BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Data Security Firm Cyberhaven Raises $88 Million at $488 Million Valuation
/in General NewsData security company Cyberhaven has raised $88 million in a Series C funding round that brings the total to $136 million.
The post Data Security Firm Cyberhaven Raises $88 Million at $488 Million Valuation appeared first on SecurityWeek.
SecurityWeek – Read More
Medical-Targeted Ransomware Is Breaking Records After Change Healthcare’s $22M Payout
/in General NewsCybersecurity firm Recorded Future counted 44 health-care-related incidents in the month after Change Healthcare’s payment came to light—the most it’s ever seen in a single month.
Security Latest – Read More
GitHub Paid Out Over $4 Million via Bug Bounty Program
/in General NewsThe code hosting platform GitHub has paid out more than $4 million since the launch of its bug bounty program 10 years ago.
The post GitHub Paid Out Over $4 Million via Bug Bounty Program appeared first on SecurityWeek.
SecurityWeek – Read More
6 Best VPNs for Australia in 2024
/in General NewsWhat’s the best VPN to use in Australia? Discover the pricing, features, pros and cons of our recommended VPNs for Australia.
Security | TechRepublic – Read More
When Vendors Overstep – Identifying the AI You Don’t Need
/in General NewsAI models are nothing without vast data sets to train them and vendors will be increasingly tempted to harvest as much data as they can and answer any questions later.
The post When Vendors Overstep – Identifying the AI You Don’t Need appeared first on SecurityWeek.
SecurityWeek – Read More
New Phishing Campaign Deploys WARMCOOKIE Backdoor Targeting Job Seekers
/in General NewsCybersecurity researchers have disclosed details of an ongoing phishing campaign that leverages recruiting- and job-themed lures to deliver a Windows-based backdoor named WARMCOOKIE.
“WARMCOOKIE appears to be an initial backdoor tool used to scout out victim networks and deploy additional payloads,” Elastic Security Labs researcher Daniel Stepanic said in a new analysis. “Each sample is compiled
The Hacker News – Read More
China-Backed Hackers Exploit Fortinet Flaw, Infecting 20,000 Systems Globally
/in General NewsState-sponsored threat actors backed by China gained access to 20,000 Fortinet FortiGate systems worldwide by exploiting a known critical security flaw between 2022 and 2023, indicating that the operation had a broader impact than previously known.
“The state actor behind this campaign was already aware of this vulnerability in FortiGate systems at least two months before Fortinet disclosed the
The Hacker News – Read More
Facebook, Meta, Apple, Amazon Most Impersonated in Phishing Scams
/in General NewsFeeling phished? Don’t be a victim! Learn from Mailsuite’s research which popular brands scammers impersonate the most (including surprising ones!) and how to identify these cunning attacks.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
RansomHub Brings Scattered Spider Into Its RaaS Fold
/in General NewsThe threat group behind breaches at Caesars and MGM moves its business over to a different ransomware-as-a-service operation.
darkreading – Read More
Chrome 126, Firefox 127 Patch High-Severity Vulnerabilities
/in General NewsGoogle and Mozilla have released patches for 21 and 15 vulnerabilities in Chrome and Firefox, respectively.
The post Chrome 126, Firefox 127 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More