BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
- [webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
- [webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
- [local] Daikin Security Gateway 14 - Remote Password Reset
- [local] ZTE ZXV10 H201L - RCE via authentication bypass
How CIOs, CTOs, and CISOs View Cyber Risks Differently
/in General NewsC-suite executives face the challenge of balancing technological innovation with cybersecurity resilience. A report by LevelBlue highlighted the complexities of their roles and the need for strategic cybersecurity approaches.
Cyware News – Latest Cyber News – Read More
Proton has a plan to boost your online privacy. And your friend can benefit, too
/in General NewsThe tech company’s new plan looks to protect you and a friend or loved one online. Proton has also announced a Proton VPN browser extension.
Latest stories for ZDNET in Security – Read More
Biden Administration Pledges $11 Million to Open Source Security Initiative
/in General NewsThe effort, known as the Open-Source Software Prevalence Initiative (OSSPI), aims to identify where open-source software components are being used in sectors like healthcare, transportation, and energy production to enhance national cybersecurity.
Cyware News – Latest Cyber News – Read More
iProov: 70% of organizations will be greatly impacted by gen AI deepfakes
/in General NewsRoughly half of organizations say they have encountered a deepfake and are incredibly concerned as the technology grows more sophisticated.Read More
Security News | VentureBeat – Read More
Want to Win a Bike Race? Hack Your Rival’s Wireless Shifters
/in General NewsPlease don’t, actually. But do update your Shimano Di2 shifters’ software to prevent a new radio-based form of cycling sabotage.
Security Latest – Read More
Chipmaker Patch Tuesday: Intel, AMD Address Over 110 Vulnerabilities
/in General NewsIntel and AMD have each informed customers about dozens of vulnerabilities found and patched in their products.
The post Chipmaker Patch Tuesday: Intel, AMD Address Over 110 Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Hacker Conversations: Tom Anthony and Scratching an Itch Without Doing Harm
/in General NewsMany hackers trace their origin to an interest in, and early exposure to, computers. Tom Anthony is no different.
The post Hacker Conversations: Tom Anthony and Scratching an Itch Without Doing Harm appeared first on SecurityWeek.
SecurityWeek – Read More
Feds Seize Radar/Dispossessor Ransomware Gang Servers in US and Europe
/in General NewsFederal authorities have seized servers belonging to the Radar/Dispossessor ransomware gang in the U.S. and Europe. The FBI dismantled dozens of servers linked to the group, which is believed to have ties to the LockBit ransomware enterprise.
Cyware News – Latest Cyber News – Read More
460k Impacted by Kootenai Health Ransomware Attack
/in General NewsKootenai Health says the personal and health information of over 460,000 individuals was stolen in a ransomware attack.
The post 460k Impacted by Kootenai Health Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Report: 35% of Exposed API Keys Still Active, Posing Major Security Risks
/in General NewsNightfall AI’s research found that 35% of exposed API keys were still active, leading to significant security risks. The study uncovered an average of about 350 secrets, including passwords and API keys, exposed per 100 employees annually on GitHub.
Cyware News – Latest Cyber News – Read More