Cyware News – Latest Cyber News – Read More
TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud
/in General NewsCybersecurity researchers at Cleafy discovered a new variant of the TrickMo Android banking trojan that evades analysis and displays fake login screens to steal banking credentials.
Cyware News – Latest Cyber News – Read More
Chinese-Made Port Cranes in US Included ‘Backdoor’ Modems, House Report Says
/in General NewsA recent congressional investigation revealed that Chinese-made port cranes in the United States contained hidden modems that could provide unauthorized access to the machines.
Cyware News – Latest Cyber News – Read More
Fileless Remcos RAT Campaign Leverages CVE-2017-0199 Flaw
/in General NewsIn a newly uncovered advanced malware campaign, threat actors are using a complex, fileless approach to deliver the Remcos Remote Access Trojan (RAT), leveraging a benign-looking Excel document as the attack vector.
Cyware News – Latest Cyber News – Read More
Hackers Have Sights Set on Four Microsoft Vulnerabilities, CISA Warns
/in General NewsFederal civilian agencies have until the end of the month to address these issues. The vulnerabilities are part of Microsoft’s monthly security release, with CVE-2024-43491 considered the most concerning due to its severity score.
Cyware News – Latest Cyber News – Read More
Targeted Campaigns in Retail Sector Involve Domain Fraud, Brand Impersonation, and Ponzi Schemes
/in General NewsThreat actors are actively engaging in domain fraud, brand impersonation, and Ponzi schemes targeting the retail sector, which plays a significant role in the global economy.
Cyware News – Latest Cyber News – Read More
New Vo1d Malware Infects 1.3 Million Android Streaming Boxes
/in General NewsThe Vo1d malware campaign targets specific Android firmware versions like Android 7.1.2 and Android 10.1. The malware modifies system files to launch itself on boot and persist on the device.
Cyware News – Latest Cyber News – Read More