BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
- [remote] Microsoft Excel 2024 Use after free - Remote Code Execution (RCE)
Zscaler’s Buyout of Red Canary Shows Telemetry’s Value
/in General NewsRed Canary’s MDR portfolio complements Zscaler’s purchase last year of Israeli startup Avalor, which automates collection, curation, and enrichment of security data.
darkreading – Read More
Victoria’s Secret Goes Offline After ‘Incident’ Claims
/in General NewsThe lingerie retailer isn’t revealing much about the security incident it’s dealing with but has brought in third-party experts to address the issue.
darkreading – Read More
SentinelOne Reports Services Are Back Online After Global Outage
/in General NewsThe outage reportedly hit 10 commercial customer consoles for SentinelOne’s Singularity platform, including Singularity Endpoint, XDR, Cloud Security, Identity, Data Lake, RemoteOps, and more.
darkreading – Read More
ConnectWise says nation-state attack targeted multiple ScreenConnect customers
/in General NewsThe company said it “recently learned of suspicious activity” within its environment that it believes “was tied to a sophisticated nation state actor, which affected a very small number of ScreenConnect customers.”
The Record from Recorded Future News – Read More
A Swedish MMA Tournament Spotlights the Trump Administration’s Handling of Far-Right Terrorism
/in General NewsA member of a California-based fight club seems to have attended an event hosted by groups with ties to an organization the US government labeled a terrorist group. Will the Trump administration care?
Security Latest – Read More
PumaBot Targets Linux Devices in Latest Botnet Campaign
/in General NewsWhile the botnet may not be completely automated, it uses certain tactics when targeting devices that indicate that it may, at the very least, be semiautomated.
darkreading – Read More
Fake ChatGPT and InVideo AI Downloads Deliver Ransomware
/in General NewsCisco Talos uncovers CyberLock ransomware, Lucky_Gh0$t, and Numero malware masquerading as legitimate software and AI tool installers. Learn…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
US government sanctions tech company involved in cyber scams
/in General NewsThe Treasury said FUNNULL was involved in providing infrastructure for pig butchering crypto scams.
Security News | TechCrunch – Read More
Southeast Asian provider of ‘infrastructure laundering’ for scams is sanctioned by US
/in General NewsFunnull Technology supports “hundreds of thousands of websites” dedicated to the scams, otherwise known as pig butchering, according to the sanctions announcement by the Treasury Department’s Office of Foreign Assets Control.
The Record from Recorded Future News – Read More
Unbound Raises $4 Million to Secure Gen-AI Adoption
/in General NewsSecurity startup Unbound has raised $4 million in funding to help organizations adopt generative-AI tools securely and responsibly.
The post Unbound Raises $4 Million to Secure Gen-AI Adoption appeared first on SecurityWeek.
SecurityWeek – Read More