BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TightVNC 2.8.83 - Control Pipe Manipulation
- [remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)
- [webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection
- [local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
Palo Alto Releases Patch for PAN-OS DoS Flaw — Update Immediately
/in General NewsPalo Alto Networks has disclosed a high-severity vulnerability impacting PAN-OS software that could cause a denial-of-service (DoS) condition on susceptible devices.
The flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), impacts PAN-OS versions 10.X and 11.X, as well as Prisma Access running PAN-OS versions. It has been addressed in PAN-OS 10.1.14-h8, PAN-OS 10.2.10-h12, PAN-OS 11.1.5, PAN-OS
The Hacker News – Read More
RFP Templates and Guidebook
/in General NewsA request for proposal is a common method for soliciting vendor quotes and answers about potential product or service offerings. They specifically intend to gather details involving implementation, operations, and maintenance. This facilitates the decision-making process, allowing organizations to choose the RFP responses which best suit their needs. This guidebook, written by Scott Matteson for …
Security | TechRepublic – Read More
Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization
/in General NewsThe Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution under specific conditions.
Tracked as CVE-2024-52046, the vulnerability carries a CVSS score of 10.0. It affects versions 2.0.X, 2.1.X, and 2.2.X.
“The ObjectSerializationDecoder in Apache MINA uses Java’s
The Hacker News – Read More
Hackers Release Second Batch of Stolen Cisco Data
/in General NewsIN THIS ARTICLE: Hackers have released what they claim to be the second batch of data stolen in…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Japan Airlines resumes operations after cyberattack delays flights
/in General NewsThe company claimed that no customer information was leaked and that it suffered no damage from computer viruses. There was also no impact on flight safety, according to JAL.
The Record from Recorded Future News – Read More
UN General Assembly approves cybercrime treaty despite industry backlash
/in General NewsThe agreement provides a framework for how law enforcement agencies in different countries coordinate on cybercrime investigations and is being touted as a way to reduce the number of safe havens for cybercriminals as well as help developing nations better protect their citizens from digital crimes.
The Record from Recorded Future News – Read More
Two Californians charged in the largest NFT fraud case to date
/in General NewsSUMMARY Two California men have been arrested and charged in what is being called the largest NFT fraud…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Cyberattack on Ukraine’s state registers disrupts marriage registration, real estate deals
/in General NewsAny real estate transactions in Ukraine, including purchase-sale agreements, leases, gift transfers and mortgage contracts, are on hold, as they require records from state registers containing citizens’ personal data, as well as information about legal entities and property rights.
The Record from Recorded Future News – Read More
Brazilian Hacker Charged for Extorting $3.2M in Bitcoin After Breaching 300,000 Accounts
/in General NewsA Brazilian citizen has been charged in the United States for allegedly threatening to release data stolen by hacking into a company’s network in March 2020.
Junior Barros De Oliveira, 29, of Curitiba, Brazil has been charged with four counts of extortionate threats involving information obtained from protected computers and four counts of threatening communications, the U.S. Department of
The Hacker News – Read More
SEC Disclosures Up, But Not Enough Details Provided
/in General NewsWhile companies have responded to the new SEC rules by disclosing incidents promptly, many of the reports don’t meet the SEC’s “material” standard.
darkreading – Read More