BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
- [webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
- [webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
- [local] RDPGuard 9.9.9 - Privilege Escalation
- [webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection
- [webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
- [local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
- [local] VirtualBox 7.0.16 - Privilege Escalation
- [remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)
- [webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
How a Trust Center Solves Your Security Questionnaire Problem
/in General NewsSecurity questionnaires aren’t just an inconvenience — they’re a recurring problem for security and sales teams.
They bleed time from organizations, filling the schedules of professionals with monotonous, automatable work. But what if there were a way to reduce or even altogether eliminate security questionnaires? The root problem isn’t a lack of great questionnaire products — it’s the
The Hacker News – Read More
Report: HHS Needs to Beef up Cloud Security and Skills
/in General NewsThe Department of Health and Human Services is facing cloud security issues, with weaknesses in security controls and inventories of cloud systems. Over 30% of their systems are in the cloud, putting them at risk of compromise.
Cyware News – Latest Cyber News – Read More
Russia Shifts Cyber Focus to Battlefield Intelligence in Ukraine
/in General NewsMultiple Russian cyber units are targeting frontline Ukrainian military computers and mobile devices in preparation for a summer offensive. This change reflects Russia’s adaptation to the demands of a prolonged war in Ukraine.
Cyware News – Latest Cyber News – Read More
Chrome 127 Patches 24 Vulnerabilities
/in General NewsChrome 127 was promoted to the stable channel with patches for 24 vulnerabilities, including 16 reported externally.
The post Chrome 127 Patches 24 Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Fake CrowdStrike Repair Manual Pushes New Infostealer Malware
/in General NewsThe Daolpu malware collects account credentials, browser history, and cookies from Chrome, Edge, Firefox, and other browsers. It is spread through malicious document attachments in phishing emails that contain malicious macros.
Cyware News – Latest Cyber News – Read More
Vanta Raises $150 Million at $2.45 Billion Valuation
/in General NewsVanta has raised $150 million in a Series C funding round and it plans on using the money to fuel expansion and AI innovation.
The post Vanta Raises $150 Million at $2.45 Billion Valuation appeared first on SecurityWeek.
SecurityWeek – Read More
The best electric screwdrivers of 2024: Expert tested and reviewed
/in General NewsI tested some of the best electric screwdrivers on the market to help you find the perfect one to make your DIY tasks faster and easier.
Latest news – Read More
Verizon Subsidiary Settles With FCC for $16M Over Three Data Breaches
/in General NewsVerizon subsidiary TracFone Wireless settles for $16 million with the FCC over three old data breaches.
The post Verizon Subsidiary Settles With FCC for $16M Over Three Data Breaches appeared first on SecurityWeek.
SecurityWeek – Read More
How to Reduce SaaS Spend and Risk Without Impacting Productivity
/in General NewsThere is one simple driver behind the modern explosion in SaaS adoption: productivity. We have reached an era where purpose-built tools exist for almost every aspect of modern business and it’s incredibly easy (and tempting) for your workforce to adopt these tools without going through the formal IT approval and procurement process.
But this trend has also increased the attack surface—and with
The Hacker News – Read More
Alphabet’s Reported $23B Bet on Wiz Fizzles Out
/in General NewsAlphabet’s planned $23 billion acquisition of cybersecurity firm Wiz has fallen through, leading Wiz to pursue its own path toward an IPO and aiming for $1 billion in annual recurring revenue (ARR).
Cyware News – Latest Cyber News – Read More