BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine
/in General NewsA new sophisticated cyber attack has been observed targeting endpoints geolocated to Ukraine with an aim to deploy Cobalt Strike and seize control of the compromised hosts.
The attack chain, per Fortinet FortiGuard Labs, involves a Microsoft Excel file that carries an embedded VBA macro to initiate the infection,
“The attacker uses a multi-stage malware strategy to deliver the notorious ‘Cobalt
The Hacker News – Read More
6 Best VPNs for the UK in 2024
/in General NewsVPN capabilities and performance levels differ from place to place. Which VPNs are best for U.K. users and expats?
Security | TechRepublic – Read More
Ransomware Group Claims Cyberattack on Frontier Communications
/in General NewsThe RansomHub ransomware group claims to have stolen the information of over 2 million Frontier Communications customers.
The post Ransomware Group Claims Cyberattack on Frontier Communications appeared first on SecurityWeek.
SecurityWeek – Read More
Snowflake Warns: Targeted Credential Theft Campaign Hits Cloud Customers
/in General NewsCloud computing and analytics company Snowflake said a “limited number” of its customers have been singled out as part of a targeted campaign.
“We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform,” the company said in a joint statement along with CrowdStrike and Google-owned Mandiant.
“We have not identified
The Hacker News – Read More
AI Is Your Coworker Now. Can You Trust It?
/in General NewsGenerative AI tools such as OpenAI’s ChatGPT and Microsoft’s Copilot are becoming part of everyday business life. But they come with privacy and security considerations you should know about.
Security Latest – Read More
Inside the Biggest FBI Sting Operation in History
/in General NewsWhen a drug kingpin named Microsoft tried to seize control of an encrypted phone company for criminals, he was playing right into its real owners’ hands.
Security Latest – Read More
Cybersecurity M&A Roundup: 28 Deals Announced in May 2024
/in General NewsRoundup of the more than two dozen cybersecurity-related merger and acquisition (M&A) deals announced in May 2024.
The post Cybersecurity M&A Roundup: 28 Deals Announced in May 2024 appeared first on SecurityWeek.
SecurityWeek – Read More
Vulnerabilities Exposed Millions of Cox Modems to Remote Hacking
/in General NewsCox recently patched a series of vulnerabilities that could have allowed hackers to remotely take control of millions of modems.
The post Vulnerabilities Exposed Millions of Cox Modems to Remote Hacking appeared first on SecurityWeek.
SecurityWeek – Read More
Russians Love YouTube. That’s a Problem for the Kremlin
/in General NewsYouTube remains the only major US-based social media platform available in Russia. It’s become “indispensable” to everyday people, making a ban tricky. Journalists and dissidents are taking advantage.
Security Latest – Read More
37 Vulnerabilities Patched in Android
/in General NewsAndroid’s June 2024 security update resolves 37 vulnerabilities, including high-severity flaws in Framework and System.
The post 37 Vulnerabilities Patched in Android appeared first on SecurityWeek.
SecurityWeek – Read More