BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] WP Publications WordPress Plugin 1.2 - Stored XSS
- [local] Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges
- [remote] Keras 2.15 - Remote Code Execution (RCE)
- [local] Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege
- [webapps] PivotX 3.0.0 RC3 - Remote Code Execution (RCE)
- [hardware] TOTOLINK N300RB 8.54 - Command Execution
- [webapps] SugarCRM 14.0.0 - SSRF/Code Injection
- [webapps] Langflow 1.2.x - Remote Code Execution (RCE)
- [remote] NodeJS 24.x - Path Traversal
- [remote] MikroTik RouterOS 7.19.1 - Reflected XSS
Generative AI in Security: Risks and Mitigation Strategies
/in General NewsMicrosoft’s Siva Sundaramoorthy provides a blueprint for how common cyber precautions apply to generative AI deployed in and around security systems.
Security | TechRepublic – Read More
Authorities Seize Dark Web Marketplaces Sipulitie and Tsätti
/in General NewsFinnish Customs and Swedish Police, with Bitdefender’s support, shut down dark web marketplaces Sipulitie and Tsätti. These platforms…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
GitHub Patches Critical Vulnerability in Enterprise Server
/in General NewsA critical-severity flaw in GitHub Enterprise Server could lead to unauthorized access to the vulnerable instances.
The post GitHub Patches Critical Vulnerability in Enterprise Server appeared first on SecurityWeek.
SecurityWeek – Read More
Sweden, Finland partner to take down Sipulitie criminal marketplace
/in General NewsLaunched in February 2023 on the Tor network, the Sipulitie marketplace originally focused on Finland before expanding to cover other Scandinavian countries. A predecessor was created in April 2019 but was shut down by Finnish Customs and Polish authorities in December 2020.
The Record from Recorded Future News – Read More
Some Americans are still using Kaspersky’s antivirus despite U.S. government ban
/in General NewsNot everyone in the U.S. has given up on the Russian-made antivirus. Some Americans have found ways to get around the ban and are still using Kaspersky’s antivirus.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Volkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theft
/in General NewsVolkswagen has issued a statement after the 8Base ransomware group claimed to have stolen valuable data from the company’s systems.
The post Volkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theft appeared first on SecurityWeek.
SecurityWeek – Read More
New Telekopye Scam Toolkit Targeting Booking.com and Airbnb Users
/in General NewsESET Research found the Telekopye scam network targeting Booking.com and Airbnb. Scammers use phishing pages via compromised accounts…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT
/in General NewsCybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan (RAT) called DarkVision RAT.
The activity, observed by Zscaler ThreatLabz in July 2024, involves a multi-stage process to deliver the RAT payload.
“DarkVision RAT communicates with its command-and-control (C2) server using a custom network
The Hacker News – Read More
Cyberattackers Unleash Flood of Potentially Disruptive Election-Related Activity
/in General NewsOrganizations should be on high alert until next month’s US presidential election to ensure the integrity of the voting process, researchers warn.
darkreading – Read More
CISO Conversations: Julien Soriano (Box) and Chris Peake (Smartsheet)
/in General NewsCISOS from Box and Smartsheet discuss the route toward, the role within, and the future of being a successful CISO.
The post CISO Conversations: Julien Soriano (Box) and Chris Peake (Smartsheet) appeared first on SecurityWeek.
SecurityWeek – Read More