BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] CrushFTP 11.3.1 - Authentication Bypass
- [remote] Invision Community 5.0.6 - Remote Code Execution (RCE)
- [local] Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
White House official says insurance companies must stop funding ransomware payments
/in General NewsSome insurance policies incentivize holders to make ransomware payments that ultimately “fuel cyber crime ecosystems,” White House cyber adviser Anne Neuberger wrote in an op-ed. “This is a troubling practice that must end.”
The Record from Recorded Future News – Read More
In Other News: Doxing With Meta Ray-Ban Glasses, OT Hunting, NVD Backlog
/in General NewsNoteworthy stories that might have slipped under the radar: students dox people with Meta’s Ray-Ban smart glasses, OT hunting guide for water systems, NVD backlog still significant.
The post In Other News: Doxing With Meta Ray-Ban Glasses, OT Hunting, NVD Backlog appeared first on SecurityWeek.
SecurityWeek – Read More
Google Cloud Announces General Availability of New Confidential Computing Options
/in General NewsGoogle Cloud makes new confidential computing options generally available and expands attestation support.
The post Google Cloud Announces General Availability of New Confidential Computing Options appeared first on SecurityWeek.
SecurityWeek – Read More
Collapse of National Security Elites’ Cyber Firm Leaves Bitter Wake
/in General NewsInside the collapse of IronNet: Some say the firm collapsed, in part, because it engaged in questionable business practices, produced subpar offerings, and could have been vulnerable to meddling by the Kremlin.
The post Collapse of National Security Elites’ Cyber Firm Leaves Bitter Wake appeared first on SecurityWeek.
SecurityWeek – Read More
How This Video Game Controller Became the US Military’s Weapon of Choice
/in General NewsAfter decades of relying on buttons, switches, and toggles, the Pentagon has embraced simple, ergonomic video-game-style controllers already familiar to millions of potential recruits.
Security Latest – Read More
Google Hardens Pixel’s Baseband Security Mitigations
/in General NewsPixel 9 comes with improved security hardening mitigations against common exploits on cellular basebands.
The post Google Hardens Pixel’s Baseband Security Mitigations appeared first on SecurityWeek.
SecurityWeek – Read More
Cloudflare Mitigates Record Breaking 3.8 Tbps DDoS Attack
/in General NewsInternet infrastructure provider Cloudflare fends off a massive 3.8 Tbps DDoS attack, surpassing the previous record. Learn how…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors
/in General NewsCloudflare has disclosed that it mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted 65 seconds.
The web infrastructure and security company said it fended off “over one hundred hyper-volumetric L3/4 DDoS attacks throughout the month, with many exceeding 2 billion packets per second (Bpps) and 3 terabits per second (
The Hacker News – Read More
Russia Arrests 96 People Tied to US-Disrupted Cryptocurrency Exchanges
/in General NewsRussian authorities have arrested 96 individuals suspected of having ties to US-disrupted UAPS and Cryptex cryptocurrency exchanges.
The post Russia Arrests 96 People Tied to US-Disrupted Cryptocurrency Exchanges appeared first on SecurityWeek.
SecurityWeek – Read More
How to Get Going with CTEM When You Don’t Know Where to Start
/in General NewsContinuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of these stages plays a crucial role in identifying, addressing, and mitigating vulnerabilities –
The Hacker News – Read More