BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] WP Publications WordPress Plugin 1.2 - Stored XSS
- [local] Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges
- [remote] Keras 2.15 - Remote Code Execution (RCE)
- [local] Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege
- [webapps] PivotX 3.0.0 RC3 - Remote Code Execution (RCE)
- [hardware] TOTOLINK N300RB 8.54 - Command Execution
- [webapps] SugarCRM 14.0.0 - SSRF/Code Injection
- [webapps] Langflow 1.2.x - Remote Code Execution (RCE)
- [remote] NodeJS 24.x - Path Traversal
- [remote] MikroTik RouterOS 7.19.1 - Reflected XSS
CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash
/in General NewsCrowdStrike says the Falcon sensor crash that blue-screened Windows machines was caused by a “confluence” of vulnerabilities and testing gaps.
The post CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash appeared first on SecurityWeek.
SecurityWeek – Read More
Hunters International Disguises SharpRhino RAT as Legitimate Network Admin Tool
/in General NewsThe RaaS group that distributes Hive ransomware delivers new malware impersonating as validly signed network-administration software to gain initial access and persistence on targeted networks
darkreading – Read More
INTERPOL Recovers $41 Million in Largest Ever BEC Scam in Singapore
/in General NewsINTERPOL said it devised a “global stop-payment mechanism” that helped facilitate the largest-ever recovery of funds defrauded in a business email compromise (BEC) scam.
The development comes after an unnamed commodity firm based in Singapore fell victim to a BEC scam in mid-July 2024. It refers to a type of cybercrime where a malicious actor poses as a trusted figure and uses email to
The Hacker News – Read More
Cyberattack Wipes 13,000 School Devices in Mobile Guardian Breach
/in General NewsA major cyberattack on Mobile Guardian, a leading MDM provider, resulted in the remote wiping of 13,000 devices…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Samsung Bug Bounty Program Payouts Reach $5M, Top Reward Increased to $1M
/in General NewsSamsung has paid out nearly $5 million through its bug bounty program since 2017 and the tech giant announced that the top reward has increased to $1 million.
The post Samsung Bug Bounty Program Payouts Reach $5M, Top Reward Increased to $1M appeared first on SecurityWeek.
SecurityWeek – Read More
Sneaky SnakeKeylogger Slithers Into Windows Email Inboxes
/in General NewsSnakeKeylogger, also known as KrakenKeylogger, is a malicious software targeting Windows users. It logs keystrokes, steals credentials, and takes screenshots, allowing cybercriminals to capture sensitive information.
Cyware News – Latest Cyber News – Read More
Bloody Wolf Strikes Organizations in Kazakhstan with STRRAT Commercial Malware
/in General NewsThe STRRAT malware, sold for $80, allows attackers to take control of computers and steal data. Attackers use phishing emails pretending to be from government agencies to trick victims into downloading malicious files.
Cyware News – Latest Cyber News – Read More
French Museum Network Hit by Ransomware Attack, but No Disruptions Are Reported at Olympic Events
/in General NewsA ransomware attack targeted the central data systems of Paris’ Grand Palais and other museums in the Réunion des Musées Nationaux network.
The post French Museum Network Hit by Ransomware Attack, but No Disruptions Are Reported at Olympic Events appeared first on SecurityWeek.
SecurityWeek – Read More
Cyberattack Cost More Than $17 Million, Key Tronic Tells Regulators
/in General NewsKey Tronic revealed to regulators that a cyberattack in May 2024 cost the company over $17 million. The attack led to a shutdown of operations in Mexico and the U.S. for two weeks.
Cyware News – Latest Cyber News – Read More
Preparing for the Future of Post-Quantum Cryptography
/in General NewsThe AI boom and increasing popularity of quantum computing necessitates quantum-resilient security.
darkreading – Read More