BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Amateurish ‘CosmicBeetle’ Ransomware Stings SMBs in Turkey
/in General NewsWith an immature codebase and a “rather chaotic encryption scheme” prone to failure, the group targets small businesses with custom malware.
darkreading – Read More
WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers
/in General NewsWordPress.org has announced a new account security measure that will require accounts with capabilities to update plugins and themes to activate two-factor authentication (2FA) mandatorily.
The enforcement is expected to come into effect starting October 1, 2024.
“Accounts with commit access can push updates and changes to plugins and themes used by millions of WordPress sites worldwide,” the
The Hacker News – Read More
Criminal IP Teams Up with IPLocation.io to Deliver Unmatched IP Solutions to Global Audiences
/in General NewsTorrance, United States / California, 12th September 2024, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Flipper Zero gets a big firmware upgrade, and some amazing new features
/in General NewsAfter three years of development, the portable hacking tool gets its first major firmware update – to version 1.0!
Latest stories for ZDNET in Security – Read More
Dark Reading Expands Its Coverage to the Asia-Pacific Region
/in General NewsThe latest step in a journey to serve cybersecurity professionals in other regions of the world.
darkreading – Read More
Google’s AI Model Faces European Union Scrutiny From Privacy Watchdog
/in General NewsIreland’s Data Protection Commission said it has opened an inquiry into Google’s Pathways Language Model 2, also known as PaLM2.
The post Google’s AI Model Faces European Union Scrutiny From Privacy Watchdog appeared first on SecurityWeek.
SecurityWeek – Read More
Apple Intelligence Promises Better AI Privacy. Here’s How It Actually Works
/in General NewsPrivate Cloud Compute is an entirely new kind of infrastructure that, Apple’s Craig Federighi tells WIRED, allows your personal data to be “hermetically sealed inside of a privacy bubble.”
Security Latest – Read More
Cybersecurity Hiring: How to Overcome Talent Shortages and Skills Gaps
/in General NewsAccording to the ISC2, 90% of organizations face cybersecurity skills shortages. Plus, the gap between roles to fill and available talent widened.
Security | TechRepublic – Read More
Chinese DragonRank Hackers Exploit Global Windows Servers in SEO Fraud
/in General NewsDragonRank, a Chinese-speaking hacking group, has compromised 30+ Windows servers globally. They exploit IIS vulnerabilities to manipulate SEO…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
UK’s ICO and NCA Sign Memorandum to Boost Reporting and Resilience
/in General NewsThe UK’s data protection watchdog and serious and organized crime agency have signed a memorandum of understanding (MoU) designed to enhance cooperation and reaffirm their commitment to helping victim organizations.
Cyware News – Latest Cyber News – Read More