BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Hackers are ramping up attacks using year-old ServiceNow security bugs to target unpatched systems
/in General NewsThreat intelligence startup GreyNoise says it has observed a ‘notable resurgence’ in attack activity
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Through the Lens of Music: What Cybersecurity Can Learn From Joni Mitchell
/in General NewsA Joni Mitchell song from the 1960s can teach us a lot about securing hybrid and multi-cloud environments.
The post Through the Lens of Music: What Cybersecurity Can Learn From Joni Mitchell appeared first on SecurityWeek.
SecurityWeek – Read More
Rooted Androids 3,000x More Likely to Be Breached, Even iPhones Not Safe
/in General NewsA new Zimperium report reveals that rooted Android phones and jailbroken iOS devices face growing threats, with advanced toolkits making detection nearly impossible for cybersecurity researchers.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Are We Closing the Gender Gap in Cybersecurity?
/in General NewsAnswer: Nope. But let’s look at the trends — because they matter for security.
darkreading – Read More
Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems
/in General NewsVeeam has released security updates to address a critical security flaw impacting its Backup & Replication software that could lead to remote code execution.
The vulnerability, tracked as CVE-2025-23120, carries a CVSS score of 9.9 out of 10.0. It affects 12.3.0.310 and all earlier version 12 builds.
“A vulnerability allowing remote code execution (RCE) by authenticated domain users,” the
The Hacker News – Read More
Veeam Patches Critical Vulnerability in Backup & Replication
/in General NewsVeeam has released patches for a critical-severity remote code execution vulnerability in Backup & Replication.
The post Veeam Patches Critical Vulnerability in Backup & Replication appeared first on SecurityWeek.
SecurityWeek – Read More
500,000 Impacted by Pennsylvania Teachers Union Data Breach
/in General NewsPennsylvania State Education Association says the personal information of over 500,000 individuals was stolen in a data breach.
The post 500,000 Impacted by Pennsylvania Teachers Union Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
Mobile Jailbreaks Exponentially Increase Corporate Risk
/in General NewsBoth Android devices and iPhones are 3.5 times more likely to be infected with malware once “broken” and 250 times more likely to be totally compromised, recent research shows.
darkreading – Read More
Six Governments Likely Use Israeli Paragon Spyware to Hack IM Apps and Harvest Data
/in General NewsThe governments of Australia, Canada, Cyprus, Denmark, Israel, and Singapore are likely customers of spyware developed by Israeli company Paragon Solutions, according to a new report from The Citizen Lab.
Paragon, founded in 2019 by Ehud Barak and Ehud Schneorson, is the maker of a surveillance tool called Graphite that’s capable of harvesting sensitive data from instant messaging applications
The Hacker News – Read More
Hackers Target Cisco Smart Licensing Utility Vulnerabilities
/in General NewsSANS is seeing attempts to exploit two critical Cisco Smart Licensing Utility vulnerabilities tracked as CVE-2024-20439 and CVE-2024-20440.
The post Hackers Target Cisco Smart Licensing Utility Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More