BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Ingress-NGINX 4.11.0 - Remote Code Execution (RCE)
- [local] Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)
- [remote] FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse
- [remote] Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)
- [remote] PCMan FTP Server 2.0.7 - Buffer Overflow
- [webapps] Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation
- [local] Parrot and DJI variants Drone OSes - Kernel Panic Exploit
- [webapps] PHP CGI Module 8.3.4 - Remote Code Execution (RCE)
- [remote] AirKeyboard iOS App 1.0.5 - Remote Input Injection
- [webapps] Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI
WazirX Cryptocurrency Exchange Loses $230 Million in Major Security Breach
/in General NewsIndian cryptocurrency exchange WazirX has confirmed that it was the target of a security breach that led to the theft of $230 million in cryptocurrency assets.
“A cyber attack occurred in one of our [multi-signature] wallets involving a loss of funds exceeding $230 million,” the company said in a statement. “This wallet was operated utilizing the services of Liminal’s digital asset custody and
The Hacker News – Read More
The mindset, technology and tools that are stopping ecommerce in its tracks
/in General NewsCatch up with this VB Spotlight to learn how to protect your company and customers against the newest ecommerce threats fueled by AI.Read More
Security News | VentureBeat – Read More
US Data Breach Victim Numbers Increase by 1,000%, Literally
/in General NewsThough the number of victims has risen, the actual number of breaches has gone down, as fewer, bigger breaches affect more individuals.
darkreading – Read More
SolarWinds Charges Tossed Out of Court in Legal Victory Against SEC
/in General NewsJudge dismisses claims against SolarWinds for actions taken after its systems had been breached, but allows the case to proceed for alleged misstatements prior to the incident.
darkreading – Read More
Nvidia finally open sources some of its GPU drivers. How to tell what’s under your hood
/in General NewsA welcome step toward a more open ecosystem for Linux users and developers, the upcoming R560 driver release also puts Nvidia in a better position to compete with AMD. It’s about time.
Latest news – Read More
Using Threat Intelligence to Predict Potential Ransomware Attacks
/in General NewsThe risk of suffering a ransomware attack is high and organizations must take proactive steps to protect themselves and minimize the impact of a potential breach.
The post Using Threat Intelligence to Predict Potential Ransomware Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
OpenAI Rolls Out Compliance API and Integrations for ChatGPT Enterprise
/in General NewsThe tools are being positioned as crucial to help business customers meet requirements for regulations like FINRA, HIPAA, and GDPR.
The post OpenAI Rolls Out Compliance API and Integrations for ChatGPT Enterprise appeared first on SecurityWeek.
SecurityWeek – Read More
High-Severity Cisco Bug Grants Attackers Password Access
/in General NewsThe vulnerability was given the highest CVSS score possible, though few details have been released due to its severity.
darkreading – Read More
This rugged Android breaks the curse of ugly-yet-durable smartphones (and it’s on sale)
/in General NewsIf you’re looking for a rugged Android that performs better than most low-to-mid-range phones, the Oukitel WP35 offers extreme durability in a stylish package.
Latest news – Read More
Dyson’s new wireless headphones ‘OnTrac’ to challenge AirPods Max
/in General NewsCheaper than Dyson’s previous headphones, the new OnTrac model offers greater battery life, active noise cancellation, and replaceable ear cushions.
Latest news – Read More