BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] CrushFTP 11.3.1 - Authentication Bypass
- [remote] Invision Community 5.0.6 - Remote Code Execution (RCE)
- [local] Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
The Future of Phishing Email Training for Employees in Cybersecurity
/in General NewsBy Waqas
Discover the future of phishing email training, including personalized simulations, gamification, AI, and realistic scenarios. Empower your employees to combat evolving cyber threats and protect your organization.
This is a post from HackRead.com Read the original post: The Future of Phishing Email Training for Employees in Cybersecurity
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
FBI Warns of Gift Card Fraud Ring Targeting Retail Companies
/in General NewsThe FBI has issued a warning about a hacking group named Storm-0539 targeting retail companies in the United States through phishing attacks on employees in gift card departments.
Cyware News – Latest Cyber News – Read More
Pktstat: Open-Source Ethernet Interface Traffic Monitor
/in General NewsPktstat is an open-source tool that is a straightforward alternative to ncurses-based Pktstat. On Linux, it utilizes AF_PACKET, while on other platforms, it employs generic PCAP live wire capture.
Cyware News – Latest Cyber News – Read More
F5 Patches Dangerous Vulnerabilities in BIG-IP Next Central Manager
/in General NewsF5 has patched two potentially serious vulnerabilities in BIG-IP Next that could allow an attacker to take full control of a device.
The post F5 Patches Dangerous Vulnerabilities in BIG-IP Next Central Manager appeared first on SecurityWeek.
SecurityWeek – Read More
Report Shows AI Fraud, Deepfakes are Top Challenges for Banks
/in General NewsA report by Mitek Systems reveals that banks are facing a significant challenge with fraud, including traditional issues like money laundering and account takeover, as well as newer threats such as AI-generated fraud and deepfakes.
Cyware News – Latest Cyber News – Read More
Ransomware Criminals SIM Swap Executives’ Kids to Pressure Parents
/in General NewsRansomware infections have morphed into “a psychological attack against the victim organization,” as criminals use increasingly personal and aggressive tactics to force victims to pay up, according to Google-owned Mandiant.
Cyware News – Latest Cyber News – Read More
RSA Conference 2024 – Announcements Summary (Day 3)
/in General NewsHundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
The post RSA Conference 2024 – Announcements Summary (Day 3) appeared first on SecurityWeek.
SecurityWeek – Read More
Two-Thirds of Organizations Failing to Address AI Risks, ISACA Finds
/in General NewsOnly a third of organizations are adequately addressing security, privacy and ethical risks with AI, despite surging use of these technologies in the workplace, according to new ISACA research.
Cyware News – Latest Cyber News – Read More
Veeam Fixes RCE Flaw in Backup Management Platform
/in General NewsThe vulnerability exists due to an unsafe deserialization method used by the Veeam Service Provider Console (VSPC) server during communication between the management agent and its components.
Cyware News – Latest Cyber News – Read More
US Advances on Cyber Goals Amid Rapidly Changing Threat Environment, White House Says
/in General NewsDespite the progress in improving cybersecurity posture, the United States still faces various threats, including ransomware attacks, cyberattacks on critical infrastructure, and the growing use of artificial intelligence in malicious activities.
Cyware News – Latest Cyber News – Read More