BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Maryam - Open-source Intelligence(OSINT) Framework
- TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog
- PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data
- Wappalyzer-Next - Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies
- Telegram-Checker - A Python Tool For Checking Telegram Accounts Via Phone Numbers Or Usernames
- Torward - An Improved Version Based On The Torghost-Gn And Darktor Scripts, Designed To Enhance Anonymity On The Internet
- Instagram-Brute-Force-2024 - Instagram Brute Force 2024 Compatible With Python 3.13 / X64 Bit / Only Chrome Browser
- QuickResponseC2 - A Command & Control Server That Leverages QR Codes To Send Commands And Receive Results From Remote Systems
- Telegram-Scraper - A Powerful Python Script That Allows You To Scrape Messages And Media From Telegram Channels Using The Telethon Library
- Moukthar - Android Remote Administration Tool
Exploit DB
- [webapps] FoxCMS 1.2.5 - Remote Code Execution (RCE)
- [webapps] Drupal 11.x-dev - Full Path Disclosure
- [webapps] Apache Commons Text 1.10.0 - Remote Code Execution
- [webapps] Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
- [webapps] Tatsu 3.3.11 - Unauthenticated RCE
- [remote] Langflow 1.3.0 - Remote Code Execution (RCE)
- [webapps] UJCMS 9.6.3 - User Enumeration via IDOR
- [webapps] Inventio Lite 4 - SQL Injection
- [webapps] KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
- [hardware] ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution
“Linguistic Lumberjack” Vulnerability Discovered in Popular Logging Utility Fluent Bit
/in General NewsCybersecurity researchers have discovered a critical security flaw in a popular logging and metrics utility called Fluent Bit that could be exploited to achieve denial-of-service (DoS), information disclosure, or remote code execution.
The vulnerability, tracked as CVE-2024-4323, has been codenamed Linguistic Lumberjack by Tenable Research. It impacts versions from 2.0.7 through
The Hacker News – Read More
DoJ Shakes Up North Korea's Widespread IT Freelance Scam Operation
/in General NewsFraudsters based in the US and Europe indicted for helping North Korea’s nation-state groups establish fake freelancer identities and evade sanctions.
darkreading – Read More
Google Pitches Workspace as Microsoft Email Alternative, Citing CSRB Report
/in General NewsThe new Secure Alternative Program from Google aims to entice customers away from Exchange Online and break Microsoft’s dominance in enterprise.
darkreading – Read More
HP Catches Cybercriminals 'Cat-Phishing' Users
/in General NewsPost Content
darkreading – Read More
Data Breach Response Provider, CyEx, Acquires Settlement Administrator, Simpluris Inc.
/in General NewsPost Content
darkreading – Read More
Deepfakes Rank As the Second Most Common Cybersecurity Incident for US Businesses
/in General NewsPost Content
darkreading – Read More
CyberArk Picks Up Machine Identity Manager Venafi For $1.54B
/in General NewsThe acquisition gives CyberArk new IoT identity and certificate lifecycle management, cryptographic code-signing, and other services to secure the enterprise cloud.
darkreading – Read More
How micro1’s AI interviewer could make tech hiring more efficient and fair
/in General NewsMicro1 launches AI-powered technical interviewer to help companies efficiently screen software engineering candidates, generating custom questions, conducting interviews, and providing assessment reports.Read More
Security News | VentureBeat – Read More
NRECA Receives $4M in DOE Funding to Boost Electric Co-op Cybersecurity Preparedness
/in General NewsPost Content
darkreading – Read More
Critical Bug Allows DoS, RCE, Data Leaks in All Major Cloud Platforms
/in General NewsAn on-by-default endpoint in ubiquitous logging service Fluent Bit contains an oversight that hackers can toy with to rattle most any cloud environment.
darkreading – Read More