BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
AI’s math problem: FrontierMath benchmark shows how far technology still has to go
/in General NewsFrontierMath, a new benchmark from Epoch AI, challenges advanced AI systems with complex math problems, revealing how far AI still has to go before achieving true human-level reasoning.Read More
Security News | VentureBeat – Read More
Debt Relief Firm Forth Discloses Data Breach Impacting 1.5 Million People
/in General NewsForth says the personal information of 1.5 million people was compromised in a May 2024 data breach.
The post Debt Relief Firm Forth Discloses Data Breach Impacting 1.5 Million People appeared first on SecurityWeek.
SecurityWeek – Read More
Cyberattack causes credit card readers to malfunction in Israel
/in General NewsCustomers at supermarkets and gas stations were reportedly unable to make payments due to the incident, which reports suggest lasted around an hour.
The Record from Recorded Future News – Read More
Veeam Patches High-Severity Vulnerability as Exploitation of Previous Flaw Expands
/in General NewsVeeam has released a hotfix for a high-severity authentication bypass vulnerability in Backup Enterprise Manager.
The post Veeam Patches High-Severity Vulnerability as Exploitation of Previous Flaw Expands appeared first on SecurityWeek.
SecurityWeek – Read More
CISA Urges Patching of Critical Palo Alto Networks’ Expedition Tool Vulnerability
/in General NewsA critical security vulnerability in Palo Alto Networks’ Expedition tool is being actively exploited by hackers. CISA urges…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Many Legacy D-Link NAS Devices Exposed to Remote Attacks via Critical Flaw
/in General NewsD-Link warns of a critical-severity command injection vulnerability impacting multiple discontinued NAS models.
The post Many Legacy D-Link NAS Devices Exposed to Remote Attacks via Critical Flaw appeared first on SecurityWeek.
SecurityWeek – Read More
The AI Machine Gun of the Future Is Already Here
/in General NewsThe Pentagon is pursuing every available option to keep US troops safe from the rising tide of adversary drones, including a robotic twist on its standard-issue small arms.
Security Latest – Read More
Palo Alto Networks Addresses Remote Code Execution Vulnerability Claims
/in General NewsPalo Alto Networks has issued an advisory urging customers to take action in response to claims of an RCE vulnerability in PAN-OS.
The post Palo Alto Networks Addresses Remote Code Execution Vulnerability Claims appeared first on SecurityWeek.
SecurityWeek – Read More
Enhance web app security with HTTP security headers: Content Security Policy
/in General NewsContent security policy (CSP) is a browser feature that can help minimize the risk of a multitude of security threats. To be noted that it’s one of the most exhaustive header that lets you control a various sources and parameters. In web development, it may cause more headaches than not, because usually if it’s being enforced as strictly as possible. And implementing it later on in the project…
Source
TechSplicer – Read More
Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware
/in General NewsCybersecurity researchers have discovered a new phishing campaign that spreads a new fileless variant of known commercial malware called Remcos RAT.
Remcos RAT “provides purchases with a wide range of advanced features to remotely control computers belonging to the buyer,” Fortinet FortiGuard Labs researcher Xiaopeng Zhang said in an analysis published last week.
“However, threat actors have
The Hacker News – Read More