BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
UK Trails Behind Europe in Technical Skills Proficiency, Coursera Report Finds
/in General NewsThe U.K. is the 25th most technically proficient country in Europe, with Switzerland, Germany and the Netherlands taking the top three places.
Security | TechRepublic – Read More
Ransomware Group Exploits PHP Vulnerability Days After Disclosure
/in General NewsThe TellYouThePass ransomware gang started exploiting a recent code execution flaw in PHP days after public disclosure.
The post Ransomware Group Exploits PHP Vulnerability Days After Disclosure appeared first on SecurityWeek.
SecurityWeek – Read More
ICS Patch Tuesday: Advisories Published by Siemens, Schneider Electric, Aveva, CISA
/in General NewsSeveral ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in their industrial and OT products.
The post ICS Patch Tuesday: Advisories Published by Siemens, Schneider Electric, Aveva, CISA appeared first on SecurityWeek.
SecurityWeek – Read More
Critical Outlook RCE Vulnerability Exploits Preview Pane – Patch Now!
/in General NewsA critical vulnerability (CVE-2024-30103) in Microsoft Outlook allows attackers to execute malicious code simply by opening an email. This “zero-click” exploit doesn’t require user interaction and poses a serious threat. Learn how this vulnerability works and how to stay protected.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability
/in General NewsMicrosoft has released security updates to address 51 flaws as part of its Patch Tuesday updates for June 2024.
Of the 51 vulnerabilities, one is rated Critical and 50 are rated Important. This is in addition to 17 vulnerabilities resolved in the Chromium-based Edge browser over the past month.
None of the security flaws have been actively exploited in the wild, with one of them listed as
The Hacker News – Read More
Forced-Labor Camps Fuel Billions of Dollars in Cyber Scams
/in General NewsGreater collaboration between financial and law enforcement officials is needed to dismantle cybercrime scam centers in Cambodia, Laos, and Myanmar, which rake in tens of billions of dollars annually — and affect victims worldwide.
darkreading – Read More
How AI and LLMs are revolutionizing cyber insurance
/in General NewsOrganizations are often forced to make trade-offs between purchasing cyber insurance or adding more applications and services to defend against attacks.Read More
Security News | VentureBeat – Read More
Downtime Costs World’s Largest Companies $400 Billion a Year, According to Splunk Report
/in General NewsDirect revenue loss is the biggest drain from downtime, but other hidden costs include diminished shareholder value, stagnant productivity and reputational damage.
Security | TechRepublic – Read More
Using AI in Business Security Decision-Making: Enhancing Protection and Efficiency
/in General NewsEnhance business security with AI-driven decision-making. Use advanced tools for accurate threat detection, compliance, and proactive crisis management.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Creating Secure CRM Pipelines in Construction: Best Practices and Essential Strategies
/in General NewsSecure your construction company’s CRM pipeline to protect client data and streamline operations. A specialized CRM enhances communication, reduces errors, and supports scalable growth with advanced security features and automation tools.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More