BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] CrushFTP 11.3.1 - Authentication Bypass
- [remote] Invision Community 5.0.6 - Remote Code Execution (RCE)
- [local] Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
Brothers Arrested for $25 Million Theft in Ethereum Blockchain Attack
/in General NewsTwo brothers, Anton Peraire-Bueno and James Pepaire-Bueno, were arrested for allegedly manipulating the Ethereum blockchain and stealing $25 million worth of cryptocurrency within approximately 12 seconds in a “first-of-its-kind” scheme.
Cyware News – Latest Cyber News – Read More
New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks
/in General NewsResearchers have discovered a new security vulnerability stemming from a design flaw in the IEEE 802.11 Wi-Fi standard that tricks victims into connecting to a less secure wireless network and eavesdrop on their network traffic.
The SSID Confusion attack, tracked as CVE-2023-52424, impacts all operating systems and Wi-Fi clients, including home and mesh networks that are based on
The Hacker News – Read More
Shadow IT: Personal GitHub Repos Expose Employee Cloud Secrets
/in General NewsBy Deeba Ahmed
Alerted by a recent discovery of employee personal GitHub repos exposing internal Azure and Red Hat secrets, this article dives into the dangers of Shadow IT and offers solutions to prevent cloud credential leaks and secure your cloud environment.
This is a post from HackRead.com Read the original post: Shadow IT: Personal GitHub Repos Expose Employee Cloud Secrets
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Google patches another zero-day exploit in Chrome – and this one affects Edge too
/in General NewsHere’s what Chrome and Edge users need to know – and do – now.
Latest stories for ZDNET in Security – Read More
UK: NCSC to Defend ‘High-Risk’ Political Candidates from Cyberattacks
/in General NewsThe Personal Internet Protection (PIP) service aims to provide an additional layer of security to individuals at “high-risk” of cyberattacks like spear-phishing, malware and other threats, ahead of the upcoming election year.
Cyware News – Latest Cyber News – Read More
Palo Alto Networks is Buying Security Assets From IBM to Expand Customer Base
/in General NewsPalo Alto Networks is acquiring IBM’s QRadar cloud security software assets and migrating existing customers to its own Cortex XSIAM platform, as part of a broader partnership that will give Palo Alto access to consultants and a larger customer base.
Cyware News – Latest Cyber News – Read More
North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign
/in General NewsThe North Korea-linked Kimsuky hacking group has been attributed to a new social engineering attack that employs fictitious Facebook accounts to targets via Messenger and ultimately delivers malware.
“The threat actor created a Facebook account with a fake identity disguised as a public official working in the North Korean human rights field,” South Korean cybersecurity company Genians
The Hacker News – Read More
Android to Add New Anti-Theft and Data Protection Features
/in General NewsGoogle is adding new anti-theft and data protection features for Android, including AI-powered screen locks, remote locking, and improved factory reset protection to secure users’ data if devices are lost or stolen.
Cyware News – Latest Cyber News – Read More
Alkira Raises $100 Million for Secure Network Infrastructure Platform
/in General NewsNetwork infrastructure as-a-service Alkira has raised $100 million in a Series C funding round led by Tiger Global Management.
The post Alkira Raises $100 Million for Secure Network Infrastructure Platform appeared first on SecurityWeek.
SecurityWeek – Read More
FCC Reveals ‘Royal Tiger’ Robocall Campaign
/in General NewsIn a first-ever move, the commission’s enforcement bureau has high hopes that official classification will allow law enforcement partners to better combat these kinds of threats.
darkreading – Read More