BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
First TikTok, now smart cars: How Biden’s new proposed ban will affect U.S. automakers
/in General NewsThe White House issued a long-anticipated proposal Monday that would ban Chinese smart cars because internet-connected vehicles pose a national security risk. The proposal, made amid an escalating trade war, could affect U.S. automakers and suppliers that rely on certain hardware to enable connected vehicle systems. “This is both strategic political theater designed to head […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Police are using AI to write crime reports. What could go wrong?
/in General NewsAxon’s Draft One is meant to save officers time, but can tech known to hallucinate improve policing?
Latest stories for ZDNET in Security – Read More
FreeBSD Issues Critical Security Advisory for CVE-2024-41721 (CVSS 9.8)
/in General NewsThe flaw, CVE-2024-41721, in bhyve’s USB emulation functionality could lead to malicious code execution, posing a serious threat to systems running vulnerable versions of FreeBSD.
Cyware News – Latest Cyber News – Read More
Data Security Posture Management: Accelerating Time to Value
/in General NewsData discovery and classification are foundational for data security, data governance, and data protection.
darkreading – Read More
Ban Sought for Chinese, Russian Software and Hardware Used in Autonomous Vehicles on US Roads
/in General NewsIn extreme situations, a foreign adversary could shut down or take simultaneous control of multiple vehicles operating in the United States, causing crashes and blocking roads.
The post Ban Sought for Chinese, Russian Software and Hardware Used in Autonomous Vehicles on US Roads appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers Posed as Google Support to Steal $243 Million in Crypto
/in General NewsHackers stole $243M from a single victim by posing as Google and Gemini support, resetting 2FA to access…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
CERT/CC Warns of Unpatched Critical Vulnerability in Microchip ASF
/in General NewsMicrochip Advanced Software Framework (ASF) 3 is affected by a critical vulnerability that could lead to remote code execution.
The post CERT/CC Warns of Unpatched Critical Vulnerability in Microchip ASF appeared first on SecurityWeek.
SecurityWeek – Read More
What Is Threat Hunting In Cybersecurity?
/in General NewsCyber threat hunting involves taking proactive measures to detect potential threats or malicious activities. Learn about threat-hunting techniques and how they work.
Security | TechRepublic – Read More
Versa Networks Patches Vulnerability Exposing Authentication Tokens
/in General NewsVersa Networks has released patches for a Versa Director vulnerability for which proof-of-concept (PoC) code exists.
The post Versa Networks Patches Vulnerability Exposing Authentication Tokens appeared first on SecurityWeek.
SecurityWeek – Read More
Keycloak Vulnerability Puts SAML Authentication at Risk
/in General NewsThe vulnerability lies in Keycloak’s XMLSignatureUtil class, which incorrectly verifies SAML signatures, disregarding the vital “Reference” element that specifies the signed portion of the document.
Cyware News – Latest Cyber News – Read More