BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] CrushFTP 11.3.1 - Authentication Bypass
- [remote] Invision Community 5.0.6 - Remote Code Execution (RCE)
- [local] Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
Malvertising Campaign Phishes Lowe’s Employees
/in General NewsThe fake landing pages closely mimicked the real Lowe’s portal, prompting employees to enter their sales numbers, passwords, and security question answers, which then were sent to attackers.
Cyware News – Latest Cyber News – Read More
White House Launches Cybersecurity Hiring Sprint To Help Fill 500,000 Job Openings
/in General NewsThe White House has launched a cybersecurity hiring sprint to fill 500,000 job openings, part of a program to address the ongoing shortage in cyber, technology, and AI positions.
Cyware News – Latest Cyber News – Read More
Hackers Linked to Russia and Belarus Increasingly Target Latvian Websites, Officials Say
/in General NewsHackers from Russia and Belarus are increasingly targeting Latvian government and critical infrastructure websites in politically motivated cyberattacks, according to Latvian cybersecurity officials.
Cyware News – Latest Cyber News – Read More
The NSA Has a Podcast—Here’s How to Decode It
/in General NewsThe spy agency that dared not speak its name is now the Joe Rogan of the SIGINT set. And the pod’s actually worth a listen.
Security Latest – Read More
In Other News: US Army Hacks Buildings, X Hiring Cybersecurity Staff, Bitcoin ATM Scams
/in General NewsNoteworthy stories that might have slipped under the radar: US Special Forces can hack buildings, X is hiring cybersecurity staff, and FTC warns of Bitcoin ATM scams.
The post In Other News: US Army Hacks Buildings, X Hiring Cybersecurity Staff, Bitcoin ATM Scams appeared first on SecurityWeek.
SecurityWeek – Read More
Critical Foreman Flaw Exposes Red Hat Satellite to Unauthorized Access
/in General NewsThis authentication bypass flaw, with a CVSS score of 9.8 (the highest severity rating), could enable unauthorized users to gain administrative access to Red Hat Satellite, a commercial offering built on Foreman.
Cyware News – Latest Cyber News – Read More
Use of Predator Spyware Rebounds After a Dip From Biden Sanctions, Researchers Say
/in General NewsDespite facing sanctions, Predator has managed to attract new customers and has been detected in various countries, including the Democratic Republic of Congo and Angola.
Cyware News – Latest Cyber News – Read More
Cybersecurity M&A Roundup: 36 Deals Announced in August 2024
/in General NewsRoundup of the three dozen cybersecurity-related merger and acquisition (M&A) deals announced in August 2024.
The post Cybersecurity M&A Roundup: 36 Deals Announced in August 2024 appeared first on SecurityWeek.
SecurityWeek – Read More
Infosec Spending to Hit 3-Year Growth Peak, Reach $212B Next Year: Gartner
/in General NewsGlobal spending on information security is on track to reach nearly $212 billion next year, with a projected 15% increase from 2024. The majority of this spending is in security software, particularly in endpoint protection platforms.
Cyware News – Latest Cyber News – Read More
Respotter: Open-Source Responder Honeypot
/in General NewsRespotter is an open-source honeypot designed to detect attackers when they launch Responder within your environment. This application identifies active instances of Responder by exploiting its behavior when responding to any DNS query.
Cyware News – Latest Cyber News – Read More