BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Social Warfare WordPress Plugin 3.5.2 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
- [remote] Microsoft Excel 2024 Use after free - Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [local] Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)
- [remote] FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse
UK national hacked public companies for stock trading intel, DOJ says
/in General NewsRobert Westbrook is accused of stealing information ahead of 14 different earnings announcements.
The Record from Recorded Future News – Read More
Millions of Kia Vehicles Open to Remote Hacks via License Plate
/in General NewsThe vulnerability is the latest discovered in connected vehicles in recent years, and it points out the cyber dangers lurking in automotive APIs.
darkreading – Read More
How Should CISOs Navigate the SEC Cybersecurity and Disclosure Rules?
/in General NewsCompanies that commit to risk management have a strong cybersecurity foundation that makes it easier to comply with the SEC’s rules. Here is what you need to know about 8K and 10K filings.
darkreading – Read More
Novel Exploit Chain Enables Windows UAC Bypass
/in General NewsAdversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it’s not really a vulnerability.
darkreading – Read More
Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian
/in General NewsMimecast tells TechRepublic that AI may exacerbate phishing risks in Australia.
Security | TechRepublic – Read More
Torq Secures $70M Series C for HyperSOC
/in General NewsThe New York late-stage startup banks $70 million in a new funding round led by Evolution Equity Partners.
The post Torq Secures $70M Series C for HyperSOC appeared first on SecurityWeek.
SecurityWeek RSS Feed – Read More
US government charges three Iranian hackers with Trump campaign hack
/in General NewsThree Iranian hackers working for the Islamic Revolutionary Guard Corps (IRGC) targeted the Trump campaign in an attempted hack-and-leak operation, according to the Department of Justice.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
First Mobile Crypto Drainer on Google Play Steals $70K from Users
/in General NewsA malicious app disguised as a legitimate WalletConnect tool targeted mobile users on Google Play. The app stole…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Top Allies Executives & Boards Should Leverage During a Cyber Crisis
/in General NewsIt is imperative for executives and board members to know who their top allies are, and how to best leverage them to successfully navigate a crisis and minimize the harm caused by a breach.
darkreading – Read More
Controversial Windows Recall AI Search Tool Returns With Proof-of-Presence Encryption, Data Isolation
/in General NewsMicrosoft reboots controversial Windows Recall with proof-of-presence encryption, anti-tampering checks, and secure enclave data management.
The post Controversial Windows Recall AI Search Tool Returns With Proof-of-Presence Encryption, Data Isolation appeared first on SecurityWeek.
SecurityWeek – Read More