BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Lateral Movement: Clearest Sign of Unfolding Ransomware Attack
/in General NewsLateral movement is a key indicator of ransomware attacks, with 44% of attacks being spotted during this phase, as reported by Barracuda Networks. Additionally, file modifications and off-pattern behavior were also significant triggers for detection.
Cyware News – Latest Cyber News – Read More
New Cheana Stealer Threat Targets VPN Users Across Multiple Operating Systems
/in General NewsThis campaign is notable for its malicious apps for Windows, Linux, and macOS users. The attackers have created different versions of Cheana Stealer for each OS to widen their attack surface.
Cyware News – Latest Cyber News – Read More
macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
/in General NewsUsers of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT.
The artifacts “almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in the form of shell scripts from the attackers’ server,” Kaspersky researcher Sergey Puzan said.
HZ RAT was first
The Hacker News – Read More
LibreOffice now removes personal data from documents. Why that matters
/in General NewsIf privacy and security are central to you or your business, this new feature from the open-source office suite LibreOffice is worth checking out. Here’s how it works.
Latest stories for ZDNET in Security – Read More
Google Tags a Tenth Chrome Zero-Day as Exploited This Year
/in General NewsThe vulnerability, tracked as CVE-2024-7965 and reported by a security researcher known as TheDog, involved a bug in the compiler backend that could allow remote attackers to exploit heap corruption through a crafted HTML page.
Cyware News – Latest Cyber News – Read More
Top Universities to Battle in Cybersecurity at UNSW’s Upcoming Australian Cybersecurity Games
/in General NewsTop universities in Australia will compete in the Australian Cybersecurity Games at UNSW from September 2-30, 2024. This event, organized by SECedu, features cybersecurity experts collaborating with leading universities like UNSW.
Cyware News – Latest Cyber News – Read More
New Unicode QR Code Phishing Scam Bypasses Traditional Security
/in General NewsCybercriminals are exploiting Unicode QR codes in a new wave of phishing attacks. This sophisticated technique bypasses traditional…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Cribl Raises $319 Million at $3.5 Billion Valuation
/in General NewsThe IT and data security firm raises $319 million in a Series E round led by Google Ventures and is now valued at $3.5 billion.
The post Cribl Raises $319 Million at $3.5 Billion Valuation appeared first on SecurityWeek.
SecurityWeek – Read More
SonicWall Patches Critical Flaw Affecting its Firewalls (CVE-2024-40766)
/in General NewsSonicWall has addressed a critical vulnerability (CVE-2024-40766) in its next-gen firewalls, which could be exploited by remote attackers to gain unauthorized access and potentially crash the devices.
Cyware News – Latest Cyber News – Read More
Two Strategies to Protect Your Business From the Next Large-Scale Tech Failure
/in General NewsDiversifying suppliers and systems can help minimize risks, as shown by corporations that purchase networking equipment from multiple vendors to prevent total network failure in case of vendor issues.
Cyware News – Latest Cyber News – Read More