BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Social Warfare WordPress Plugin 3.5.2 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
- [remote] Microsoft Excel 2024 Use after free - Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [local] Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)
- [remote] FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse
DoJ, Microsoft Seize 100 Russian Phishing Sites Targeting US
/in General NewsDoJ and Microsoft seized over 100 sites used by Russian hackers for phishing campaigns targeting the U.S. The…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Over 5,000 Fake Microsoft Notifications Fueling Email Compromise Campaigns
/in General NewsCheck Point documented 5,000 emails coming from legitimate-looking organizational domains.
Security | TechRepublic – Read More
Cybersecurity professionals are turning to AI as more lose control of detection tools
/in General NewsMore than half of security practitioners believe vendors are flooding them with ineffective alerts to avoid accountability should a breach hit.
Latest stories for ZDNET in Security – Read More
How Cloud-Based Solutions Are Transforming Software Quality Assurance
/in General NewsCloud-based solutions are transforming the software quality assurance (QA) industry. As organizations increasingly migrate their development and verification…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
So far, cybercriminals appear to be just shopping around for a Telegram alternative
/in General NewsThe recent scrutiny of the Telegram app has rattled the cybercriminals who use it, say researchers at Intel 471, but it appears that they don’t have enough reasons yet to step away in large numbers.
The Record from Recorded Future News – Read More
Ransomware Hits Critical Infrastructure Hard, Costs Adding Up
/in General NewsReport finds most organizations have suffered financial impact of $500,000 or more from cyberattacks on cyber-physical systems over past year.
The post Ransomware Hits Critical Infrastructure Hard, Costs Adding Up appeared first on SecurityWeek.
SecurityWeek – Read More
Cybersecurity Is Serious — but It Doesn’t Have to Be Boring
/in General NewsThoughtfully applied, humor breaks through security fatigue, increases engagement, and fosters a culture of security awareness.
darkreading – Read More
Criminals Are Testing Their Ransomware Campaigns in Africa
/in General NewsThe booming economies of Africa, rich in natural resources and brimming with potential, are attracting not just investors, but also cybercriminals. Here’s why.
darkreading – Read More
White House official says insurance companies must stop funding ransomware payments
/in General NewsSome insurance policies incentivize holders to make ransomware payments that ultimately “fuel cyber crime ecosystems,” White House cyber adviser Anne Neuberger wrote in an op-ed. “This is a troubling practice that must end.”
The Record from Recorded Future News – Read More
In Other News: Doxing With Meta Ray-Ban Glasses, OT Hunting, NVD Backlog
/in General NewsNoteworthy stories that might have slipped under the radar: students dox people with Meta’s Ray-Ban smart glasses, OT hunting guide for water systems, NVD backlog still significant.
The post In Other News: Doxing With Meta Ray-Ban Glasses, OT Hunting, NVD Backlog appeared first on SecurityWeek.
SecurityWeek – Read More