BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog
- PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data
- Wappalyzer-Next - Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies
- Telegram-Checker - A Python Tool For Checking Telegram Accounts Via Phone Numbers Or Usernames
- Torward - An Improved Version Based On The Torghost-Gn And Darktor Scripts, Designed To Enhance Anonymity On The Internet
- Instagram-Brute-Force-2024 - Instagram Brute Force 2024 Compatible With Python 3.13 / X64 Bit / Only Chrome Browser
- QuickResponseC2 - A Command & Control Server That Leverages QR Codes To Send Commands And Receive Results From Remote Systems
- Telegram-Scraper - A Powerful Python Script That Allows You To Scrape Messages And Media From Telegram Channels Using The Telethon Library
- Moukthar - Android Remote Administration Tool
- Lobo Guará - Cyber Threat Intelligence Platform
Exploit DB
- [webapps] KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
- [webapps] Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
- [webapps] Tatsu 3.3.11 - Unauthenticated RCE
- [webapps] Apache Commons Text 1.10.0 - Remote Code Execution
- [webapps] Inventio Lite 4 - SQL Injection
- [webapps] UJCMS 9.6.3 - User Enumeration via IDOR
- [remote] Langflow 1.3.0 - Remote Code Execution (RCE)
- [webapps] Angular-Base64-Upload Library 0.1.21 - Unauthenticated Remote Code Execution (RCE)
- [hardware] ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution
- [remote] TP-Link VN020 F3v(T) TT_V6.2.1021 - Denial Of Service (DOS)
New ‘Antidot’ Android Trojan Allows Cybercriminals to Hack Devices, Steal Data
/in General NewsThe Antidot Android banking trojan snoops on users and steals their credentials, contacts, and SMS messages.
The post New ‘Antidot’ Android Trojan Allows Cybercriminals to Hack Devices, Steal Data appeared first on SecurityWeek.
SecurityWeek – Read More
Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks
/in General NewsThe Kimsuky (aka Springtail) advanced persistent threat (APT) group, which is linked to North Korea’s Reconnaissance General Bureau (RGB), has been observed deploying a Linux version of its GoBear backdoor as part of a campaign targeting South Korean organizations.
The backdoor, codenamed Gomir, is “structurally almost identical to GoBear, with extensive sharing of code between
The Hacker News – Read More
Cybersecurity Analysis Exposes High-Risk Assets in Power and Healthcare Sectors
/in General NewsTraditional approaches to vulnerability management result in a narrow focus of the enterprise attack surface area that overlooks a considerable amount of risk, according to Claroty.
Cyware News – Latest Cyber News – Read More
GhostSec Announces Shift in Operations from Ransomware to Hacktivism
/in General NewsThe cybercriminal group GhostSec has shifted from ransomware to hacktivism, stating they’ve gathered enough funds and will now focus on promoting social and political agendas through hacking.
Cyware News – Latest Cyber News – Read More
Woman Accused of Helping North Korean IT Workers Infiltrate Hundreds of US Firms
/in General NewsThe US government has announced charges, seizures, arrests and rewards as part of an effort to disrupt a scheme that generates revenue for North Korea.
The post Woman Accused of Helping North Korean IT Workers Infiltrate Hundreds of US Firms appeared first on SecurityWeek.
SecurityWeek – Read More
Unsafe Software Development Practices Persist, Despite CISA’s Push
/in General NewsDespite repeated efforts by the CISA to eliminate common software vulnerabilities, unsafe software development practices continue to persist across the industry, highlighting the challenges in driving change in coding practices.
Cyware News – Latest Cyber News – Read More
Restore Damaged Files & Save Your Business for Only $50
/in General NewsRegardless of how badly your files, or their formats, are damaged, EaseUS Fixo can restore your office files, videos and photos, even in batches. Get a lifetime subscription for $49.99 at TechRepublic Academy.
Security | TechRepublic – Read More
C/side Emerges From Stealth Mode With $1.7 Million Investment
/in General NewsC/side has emerged from stealth mode with $1.7 million in pre-seed funding from Scribble Ventures and angel investors
The post C/side Emerges From Stealth Mode With $1.7 Million Investment appeared first on SecurityWeek.
SecurityWeek – Read More
Us Offers $5 Million for Info on North Korean IT Workers Involved in Job Fraud
/in General NewsThe U.S. government is offering a $5 million reward for information on a network of North Korean IT workers who allegedly scammed U.S. companies out of nearly $7 million through a job fraud scheme.
Cyware News – Latest Cyber News – Read More
Threat Actors Misusing Quick Assist in Social Engineering Attacks Leading to Ransomware
/in General NewsCybercriminals are exploiting Microsoft’s Quick Assist tool to conduct social engineering attacks and deliver ransomware like Black Basta to target users across various industries.
Cyware News – Latest Cyber News – Read More