BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] CrushFTP 11.3.1 - Authentication Bypass
- [remote] Invision Community 5.0.6 - Remote Code Execution (RCE)
- [local] Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
Dark Web Malware Logs Expose 3,300 Users Linked to Child Abuse Sites
/in General NewsAn analysis of information-stealing malware logs published on the dark web has led to the discovery of thousands of consumers of child sexual abuse material (CSAM), indicating how such information could be used to combat serious crimes.
“Approximately 3,300 unique users were found with accounts on known CSAM sources,” Recorded Future said in a proof-of-concept (PoC) report published last week. ”
The Hacker News – Read More
New Ransomware-as-a-Service ‘Eldorado’ Targets Windows and Linux Systems
/in General NewsAn emerging ransomware-as-a-service (RaaS) operation called Eldorado comes with locker variants to encrypt files on Windows and Linux systems.
Eldorado first appeared on March 16, 2024, when an advertisement for the affiliate program was posted on the ransomware forum RAMP, Singapore-headquartered Group-IB said.
The cybersecurity firm, which infiltrated the ransomware group, noted that its
The Hacker News – Read More
Apple Removes VPN Apps from Russian App Store as Censorship Tightens
/in General NewsApple removes popular VPNs from Russia’s App Store following government pressure. This move restricts access to free and…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Hacked Ethereum Foundation Account Used to Send 35,000 Phishing Emails
/in General NewsA threat actor sent over 35,000 phishing emails after hacking into Ethereum Foundation’s account on a mailing list platform.
The post Hacked Ethereum Foundation Account Used to Send 35,000 Phishing Emails appeared first on SecurityWeek.
SecurityWeek – Read More
5 Ways to Run Security as a Meritocracy
/in General NewsActions speak louder than words. Here are five tips for encouraging a security culture based on achievements.
darkreading – Read More
Indian Government Issues Serious Warning on Phishing Scams Alleging Sexual Offenses
/in General NewsThe emails falsely accuse recipients of sexual offences, using names and seals of authorities to appear authentic. Citizens are advised not to respond to such emails and report them to authorities.
Cyware News – Latest Cyber News – Read More
Kaspersky Flags Cyberespionage APT ‘CloudSorcerer’ Targeting Russian Government
/in General NewsKaspersky said the CloudSorcerer APT has been abusing public cloud services to exfiltrate data from Russian government entities.
The post Kaspersky Flags Cyberespionage APT ‘CloudSorcerer’ Targeting Russian Government appeared first on SecurityWeek.
SecurityWeek – Read More
AI SPERA Partners with Devcons to Expand ‘Criminal IP’ into the Middle Eastern Market
/in General NewsTorrance, United States / California, 8th July 2024, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Deconstructing Security Assumptions to Ensure Future Resilience
/in General NewsBy breaking down fundamental assumptions, we can proactively plan for, and begin to achieve, future resilience.
darkreading – Read More
Supreme Court Ruling Threatens the Framework of Cybersecurity Regulation
/in General NewsThe Supreme Court’s striking down of the Chevron Doctrine will have a major effect on the determination and enforcement of cyber regulation in the US.
The post Supreme Court Ruling Threatens the Framework of Cybersecurity Regulation appeared first on SecurityWeek.
SecurityWeek – Read More