BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Android Bug can Leak DNS Traffic With VPN Kill Switch Enabled
/in General NewsThe Android bug discovered by a Mullvad VPN user reveals that Android devices can leak DNS queries even with the “Always-on VPN” feature and “Block connections without VPN” option enabled.
Cyware News – Latest Cyber News – Read More
Ukraine Records Increase in Financially Motivated Attacks by Russian Hackers
/in General NewsThese hackers are employing sophisticated phishing techniques to distribute malicious software and target financial theft, with incidents steadily increasing over the past two years.
Cyware News – Latest Cyber News – Read More
New Goldoon Botnet Targeting D-Link Devices by Exploiting Weak Credentials
/in General NewsBy Waqas
A new botnet called Goldoon targets D-Link routers and NAS devices putting them at risk of DDoS attacks and more. Learn how weak credentials leave you vulnerable and how to secure your network. pen_spark
This is a post from HackRead.com Read the original post: New Goldoon Botnet Targeting D-Link Devices by Exploiting Weak Credentials
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
CISO Corner: Verizon DBIR Lessons; Workplace Microaggression; Shadow APIs
/in General NewsOur collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: a Tech Tip on setting up DMARC, a DNS mystery from Muddling Meerkat, and a cybersecurity checklist for M&A transitions.
darkreading – Read More
Paris Olympics Cybersecurity at Risk via Attack Surface Gaps
/in General NewsThough Olympics officials appear to have better secured their digital footprint than other major sporting events have, significant risks remain for the Paris Games.
darkreading – Read More
Palo Alto Networks Delivers Comprehensive SASE Capabilities
/in General NewsPost Content
darkreading – Read More
Permira to Acquire Majority Position in BioCatch at $1.3B Valuation
/in General NewsPost Content
darkreading – Read More
Dazz Unveils AI-Powered Automated Remediation for Application Security Posture Management
/in General NewsPost Content
darkreading – Read More
GAO: NASA Faces ‘Inconsistent’ Cybersecurity Across Spacecraft
/in General NewsThe space agency needs to implement stricter policies and standards when it comes to its cybersecurity practices, but doing so the wrong way would put machinery at risk, a federal review found.
darkreading – Read More
Code faster with generative AI, but beware the risks when you do
/in General NewsSoftware developers can achieve significant productivity gains with GenAI-powered coding help, but these may come with baggage.
Latest stories for ZDNET in Security – Read More