BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices
- Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool
- Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale
- ByeDPIAndroid - App To Bypass Censorship On Android
- API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc
- Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients
- Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image
- CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents
- Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database
- SubGPT - Find Subdomains With GPT, For Free
Exploit DB
- [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
- [remote] Microsoft SharePoint 2019 - NTLM Authentication
- [remote] gogs 0.13.0 - Remote Code Execution (RCE)
- [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
- [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
- [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
- [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
- [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
- [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
- [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Apple Patches Vision Pro Vulnerability Used in Possibly ‘First Ever Spatial Computing Hack’
/in General NewsApple has released a visionOS update that patches CVE-2024-27812, which may be the first flaw specific to the VR headset.
The post Apple Patches Vision Pro Vulnerability Used in Possibly ‘First Ever Spatial Computing Hack’ appeared first on SecurityWeek.
SecurityWeek – Read More
Multiple Vulnerabilities Plague Discontinued Netgear WNR614 Routers
/in General NewsRedfox Security warns of multiple vulnerabilities in Netgear WNR614 routers discontinued three years ago.
The post Multiple Vulnerabilities Plague Discontinued Netgear WNR614 Routers appeared first on SecurityWeek.
SecurityWeek – Read More
BlackBerry Cylance Data Offered for Sale on Dark Web
/in General NewsBlackBerry says the Cylance data offered for sale for $750,000 is old and its own systems have not been compromised.
The post BlackBerry Cylance Data Offered for Sale on Dark Web appeared first on SecurityWeek.
SecurityWeek – Read More
Supreme Court Will Take Up Meta’s Bid to End Lawsuit Over Cambridge Analytica Privacy Scandal
/in General NewsThe Supreme Court will take up Meta’s bid to end the lawsuit over the Cambridge Analytica privacy scandal.
The post Supreme Court Will Take Up Meta’s Bid to End Lawsuit Over Cambridge Analytica Privacy Scandal appeared first on SecurityWeek.
SecurityWeek – Read More
Top 10 Critical Pentest Findings 2024: What You Need to Know
/in General NewsOne of the most effective ways for information technology (IT) professionals to uncover a company’s weaknesses before the bad guys do is penetration testing. By simulating real-world cyberattacks, penetration testing, sometimes called pentests, provides invaluable insights into an organization’s security posture, revealing weaknesses that could potentially lead to data breaches or other security
The Hacker News – Read More
SAP Patches High-Severity Vulnerabilities in Financial Consolidation, NetWeaver
/in General NewsSAP has released 10 new security notes on June 2024 Security Patch Day, including two addressing high-severity vulnerabilities.
The post SAP Patches High-Severity Vulnerabilities in Financial Consolidation, NetWeaver appeared first on SecurityWeek.
SecurityWeek – Read More
Dangerous Liaisons: The Interaction Between Threat Actors and High-Risk Devices
/in General NewsForescout’s 2024 analysis of the riskiest devices highlights vulnerabilities and threat actor interactions across IT, IoT, OT, and IoMT.
The post Dangerous Liaisons: The Interaction Between Threat Actors and High-Risk Devices appeared first on SecurityWeek.
SecurityWeek – Read More
Apple Integrates OpenAI’s ChatGPT into Siri for iOS, iPadOS, and macOS
/in General NewsApple has announced the launch of a “groundbreaking cloud intelligence system” called Private Cloud Compute (PCC) that’s designed for processing artificial intelligence (AI) tasks in a privacy-preserving manner in the cloud.
The tech giant described PCC as the “most advanced security architecture ever deployed for cloud AI compute at scale.”
PCC coincides with the arrival of new generative AI (
The Hacker News – Read More
Xona Raises $18 Million for OT Remote Access Platform
/in General NewsOT zero trust user access platform provider Xona has raised $18 million, which brings its total investment to $32 million.
The post Xona Raises $18 Million for OT Remote Access Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Arm Warns of Exploited Kernel Driver Vulnerability
/in General NewsArm warns that CVE-2024-4610, a Mali GPU kernel driver vulnerability addressed two years ago, is exploited in attacks.
The post Arm Warns of Exploited Kernel Driver Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More