BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
North Korean Hackers Team Up with Play Ransomware in Global Attack
/in General NewsState-Sponsored Espionage Meets Ransomware!
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Yahoo Discloses NetIQ iManager Flaws Allowing Remote Code Execution
/in General NewsYahoo researchers found nearly a dozen vulnerabilities in OpenText’s NetIQ iManager and some could have been chained for unauthenticated RCE.
The post Yahoo Discloses NetIQ iManager Flaws Allowing Remote Code Execution appeared first on SecurityWeek.
SecurityWeek – Read More
Mystic Valley Elder Services Data Breach Impacts 87,000 People
/in General NewsMystic Valley Elder Services detected a security breach in April and now says files containing personal information may have been stolen.
The post Mystic Valley Elder Services Data Breach Impacts 87,000 People appeared first on SecurityWeek.
SecurityWeek – Read More
2024 looks set to be another record-breaking year for ransomware — and it’s likely going to get worse
/in General NewsThis year, 2024, looks set to be the most profitable yet for hackers, with four ransom demands paid in the tens of millions of dollars.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Designing a Future-focused Cybersecurity Investment Strategy
/in General NewsCISOs must attempt to define a strategic approach to technology investment that will protect the business over the long term.
The post Designing a Future-focused Cybersecurity Investment Strategy appeared first on SecurityWeek.
SecurityWeek – Read More
API Security Matters: The Risks of Turning a Blind Eye
/in General NewsWillfully ignoring important security issues to make our lives easier is, unfortunately, something that does happen in the security field.
The post API Security Matters: The Risks of Turning a Blind Eye appeared first on SecurityWeek.
SecurityWeek – Read More
The best password manager for iPhone in 2024: Expert tested
/in General NewsWe tested some of the best iPhone password managers to help you keep all of your logins secure. These are our favorites.
Latest stories for ZDNET in Security – Read More
CyberPanel Vulnerabilities Exploited in Ransomware Attacks Shortly After Disclosure
/in General NewsCyberPanel vulnerabilities have been exploited to compromise thousands of instances as part of ransomware attacks.
The post CyberPanel Vulnerabilities Exploited in Ransomware Attacks Shortly After Disclosure appeared first on SecurityWeek.
SecurityWeek – Read More
Regulators Combat Deepfakes With Anti-Fraud Rules
/in General NewsDespite the absence of laws specifically covering AI-based attacks, regulators can use existing rules around fraud and deceptive business practices.
darkreading – Read More
MIND Launches "Intelligent" DLP Platform
/in General NewsThe company’s data loss prevention platform helps customers identify and classify data across SaaS and GenAI applications, endpoints, and emails.
darkreading – Read More