BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Realm.Security Emerges From Stealth With $5 Million in Seed Funding
/in General NewsRealm.Security has emerged from stealth with $5 million in funding and a solution that helps organizations manage security data.
The post Realm.Security Emerges From Stealth With $5 Million in Seed Funding appeared first on SecurityWeek.
SecurityWeek – Read More
New but ‘immature’ ransomware group CosmicBeetle targets small businesses
/in General NewsPost Content
The Record from Recorded Future News – Read More
Global Cybersecurity Workforce Growth Flatlines, Stalling at 5.5 Million Pros
/in General NewsAccording to ISC2, the global cybersecurity workforce growth has stagnated at 5. 5 million professionals, increasing by just 0. 1% in a year, marking the sector’s first stall since 2019.
Cyware News – Latest Cyber News – Read More
Aembit Raises $25 Million in Series A Funding for Non-Human Identity and Access Management
/in General NewsSilver Spring, United States, 12th September 2024, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Rising Tide of Software Supply Chain Attacks: An Urgent Problem
/in General NewsUnderstanding a threat is just as important as the steps taken toward prevention.
darkreading – Read More
Non-Human IAM Provider Aembit Raises $25 Million
/in General NewsAembit has raised $25 million in Series A funding to protect non-human identities and minimize attack surface.
The post Non-Human IAM Provider Aembit Raises $25 Million appeared first on SecurityWeek.
SecurityWeek – Read More
Ransomware Disguised as a Game: Kransom’s Attack Through DLL Side-Loading
/in General NewsKransom ransomware hides within the StarRail game using DLL side-loading and a legitimate certificate from COGNOSPHERE PTE. LTD.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
DockerSpy: Search for Images on Docker Hub, Extract Sensitive Information
/in General NewsCreated to combat data leaks within publicly available Docker images, DockerSpy automates the process of scanning for secrets to enhance security and compliance. Its scanning engine can identify various secret types and provides detailed analysis.
Cyware News – Latest Cyber News – Read More
Cybersecurity is a Fundamental Component of Patient Care and Safety
/in General NewsA multipronged cybersecurity approach is necessary for the healthcare sector, involving technology investments, staff training, and collaboration between stakeholders to develop industry-wide standards and best practices.
Cyware News – Latest Cyber News – Read More
Microsoft Fixes Windows Smart App Control Zero-Day Exploited Since 2018
/in General NewsThreat actors have been using this flaw, now labeled as CVE-2024-38217, to bypass Smart App Control and MotW security features to run potentially dangerous applications without warnings.
Cyware News – Latest Cyber News – Read More