BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
Splunk Patches Vulnerabilities in Enterprise Product
/in General NewsSplunk patches high-severity vulnerabilities in Enterprise, including an authentication token exposure issue.
The post Splunk Patches Vulnerabilities in Enterprise Product appeared first on SecurityWeek.
SecurityWeek – Read More
Cybersecurity Mesh: Overcoming Data Security Overload
/in General NewsA significant cybersecurity challenge arises from managing the immense volume of data generated by numerous IT security tools, leading organizations into a reactive rather than proactive approach.
The post Cybersecurity Mesh: Overcoming Data Security Overload appeared first on SecurityWeek.
SecurityWeek – Read More
GoPlus Report: Blockchain Networks Using API Security Data to Mitigate Web3 Threats
/in General NewsBy Uzair Amir
Singapore, 28 March 2024 – GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report…
This is a post from HackRead.com Read the original post: GoPlus Report: Blockchain Networks Using API Security Data to Mitigate Web3 Threats
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Cisco Patches DoS Vulnerabilities in Networking Products
/in General NewsCisco has released patches for multiple IOS and IOS XE software vulnerabilities leading to denial-of-service (DoS).
The post Cisco Patches DoS Vulnerabilities in Networking Products appeared first on SecurityWeek.
SecurityWeek – Read More
Municipalities in Texas, Georgia See Services Disrupted Following Ransomware Attacks
/in General NewsOn Tuesday evening, the government of Gilmer County in Georgia posted a notice on its website warning that a ransomware attack was affecting its ability to provide services to its more than 30,000 residents.
Cyware News – Latest Cyber News – Read More
Threat Indicators Show 2024 Is Already Promising to be Worse Than 2023
/in General NewsIn just the first two months of 2024, threat intelligence firm Flashpoint has logged dramatic increases in all major threat indicators.
The post Threat Indicators Show 2024 Is Already Promising to be Worse Than 2023 appeared first on SecurityWeek.
SecurityWeek – Read More
CISA Adds One Known Exploited Vulnerability in Microsoft Sharepoint Server to Catalog
/in General NewsThe vulnerability, tracked as CVE-2023-24955 (CVSS score: 7.2), is a critical remote code execution flaw that allows an authenticated attacker with Site Owner privileges to execute arbitrary code.
Cyware News – Latest Cyber News – Read More
New Cyber Threats to Challenge Financial Services Sector in 2024
/in General NewsPost Content
darkreading – Read More
Checkmarx Announces Partnership With Wiz
/in General NewsPost Content
darkreading – Read More
AI risk management startup ValidMind raises $8.1M to help banks comply with regulations
/in General NewsValidMind, a regulatory compliance platform for AI risk management at banks, raises $8.1 million in seed funding to automate model validation and documentation.Read More
Security News | VentureBeat – Read More