BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
PortSwigger Scores Hefty $112 Million Investment
/in General NewsThe British company behind the popular Burp Suite pen-test utilities has banked a massive $112 million investment from Brighton Park Capital.
The post PortSwigger Scores Hefty $112 Million Investment appeared first on SecurityWeek.
SecurityWeek – Read More
Cyber A.I. Group Announces Substantial Expansion of Acquisition Pipeline
/in General NewsPipeline Will Support Company’s Highly Proactive Buy & Build Business Model
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
3 New State-Backed Gangs Target Govt Sectors with HEAT Attack Methods
/in General NewsGlobal cyber gangs are evolving rapidly, wielding advanced techniques and enjoying state sponsorship. Menlo Security’s latest report exposes…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks
/in General NewsA trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks.
The vulnerabilities allow “any malicious actor to claim ownership over thousands of unclaimed pods and insert malicious code into many of the most popular iOS and
The Hacker News – Read More
Australian Man Arrested for “Evil Twin” Wi-Fi Scam Targeting Travelers
/in General NewsAn Australian man faces charges for setting up fake Wi-Fi networks (“evil twins”) to steal data from unsuspecting…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Do you still need to pay for antivirus software in 2024?
/in General NewsLandlines. Checkbooks. AM radio. Let’s add third-party antivirus software to the list of things you can stop using.
Latest stories for ZDNET in Security – Read More
Apple CocoaPods Bugs Expose Millions of Apps to Code Injection
/in General NewsCritical dependency manager supply chain vulnerabilities have exposed millions and millions of devices to arbitrary malware for the better part of decade.
darkreading – Read More
HubSpot Warns of Ongoing Cyberattacks Targeting Customer Accounts
/in General NewsHubSpot is “actively investigating and blocking attempts” to hack into customer accounts but some targets have already been compromised.
The post HubSpot Warns of Ongoing Cyberattacks Targeting Customer Accounts appeared first on SecurityWeek.
SecurityWeek – Read More
Hacker Conversations: Chris Evans, Hacker and CISO
/in General NewsChris Evans, CISO and chief hacking officer at HackerOne, challenges the common perception of both hackers and their motivation.
The post Hacker Conversations: Chris Evans, Hacker and CISO appeared first on SecurityWeek.
SecurityWeek – Read More
Startup Odaseva Raises $54M to Bolster Global Expansion, R&D
/in General NewsThe Series C funding will allow San Francisco-based Odaseva to provide more robust support to clients dealing with stringent data residency regulations and evolving privacy laws around the globe, according to founder and CEO Sovan Bin.
Cyware News – Latest Cyber News – Read More