BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Ingress-NGINX 4.11.0 - Remote Code Execution (RCE)
- [local] Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)
- [remote] FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse
- [remote] Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)
- [remote] PCMan FTP Server 2.0.7 - Buffer Overflow
- [webapps] Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation
- [local] Parrot and DJI variants Drone OSes - Kernel Panic Exploit
- [webapps] PHP CGI Module 8.3.4 - Remote Code Execution (RCE)
- [remote] AirKeyboard iOS App 1.0.5 - Remote Input Injection
- [webapps] Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI
Researchers Find Way to Shut Down Cryptominer Campaigns Using Bad Shares and XMRogue
/in General NewsCybersecurity researchers have detailed two novel methods that can be used to disrupt cryptocurrency mining botnets.
The methods take advantage of the design of various common mining topologies in order to shut down the mining process, Akamai said in a new report published today.
“We developed two techniques by leveraging the mining topologies and pool policies that enable us to reduce a
The Hacker News – Read More
How the US Military Is Redefining Zero Trust
/in General NewsTrust no longer comes from network boundaries alone but from continuously validating and protecting data and identities at every interaction.
darkreading – Read More
How CISOs became the gatekeepers of $309B AI infrastructure spending
/in General NewsSecurity vendors race to control $309B AI infrastructure market. How AgenticOps, eBPF and silicon-speed security will determine the winners.Read More
Security News | VentureBeat – Read More
Russia releases REvil members after convictions for payment card fraud
/in General NewsFour convicted members of the REvil cybercrime gang were released from custody after being sentenced in St. Petersburg for offenses related to payment card fraud.
The Record from Recorded Future News – Read More
Want a free VPN? How to use ProtonVPN on Android without having to pay
/in General NewsThe best part is you don’t need to sign in or even create a ProtonVPN account. Here’s how.
Latest stories for ZDNET in Security – Read More
Siemens Notifies Customers of Microsoft Defender Antivirus Issue
/in General NewsSiemens is working with Microsoft to address a Defender Antivirus problem that can lead to no malware alerts or plant disruptions.
The post Siemens Notifies Customers of Microsoft Defender Antivirus Issue appeared first on SecurityWeek.
SecurityWeek – Read More
IBM Pushes for More Collaboration Between Security, Governance
/in General NewsIBM integrates its governance and AI security tools to address the risks associated with the AI adoption boom.
darkreading – Read More
75 million deepfakes blocked: Persona leads the corporate fight against hiring fraud
/in General NewsPersona blocks 75 million fake job candidates as AI hiring fraud explodes across corporate America, forcing companies to deploy advanced identity verification tools to combat deepfake infiltration.Read More
Security News | VentureBeat – Read More
2 clever ways Android 16 guards your security – but you need to enable them
/in General NewsOnce you turn on these new Android 16 security features, your information and phone will be better protected against harm.
Latest stories for ZDNET in Security – Read More
US bans WhatsApp from House of Representatives staff devices
/in General NewsThe U.S. government has banned WhatsApp from devices used by U.S. House of Representatives staff, saying the app poses potential security risks.
Security News | TechCrunch – Read More