BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
French Diplomatic Entities Targeted in Russian-Linked Cyber Attacks
/in General NewsState-sponsored actors with ties to Russia have been linked to targeted cyber attacks aimed at French diplomatic entities, the country’s information security agency ANSSI said in an advisory.
The attacks have been attributed to a cluster tracked by Microsoft under the name Midnight Blizzard (formerly Nobelium), which overlaps with activity tracked as APT29, BlueBravo, Cloaked Ursa, Cozy Bear,
The Hacker News – Read More
Catching Up on Innovation With NIST CSF 2.0
/in General NewsThe updated framework is an equalizer for smaller organizations to meet the industry at its breakneck pace of innovation.
darkreading – Read More
OpenAI Co-Founder Sutskever Sets up New AI Company Devoted to ‘Safe Superintelligence’
/in General NewsIlya Sutskever’s new company is focused on safely developing “superintelligence” – a reference to AI systems that are smarter than humans.
The post OpenAI Co-Founder Sutskever Sets up New AI Company Devoted to ‘Safe Superintelligence’ appeared first on SecurityWeek.
SecurityWeek – Read More
Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs
/in General NewsCybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors.
Tracked as CVE-2024-0762 (CVSS score: 7.5), the “UEFIcanhazbufferoverflow” vulnerability has been described as a case of a buffer overflow stemming from the use of an unsafe variable in the Trusted Platform
The Hacker News – Read More
Bitdefender vs Kaspersky (2024): Which Solution Is Better?
/in General NewsKaspersky excels with its easy to use interface and automation features, while Bitdefender gets the edge on overall detection rates and laboratory test results, but with a slightly more difficult learning curve.
Security | TechRepublic – Read More
Anthropic’s Claude 3.5 Sonnet outperforms OpenAI and Google in enterprise AI race
/in General NewsAnthropic releases Claude 3.5 Sonnet, a cutting-edge AI model that combines unparalleled performance and cost-effectiveness for enterprise businesses, setting itself apart from consumer-focused competitors like OpenAI.Read More
Security News | VentureBeat – Read More
LockBit Ransomware Again Most Active – Real Attack Surge or Smokescreen?
/in General NewsLockBit appears to once again be the most active ransomware group, but experts believe the hackers may just be inflating their numbers.
The post LockBit Ransomware Again Most Active – Real Attack Surge or Smokescreen? appeared first on SecurityWeek.
SecurityWeek – Read More
Writer triples revenue and expands to 250 customers as demand for enterprise AI soars
/in General NewsWriter, an AI writing platform, triples revenue and expands to 250 customers as demand for enterprise generative AI soars, delivering tangible business value through advanced language models and responsible AI practices.Read More
Security News | VentureBeat – Read More
1inch partners with Blockaid to enhance Web3 security through the 1inch Shield
/in General NewsDubai, UAE, 20th June 2024, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Access Management Startup Pomerium Raises $13.75 Million
/in General NewsPomerium raises $13.75 million in Series A funding for dynamic user identity verification and access management platform.
The post Access Management Startup Pomerium Raises $13.75 Million appeared first on SecurityWeek.
SecurityWeek – Read More