BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Cisco Live 2024: Cisco Unveils AI Deployment Solution With NVIDIA
/in General NewsA $1 billion commitment will send Cisco money to Cohere, Mistral AI and Scale AI.
Security | TechRepublic – Read More
Russian Power Companies, IT Firms, and Govt Agencies Hit by Decoy Dog Trojan
/in General NewsRussian organizations are at the receiving end of cyber attacks that have been found to deliver a Windows version of a malware called Decoy Dog.
Cybersecurity company Positive Technologies is tracking the activity cluster under the name Operation Lahat, attributing it to an advanced persistent threat (APT) group called HellHounds.
“The Hellhounds group compromises organizations they select and
The Hacker News – Read More
This Hacker Tool Extracts All the Data Collected by Windows’ New Recall AI
/in General NewsWindows Recall takes a screenshot every five seconds. Cybersecurity researchers say the system is simple to abuse—and one ethical hacker has already built a tool to show how easy it really is.
Security Latest – Read More
Ukraine Hit by Cobalt Strike Campaign Using Malicious Excel Files
/in General NewsBeware Macro! Ukrainian users and cyberinfrastructure are being hit by a new malware campaign in which hackers are…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
NIST Commits to Plan to Resume NVD Work
/in General NewsThe agency aims to burn down the backlog of vulnerabilities waiting to be added to the National Vulnerabilities Database via additional funding, third-party contract, and partnership with CISA.
darkreading – Read More
Telerik Report Server Flaw Could Let Attackers Create Rogue Admin Accounts
/in General NewsProgress Software has rolled out updates to address a critical security flaw impacting the Telerik Report Server that could be potentially exploited by a remote attacker to bypass authentication and create rogue administrator users.
The issue, tracked as CVE-2024-4358, carries a CVSS score of 9.8 out of a maximum of 10.0.
“In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or
The Hacker News – Read More
Cox Biz Auth-Bypass Bug Exposes Millions of Devices to Takeover
/in General NewsThe US broadband provider fixed an issue that allowed attackers to gain access to business customers’ modems, and then access info and execute commands with the same permissions of an ISP support team.
darkreading – Read More
ISC2 Provides Opportunity for Employers to Connect With Cybersecurity Job Seekers
/in General NewsPost Content
darkreading – Read More
Perfecting the Proactive Security Playbook
/in General NewsIt’s more important than ever for organizations to prepare themselves and their cybersecurity postures against known and unknown threats.
darkreading – Read More
Details of Atlassian Confluence RCE Vulnerability Disclosed
/in General NewsSonicWall has shared technical details on a recently addressed high-severity remote code execution flaw in Confluence.
The post Details of Atlassian Confluence RCE Vulnerability Disclosed appeared first on SecurityWeek.
SecurityWeek – Read More