BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] WP Publications WordPress Plugin 1.2 - Stored XSS
- [local] Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges
- [remote] Keras 2.15 - Remote Code Execution (RCE)
- [local] Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege
- [webapps] PivotX 3.0.0 RC3 - Remote Code Execution (RCE)
- [hardware] TOTOLINK N300RB 8.54 - Command Execution
- [webapps] SugarCRM 14.0.0 - SSRF/Code Injection
- [webapps] Langflow 1.2.x - Remote Code Execution (RCE)
- [remote] NodeJS 24.x - Path Traversal
- [remote] MikroTik RouterOS 7.19.1 - Reflected XSS
MSPs & MSSPs: How to Increase Engagement with Your Cybersecurity Clients Through vCISO Reporting
/in General NewsAs a vCISO, you are responsible for your client’s cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, “Your First 100 Days as a vCISO – 5 Steps to Success”, which covers all the phases entailed in launching a successful vCISO engagement, along with
The Hacker News – Read More
Application Security Startup Heeler Raises $8.5 Million in Seed Funding
/in General NewsHeeler Security has raised $8.5 million in seed funding for its ProductDNA application security technology.
The post Application Security Startup Heeler Raises $8.5 Million in Seed Funding appeared first on SecurityWeek.
SecurityWeek – Read More
What caused the great CrowdStrike-Windows meltdown of 2024? History has the answer
/in General NewsWhen a trusted software provider delivers an update that causes PCs to immediately stop working across the world, chaos ensues. Last week’s incident wasn’t the first such event. Here’s how to make sure it doesn’t happen again.
Latest news – Read More
Fallout from Faulty Friday CrowdStrike Update Persists
/in General NewsHistoric IT outage expected to spur regulatory scrutiny, soul-searching over “monoculture” of IT infrastructure – and cyberattack threats.
darkreading – Read More
California Officials Say Largest Trial Court in US Victim of Ransomware Attack
/in General NewsThe Superior Court of Los Angeles County, the largest trial court in the US, has been the victim of a ransomware attack.
The post California Officials Say Largest Trial Court in US Victim of Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Russian Nationals Plead Guilty to Participating in the LockBit Ransomware Group
/in General NewsTwo Russian nationals, Ruslan Magomedovich Astamirov and Mikhail Vasiliev, pleaded guilty in a federal court in Newark for their roles in the LockBit ransomware operation.
Cyware News – Latest Cyber News – Read More
The Pentagon Wants to Spend $141 Billion on a Doomsday Machine
/in General NewsThe DOD wants to refurbish ICBM silos that give it the ability to end civilization. But these missiles are useless as weapons, and their other main purpose—attracting an enemy’s nuclear strikes—serves no end.
Security Latest – Read More
Surfshark vs CyberGhost (2024): Which VPN Is Better?
/in General NewsWhich VPN is better, Surfshark or CyberGhost? Compare these VPNs with our guide and find out which one is best for you.
Security | TechRepublic – Read More
Fake Grand Theft Auto VI Beta Download Spreads Malware
/in General NewsBitdefender researchers found suspicious Facebook ads promoting fake beta versions for free download on PC. These ads promise early access to a non-existent GTA VI beta with attractive features and release dates, using stolen gameplay footage.
Cyware News – Latest Cyber News – Read More
Several Linux Kernel Azure Vulnerabilities Fixed in Ubuntu
/in General NewsCanonical released security updates to fix various vulnerabilities in the Linux kernel for Microsoft Azure Cloud systems on Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. These flaws could lead to denial of service, data leakage, or arbitrary code execution.
Cyware News – Latest Cyber News – Read More