BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Ukraine Police Arrest Suspect Linked to LockBit and Conti Ransomware Groups
/in General NewsThe Cyber Police of Ukraine has announced the arrest of a local man who is suspected to have offered their services to LockBit and Conti ransomware groups.
The unnamed 28-year-old native of the Kharkiv region allegedly specialized in the development of crypters to encrypt and obfuscate malicious payloads in order to evade detection by security programs.
The product is believed to have been
The Hacker News – Read More
City of Cleveland Scrambling to Restore Systems Following Cyberattack
/in General NewsThe City of Cleveland says emergency services, utilities, and airport are unaffected by a recent cyberattack.
The post City of Cleveland Scrambling to Restore Systems Following Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More
Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day
/in General NewsGoogle has warned that a security flaw impacting Pixel Firmware has been exploited in the wild as a zero-day.
The high-severity vulnerability, tagged as CVE-2024-32896, has been described as an elevation of privilege issue in Pixel Firmware.
The company did not share any additional details related to the nature of attacks exploiting it, but noted “there are indications that CVE-2024-32896 may be
The Hacker News – Read More
New Cross-Platform Malware ‘Noodle RAT’ Targets Windows and Linux Systems
/in General NewsA previously undocumented cross-platform malware codenamed Noodle RAT has been put to use by Chinese-speaking threat actors either for espionage or cybercrime for years.
While this backdoor was previously categorized as a variant of Gh0st RAT and Rekoobe, Trend Micro security researcher Hara Hiroaki said “this backdoor is not merely a variant of existing malware, but is a new type altogether.”
The Hacker News – Read More
Rockwell’s ICS Directive Comes As Critical Infrastructure Risk Peaks
/in General NewsCritical infrastructure is facing increasingly disruptive threats to physical processes, while thousands of devices are online with weak authentication and riddled with exploitable bugs.
darkreading – Read More
Scores of Biometrics Bugs Emerge, Highlighting Authentication Risks
/in General NewsFace scans stored like passwords inevitably will be compromised, like passwords are. But there’s a crucial difference between the two that organizations can rely on when their manufacturers fail.
darkreading – Read More
Cleveland City Hall Shuts Down After Cyber Incident
/in General NewsAs city officials continue to investigate, it’s unclear which systems were affected and whether it was a ransomware attack.
darkreading – Read More
Ukraine Arrests Cryptor Specialist Aiding Conti and LockBit Ransomware
/in General NewsUkrainian Police have arrested a ransomware cryptor developer in connection with the notorious Conti and LockBit groups. This arrest was the result of Operation Endgame, a major operation that aims to dismantle key elements of these cybercriminal organizations.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Mandiant Report: Snowflake Users Targeted for Data Theft and Extortion
/in General NewsA threat actor exploited the Snowflake platform to target organizations for data theft and extortion using compromised credentials. Learn how to protect your business from this threat.
Security | TechRepublic – Read More
LockBit & Conti Ransomware Hacker Busted in Ukraine
/in General NewsAccused cybercriminal has special skills that helped Conti and LockBit ransomware evade detection, according to law enforcement.
darkreading – Read More