BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Discourse 3.2.x - Anonymous Cache Poisoning
- [remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)
- [remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
- [local] Sudo chroot 1.9.17 - Local Privilege Escalation
- [local] Sudo 1.9.17 Host Option - Elevation of Privilege
- [remote] Microsoft Outlook - Remote Code Execution (RCE)
- [webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover
- [local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
ChatGPT o3 Resists Shutdown Despite Instructions, Study Claims
/in General NewsChatGPT o3 resists shutdown despite explicit instructions, raising fresh concerns over AI safety, alignment, and reinforcement learning behaviors.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Adidas Falls Victim to Third-Party Data Breach
/in General NewsThough Adidas said that no payment or financial information was affected in the breach, individuals who contacted the compamy’s customer service help desk were impacted.
darkreading – Read More
DragonForce Ransomware Strikes MSP in Supply Chain Attack
/in General NewsDragonForce, a ransomware “cartel” that has gained significant popularity since its debut in 2023, attacked an MSP as part of a recent supply chain attack, via known SimpleHelp bugs.
darkreading – Read More
Iranian pleads guilty to launching Baltimore ransomware attack, faces 30 years behind bars
/in General NewsSina Gholinejad admitted to using the Robbinhood ransomware variant to extort ransom payments from dozens of victims.
The Record from Recorded Future News – Read More
Iranian Man Pleads Guilty to Role in Baltimore Ransomware Attack
/in General NewsSina Gholinejad pleaded guilty to computer-fraud and wire-fraud-conspiracy charges linked to the Robbinhood ransomware hit on Baltimore.
The post Iranian Man Pleads Guilty to Role in Baltimore Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Russian hospital programmer gets 14 years for leaking soldier data to Ukraine
/in General NewsA Russian court sentenced a former hospital programmer to 14 years in a high-security penal colony for allegedly leaking personal data of Russian soldiers to Ukraine, authorities said.
The Record from Recorded Future News – Read More
Lock down your data and save 20% on this encrypted Kingston portable SSD
/in General NewsThe Kingston IronKey Vault Privacy 80 features real-time AES-256 bit encryption, dual read-only modes, and password protection. The 2TB version is on sale right now at B&H Photo.
Latest stories for ZDNET in Security – Read More
Nearly 70,000 impacted by ransomware attack on Sheboygan, Wisconsin
/in General NewsThe city filed breach notification letters with regulators seven months after a ransomware gang accessed systems.
The Record from Recorded Future News – Read More
China accuses Taiwan-linked group of cyberattack on local tech company
/in General NewsAccording to police in Guangzhou, the group — allegedly linked to Taiwan’s ruling Democratic Progressive Party (DPP) — has targeted more than 1,000 key networks in over 10 Chinese provinces.
The Record from Recorded Future News – Read More
Danabot Takedown Deals Blow to Russian Cybercrime
/in General NewsA multiyear investigation by a public-private partnership has resulted in the seizure of the botnet’s US-based infrastructure and indictments for its key players, significantly disrupting a vast cybercriminal enterprise.
darkreading – Read More