BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover
- [remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)
- [remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
- [local] Sudo chroot 1.9.17 - Local Privilege Escalation
- [local] Sudo 1.9.17 Host Option - Elevation of Privilege
- [local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
- [webapps] Discourse 3.2.x - Anonymous Cache Poisoning
- [remote] Microsoft Outlook - Remote Code Execution (RCE)
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
Cyber Workforce Numbers Rise for Larger Organizations
/in General NewsSome organizations are also reaching record-high levels of cyber maturity, at 80% to 90%.
darkreading – Read More
PTC License Server Bug Needs Immediate Patch Against Critical Flaw
/in General NewsCreo Elements/Direct License Servers, which enable industrial design and modeling software, are exposed to the Internet, leaving critical infrastructure vulnerable to remote code execution.
darkreading – Read More
Interlock Launches ThreatSlayer Web3 Security Extension and Incentivized Crowdsourced Internet Security Community
/in General NewsPost Content
darkreading – Read More
Rapid7 To Acquire Attack Surface Management Startup Noetic Cyber
/in General NewsCybersecurity firm Rapid7 has announced to acquired Noetic Cyber, a startup specializing in cyber asset attack surface management (CAASM). The terms of the deal were not disclosed.
Cyware News – Latest Cyber News – Read More
Odaseva Raises $54M Series C Round to Expand Product Offerings and Continue Category Leadership
/in General NewsPost Content
darkreading – Read More
Bloom Health Centers Provides Notice of Data Security Incident
/in General NewsPost Content
darkreading – Read More
Human Technology Inc. — Notification of Data Breach
/in General NewsPost Content
darkreading – Read More
Implementing Zero Trust and Mitigating Risk: ISC2 Courses to Support Your Development
/in General NewsPost Content
darkreading – Read More
Ransomware Attack Demands Reach a Staggering $5.2m in 2024
/in General NewsAccording to a new analysis by Comparitech, the average ransom demand per ransomware attack in the first half of 2024 was over $5.2m (£4.1m). This was calculated from 56 known ransom demands issued by threat actors during that period.
Cyware News – Latest Cyber News – Read More
Google Patches 25 Android Flaws, Including Critical Privilege Escalation Bug
/in General NewsGoogle ships an Android security update with fixes for 15 vulnerabilities, including a critical-severity flaw in Framework.
The post Google Patches 25 Android Flaws, Including Critical Privilege Escalation Bug appeared first on SecurityWeek.
SecurityWeek – Read More