BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Salesforce takes aim at ‘jagged intelligence’ in push for more reliable AI
/in General NewsSalesforce unveils groundbreaking AI research tackling “jagged intelligence,” introducing new benchmarks, models, and guardrails to make enterprise AI agents more intelligent, trusted, and consistently reliable for business use.Read More
Security News | VentureBeat – Read More
Ticket Resale Platform TicketToCash Left 200GB of User Data Exposed
/in General NewsA misconfigured, non-password-protected database belonging to TicketToCash exposed data from 520,000 customers, including PII and partial financial details.…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
British Library avoids investigation over ransomware attack, praised again for response
/in General NewsThe U.K. Information Commissioner’s Office said it will not investigate the British Library over a 2023 ransomware attack. The institution will not face potential monetary penalties or a reprimand.
The Record from Recorded Future News – Read More
Actions Over Words: Career Lessons for the Security Professional
/in General NewsIn a world full of noise and promises, it’s those who consistently deliver behind the scenes who build the most respected and rewarding careers.
The post Actions Over Words: Career Lessons for the Security Professional appeared first on SecurityWeek.
SecurityWeek – Read More
10 passkey survival tips: The best preparation for a password-less future is to start living there now
/in General NewsAlthough passkeys remain an evolving ecosystem, we’d be wise to embrace tomorrow’s authentication standard today. Here are ZDNET’s 10 recommendations for reaching passkey paradise.
Latest stories for ZDNET in Security – Read More
SonicWall Flags Two More Vulnerabilities as Exploited
/in General NewsSonicWall has updated the advisories for two vulnerabilities to warn that they are being exploited in the wild.
The post SonicWall Flags Two More Vulnerabilities as Exploited appeared first on SecurityWeek.
SecurityWeek – Read More
5 things to do on World Password Day to keep your accounts safe
/in General NewsWith password best practices continuing to evolve, now’s a good time for a refresher. Consider this your annual cybersecurity to-do list.
Latest stories for ZDNET in Security – Read More
Ascension Discloses Data Breach Potentially Linked to Cleo Hack
/in General NewsAscension is notifying over 100,000 people that their personal information was stolen in a data breach potentially linked to the Cleo hack.
The post Ascension Discloses Data Breach Potentially Linked to Cleo Hack appeared first on SecurityWeek.
SecurityWeek – Read More
RAG can make AI models riskier and less reliable, new research shows
/in General NewsAccording to Bloomberg, the increasingly popular AI framework can vastly increase your chances of getting dangerous answers. What can you do?
Latest stories for ZDNET in Security – Read More
SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models
/in General NewsSonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access (SMA) appliances have been exploited in the wild.
The vulnerabilities in question are listed below –
CVE-2023-44221 (CVSS score: 7.2) – Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to
The Hacker News – Read More