BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Maryam - Open-source Intelligence(OSINT) Framework
- TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog
- PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data
- Wappalyzer-Next - Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies
- Telegram-Checker - A Python Tool For Checking Telegram Accounts Via Phone Numbers Or Usernames
- Torward - An Improved Version Based On The Torghost-Gn And Darktor Scripts, Designed To Enhance Anonymity On The Internet
- Instagram-Brute-Force-2024 - Instagram Brute Force 2024 Compatible With Python 3.13 / X64 Bit / Only Chrome Browser
- QuickResponseC2 - A Command & Control Server That Leverages QR Codes To Send Commands And Receive Results From Remote Systems
- Telegram-Scraper - A Powerful Python Script That Allows You To Scrape Messages And Media From Telegram Channels Using The Telethon Library
- Moukthar - Android Remote Administration Tool
Exploit DB
- [webapps] FoxCMS 1.2.5 - Remote Code Execution (RCE)
- [webapps] Drupal 11.x-dev - Full Path Disclosure
- [webapps] Apache Commons Text 1.10.0 - Remote Code Execution
- [webapps] Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
- [webapps] Tatsu 3.3.11 - Unauthenticated RCE
- [remote] Langflow 1.3.0 - Remote Code Execution (RCE)
- [webapps] UJCMS 9.6.3 - User Enumeration via IDOR
- [webapps] Inventio Lite 4 - SQL Injection
- [webapps] KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
- [hardware] ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution
In Other News: EntrySign AMD Flaw, Massive Attack Targets ISPs, ENISA Report
/in General NewsNoteworthy stories that might have slipped under the radar: Google discloses AMD CPU flaw named EntrySign, ISPs in the US and China targeted in massive attack, ENISA report on NIS2 Directive.
The post In Other News: EntrySign AMD Flaw, Massive Attack Targets ISPs, ENISA Report appeared first on SecurityWeek.
SecurityWeek – Read More
US charges admins of Garantex for allegedly facilitating crypto money laundering for terrorists and hackers
/in General NewsThe administrators of Garantex, Aleksej Besciokov and Aleksandr Mira Serda, allegedly knew their crypto exchange was used to launder money, according to U.S. prosecutors.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Got a suspicious E-ZPass text? It’s a trap – how to spot the scam
/in General NewsE-ZPass phishing texts seem to be hitting everyone – even non-drivers. Here’s what to watch for and what to do if you receive one.
Latest stories for ZDNET in Security – Read More
Japanese telco giant NTT Com says hackers accessed details of almost 18,000 organizations
/in General NewsUnidentified hackers breached NTT Com’s network to steal personal information of employees at thousands of corporate customers
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
How Cyberattacks Affect Your Staff
/in General NewsBusinesses have a responsibility to safeguard their workforce, which is best achieved by preparing and equipping the whole organization to better face these worst-case cyber scenarios.
darkreading – Read More
FBI: Fake Ransomware Attack Claims Sent to US Executives via Snail Mail
/in General NewsAn extortion group has been sending physical mail to corporate executives, threatening to leak their data unless a ransom is paid.
The post FBI: Fake Ransomware Attack Claims Sent to US Executives via Snail Mail appeared first on SecurityWeek.
SecurityWeek – Read More
Microsoft Says One Million Devices Impacted by Infostealer Campaign
/in General NewsMicrosoft has uncovered a malvertising campaign that redirected users to information stealers hosted on GitHub.
The post Microsoft Says One Million Devices Impacted by Infostealer Campaign appeared first on SecurityWeek.
SecurityWeek – Read More
Many Schools Report Data Breach After Retirement Services Firm Hit by Ransomware
/in General NewsDozens of schools and thousands of individuals are impacted by a data breach resulting from a ransomware attack on Carruth Compliance Consulting.
The post Many Schools Report Data Breach After Retirement Services Firm Hit by Ransomware appeared first on SecurityWeek.
SecurityWeek – Read More
Webinar: Learn How ASPM Transforms Application Security from Reactive to Proactive
/in General NewsAre you tired of dealing with outdated security tools that never seem to give you the full picture? You’re not alone.
Many organizations struggle with piecing together scattered information, leaving your apps vulnerable to modern threats. That’s why we’re excited to introduce a smarter, unified approach: Application Security Posture Management (ASPM).
ASPM brings together the best of both
The Hacker News – Read More
18,000 Organizations Impacted by NTT Com Data Breach
/in General NewsNTT Communications Corporation has disclosed a data breach impacting the information of nearly 18,000 customer organizations.
The post 18,000 Organizations Impacted by NTT Com Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More