BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
- [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow
- [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
- [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
- [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
- [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
- [remote] Automic Agent 24.3.0 HF4 - Privilege Escalation
- [remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
- [webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
- [remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
Tech Leaders to Gather for AI Risk Summit at the Ritz-Carlton, Half Moon Bay June 25-26, 2024
/in General NewsSecurityWeek’s AI Risk Summit + CISO Forum bring together business and government stakeholders to provide meaningful guidance on risk management and cybersecurity in the age of artificial intelligence.
The post Tech Leaders to Gather for AI Risk Summit at the Ritz-Carlton, Half Moon Bay June 25-26, 2024 appeared first on SecurityWeek.
SecurityWeek – Read More
CISA Conducts First AI Cyber Incident Response Exercise
/in General NewsThe US cybersecurity agency CISA has conducted a tabletop exercise with the private sector focused on AI cyber incident response.
The post CISA Conducts First AI Cyber Incident Response Exercise appeared first on SecurityWeek.
SecurityWeek – Read More
MITRE: US Government Needs to Focus on Critical Infrastructure
/in General NewsWith the presidential election this year and increase in cyberattacks and conflict around the world, MITRE has outlined four important areas the incoming presidential administration should focus on next year.
darkreading – Read More
Exclusive: Parallel Domain launches PD Replica for high-fidelity digital twins in autonomous vehicle testing
/in General NewsParallel Domain launches PD Replica, a breakthrough product that generates high-fidelity digital twins from real-world data, revolutionizing autonomous vehicle testing and development.Read More
Security News | VentureBeat – Read More
Keytronic Says Personal Information Stolen in Ransomware Attack
/in General NewsKeytronic confirms that personal information was compromised after a ransomware group leaked allegedly stolen data.
The post Keytronic Says Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices
/in General NewsA suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal command-and-control (C&C) for defense evasion purposes.
Cybersecurity company Sygnia, which responded to
The Hacker News – Read More
Exclusive: Kong launches AI Gateway to help enterprises govern and scale generative AI
/in General NewsKong launches AI Gateway, an enterprise-grade, AI-native API gateway that enables organizations to govern, secure, and scale generative AI workloads across any cloud environment.Read More
Security News | VentureBeat – Read More
What is DevSecOps and Why is it Essential for Secure Software Delivery?
/in General NewsTraditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing vulnerabilities creates massive overhead for developers. The overhead that degrades velocity and puts production deadlines at risk.
The Hacker News – Read More
200,000 Impacted by Data Breach at Los Angeles County Public Health Agency
/in General NewsThe LA County’s Department of Public Health says the personal information of 200,000 was compromised in a data breach.
The post 200,000 Impacted by Data Breach at Los Angeles County Public Health Agency appeared first on SecurityWeek.
SecurityWeek – Read More
Aim Security Raises $18M to Secure Customers’ Implementation of AI Apps
/in General NewsAim Security has raised a total of $28 million to date and is on a mission to help companies to implement AI products with confidence.
The post Aim Security Raises $18M to Secure Customers’ Implementation of AI Apps appeared first on SecurityWeek.
SecurityWeek – Read More