BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] CrushFTP 11.3.1 - Authentication Bypass
- [remote] Invision Community 5.0.6 - Remote Code Execution (RCE)
- [local] Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
Android Malware Poses as WhatsApp, Instagram, Snapchat to Steal Data
/in General NewsBy Deeba Ahmed
Android Security Alert- Hackers are disguising malware as popular apps like Instagram and Snapchat to steal your login details. Learn how to identify fake apps and protect yourself from this sneaky cyberattack.
This is a post from HackRead.com Read the original post: Android Malware Poses as WhatsApp, Instagram, Snapchat to Steal Data
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Adobe Patches Critical Flaws in Reader, Acrobat
/in General NewsAdobe documents multiple code execution flaws in a wide range of products, including the widely deployed Adobe Acrobat and Reader software.
The post Adobe Patches Critical Flaws in Reader, Acrobat appeared first on SecurityWeek.
SecurityWeek – Read More
Insider Threats Maintain a Rising Trend
/in General NewsInsider threats, including dishonest actions to obtain benefits through theft or deception, have seen a significant rise in the past year, driven by factors like rising cost of living, remote work, and the increasing sophistication of fraud tactics.
Cyware News – Latest Cyber News – Read More
New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation
/in General NewsGoogle on Monday shipped emergency fixes to address a new zero-day flaw in the Chrome web browser that has come under active exploitation in the wild.
The high-severity vulnerability, tracked as CVE-2024-4761, is an out-of-bounds write bug impacting the V8 JavaScript and WebAssembly engine. It was reported anonymously on May 9, 2024.
Out-of-bounds write bugs could be typically
The Hacker News – Read More
Southeast Asian Scam Syndicates Stealing $64 Billion Annually, Researchers Find
/in General NewsResearchers have found that Southeast Asian scam syndicates are stealing an estimated $64 billion annually through various online fraud operations, with the majority of the losses occurring in Cambodia, Laos, and Myanmar.
Cyware News – Latest Cyber News – Read More
DNS Tunneling Used for Stealthy Scans and Email Tracking
/in General NewsBy Deeba Ahmed
Hackers are hiding malicious messages in everyday internet traffic! Learn how DNS tunneling works and how to protect yourself from this sneaky cyberattack. Stop hackers from scanning your network and tracking your clicks.
This is a post from HackRead.com Read the original post: DNS Tunneling Used for Stealthy Scans and Email Tracking
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Google Chrome Emergency Update Fixes Sixth Zero-Day Exploited in 2024
/in General NewsThe latest bug is tracked as CVE-2024-4761. It is an out-of-bounds write problem impacting Chrome’s V8 JavaScript engine, which is responsible for executing JS code in the application.
Cyware News – Latest Cyber News – Read More
Cyber Insurers Pledge to Help Reduce Ransom Payments
/in General NewsThe UK’s NCSC and major insurance associations have partnered to help reduce the profitability of ransomware attacks by providing better support and guidance to victims, encouraging resilience, and promoting alternatives to paying ransoms.
Cyware News – Latest Cyber News – Read More
VMware Patches Vulnerabilities Exploited at Pwn2Own 2024
/in General NewsVMware has patched three vulnerabilities exploited earlier this year at the Pwn2Own hacking competition.
The post VMware Patches Vulnerabilities Exploited at Pwn2Own 2024 appeared first on SecurityWeek.
SecurityWeek – Read More
DNS Tunneling Abuse Expands to Tracking & Scanning Victims
/in General NewsSeveral campaigns are leveraging the evasive tactic to provide useful insights into victims’ online activities and find new ways to compromise organizations.
darkreading – Read More