BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover
- [remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)
- [remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
- [local] Sudo chroot 1.9.17 - Local Privilege Escalation
- [local] Sudo 1.9.17 Host Option - Elevation of Privilege
- [local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
- [webapps] Discourse 3.2.x - Anonymous Cache Poisoning
- [remote] Microsoft Outlook - Remote Code Execution (RCE)
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
TeamViewer Says Russia’s ‘Cozy Bear’ Hackers Attacked Corporate IT System
/in General NewsRemote access solution provider TeamViewer confirmed that the Russian hacking group APT29 breached its corporate IT environment. The hack on TeamViewer was traced back to an employee account.
Cyware News – Latest Cyber News – Read More
Google Offering $250,000 for Full VM Escape in New KVM Bug Bounty Program
/in General NewsGoogle has announced a new KVM bug bounty program named kvmCTF with rewards of up to $250,000 for a full VM escape.
The post Google Offering $250,000 for Full VM Escape in New KVM Bug Bounty Program appeared first on SecurityWeek.
SecurityWeek – Read More
Thinking About Security, Fast & Slow
/in General NewsTo be effective, managing risk demands both fast responses and strategic thinking.
darkreading – Read More
Name That Edge Toon: Cyber Cloudburst
/in General NewsFeeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
darkreading – Read More
Landmark Admin Discloses Data Breach Impacting Personal, Medical Information
/in General NewsLife insurance company Landmark Admin says personal, medical, and insurance information was compromised in a May data breach.
The post Landmark Admin Discloses Data Breach Impacting Personal, Medical Information appeared first on SecurityWeek.
SecurityWeek – Read More
Apple’s AI Moves Will Impact Future Chip, Cloud Security Plans
/in General NewsAnalysts say Apple’s black-box approach provides a blueprint for rival chip makers and cloud providers.
darkreading – Read More
Indian Software Firm’s Products Hacked to Spread Data-Stealing Malware
/in General NewsInstallers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware.
The installers correspond to Notezilla, RecentX, and Copywhiz, according to cybersecurity firm Rapid7, which discovered the supply chain compromise on June 18, 2024. The issue has since been remediated by Conceptworld as of June 24
The Hacker News – Read More
Multiple Vulnerabilities Found in Gas Chromatographs
/in General NewsMultiple critical vulnerabilities have been discovered in Emerson gas chromatographs, which could potentially enable unauthorized access to sensitive data, cause denial-of-service attacks, and execute arbitrary commands.
Cyware News – Latest Cyber News – Read More
CapraRAT Spyware Disguised as Popular Apps Threatens Android Users
/in General NewsThe threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest.
“These APKs continue the group’s trend of embedding spyware into curated video browsing applications, with a new expansion targeting mobile gamers, weapons enthusiasts, and TikTok fans,” SentinelOne security researcher Alex
The Hacker News – Read More
Report: 75% of New Vulnerabilities Exploited Within 19 Days
/in General NewsLast year, Skybox Security reported that there were over 30,000 new vulnerabilities, with a new vulnerability emerging every 17 minutes on average. This amounts to around 600 new vulnerabilities per week.
Cyware News – Latest Cyber News – Read More