BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [local] TightVNC 2.8.83 - Control Pipe Manipulation
- [remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)
- [webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection
- [local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
The Loper Bright Decision: How it Impacts Cybersecurity Law
/in General NewsThe Loper Bright decision has yielded impactful results: the Supreme Court has overturned forty years of administrative law, leading to potential litigation over the interpretation of ambiguous laws previously decided by federal agencies. This article explores key questions for cybersecurity professionals and leaders as we enter a more contentious period of cybersecurity law.
Background
What is
The Hacker News – Read More
New SLUBStick Attack Makes Linux Kernel Vulnerabilities More Dangerous
/in General NewsA new Linux kernel exploitation technique named SLUBStick makes heap vulnerabilities more dangerous.
The post New SLUBStick Attack Makes Linux Kernel Vulnerabilities More Dangerous appeared first on SecurityWeek.
SecurityWeek – Read More
Russia’s ‘Fighting Ursa’ APT Uses Car Ads to Install HeadLace Malware
/in General NewsThe scheme, from the group also known as APT28, involves targeting Eastern European diplomats in need of personal transportation, tempting them with a purported good deal on a Audi Q7 Quattro SUV.
darkreading – Read More
The Top 6 Urban VPN Alternatives for 2024
/in General NewsIf you’re on the hunt for Urban VPN alternatives, check out our in-depth analysis of Proton VPN, TunnelBear and other VPN providers.
Security | TechRepublic – Read More
Enhancing Incident Response Readiness with Wazuh
/in General NewsIncident response is a structured approach to managing and addressing security breaches or cyber-attacks. Security teams must overcome challenges such as timely detection, comprehensive data collection, and coordinated actions to enhance readiness. Improving these areas ensures a swift and effective response, minimizing damage and restoring normal operations quickly.
Challenges in incident
The Hacker News – Read More
Tech Support Scam Ring Leader Gets Seven Years in Prison, $6M Fine
/in General NewsA tech support fraud leader was sentenced to seven years in prison for scamming over 6,500 victims and making $6 million. The operation targeted elderly victims in the U.S. and Canada by showing fake malware infections on their computers.
Cyware News – Latest Cyber News – Read More
US Releases Russian Hackers and Spies as Part of Prisoner Swap
/in General NewsThe United States, along with Germany and Slovenia, participated in a historic prisoner exchange with Russia, releasing hackers, spies, and an assassin. The swap took place at an airport in Ankara, Turkey.
Cyware News – Latest Cyber News – Read More
How Project 2025 Would Put US Elections at Risk
/in General NewsExperts say the “nonsensical” policy proposal, which largely aligns with Donald Trump’s agenda, would weaken the US agency tasked with protecting election integrity, critical infrastructure, and more.
Security Latest – Read More
Security Bypass Vulnerability Exposed in Rockwell Automation Logix Controllers
/in General NewsA vulnerability in Rockwell Automation’s Logix controllers, CVE-2024-6242, poses a security risk to industrial automation systems worldwide by allowing unauthorized access to PLCs.
Cyware News – Latest Cyber News – Read More
Newly Identified BITSLOTH Backdoor Uses Novel C2 Communication Channel
/in General NewsA new Windows backdoor named BITSLOTH has been discovered by cybersecurity researchers. This malware exploits the Background Intelligent Transfer Service (BITS) for stealthy communication, making it difficult to detect.
Cyware News – Latest Cyber News – Read More