BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Ingress-NGINX 4.11.0 - Remote Code Execution (RCE)
- [local] Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)
- [remote] FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse
- [remote] Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)
- [remote] PCMan FTP Server 2.0.7 - Buffer Overflow
- [webapps] Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation
- [local] Parrot and DJI variants Drone OSes - Kernel Panic Exploit
- [webapps] PHP CGI Module 8.3.4 - Remote Code Execution (RCE)
- [remote] AirKeyboard iOS App 1.0.5 - Remote Input Injection
- [webapps] Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI
DeepSeek-R1 LLM Fails Over Half of Jailbreak Attacks in Security Analysis
/in General NewsDeepSeek-R1 LLM fails 58% of jailbreak attacks in Qualys security analysis. Learn about the vulnerabilities, compliance concerns, and risks for enterprise adoption.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Ransomware Payments Decreased by 35% in 2024, Research Finds
/in General NewsRansomware payments dropped 35% in 2024 due to law enforcement crackdowns and stronger cyber defenses, forcing attackers to adapt with new tactics.
Security | TechRepublic – Read More
Grubhub breach exposed customer data. Should you be worried?
/in General NewsHere’s what happened, what Grubhub has done about it, and what you should do too.
Latest stories for ZDNET in Security – Read More
The Cyber Savanna: A Rigged Race You Can’t Win, but Must Run Anyway
/in General NewsWhen it comes to protecting your company from cyberattacks, you don’t have to be the fastest gazelle — you just can’t afford to be the slowest.
darkreading – Read More
Astra, Invary Raise Millions for AI-Powered Pentesting, Runtime Security
/in General NewsAstra Security and Invary have received new funding to fuel development of their vulnerability scanning and runtime security solutions.
The post Astra, Invary Raise Millions for AI-Powered Pentesting, Runtime Security appeared first on SecurityWeek.
SecurityWeek – Read More
Cognita.ai raises $15M to fix enterprise AI’s biggest bottleneck: deployment
/in General NewsCognita.ai secures $15M Series A funding to transform enterprise AI implementation, reducing deployment time from 8 months to 12 weeks while delivering practical, measurable business outcomes through its Zunō platform.Read More
Security News | VentureBeat – Read More
Five Eyes Agencies Release Guidance on Securing Edge Devices
/in General NewsFive Eyes cybersecurity agencies have released guidance on securing edge devices against increasing threats.
The post Five Eyes Agencies Release Guidance on Securing Edge Devices appeared first on SecurityWeek.
SecurityWeek – Read More
If you’re not working on quantum-safe encryption now, it’s already too late
/in General NewsQuantum computers could soon break today’s strongest encryption, putting sensitive data at risk. Let’s dive deep into what this all means for telecommunications, security, AI, and our future.
Latest stories for ZDNET in Security – Read More
Cisco Patches Critical Vulnerabilities in Enterprise Management Product
/in General NewsCritical vulnerabilities in Cisco Identity Services Engine could lead to elevation of privileges and system configuration modifications.
The post Cisco Patches Critical Vulnerabilities in Enterprise Management Product appeared first on SecurityWeek.
SecurityWeek – Read More
Security Teams Pay the Price: The Unfair Reality of Cyber Incidents
/in General NewsThe blame of security incidents may be shared—but the burden of response always falls on the security team. Here’s how to prepare for the inevitable.
The post Security Teams Pay the Price: The Unfair Reality of Cyber Incidents appeared first on SecurityWeek.
SecurityWeek – Read More