BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Cisco Fixes Root Escalation Vulnerability With Public Exploit Code
/in General NewsLocal attackers can exploit this weakness through malicious CLI commands without user interaction, but only if they have Administrator privileges. So far, there is no evidence of this vulnerability being exploited in the wild.
Cyware News – Latest Cyber News – Read More
Russia’s Most Notorious Special Forces Unit Now Has Its Own Cyber Warfare Team
/in General NewsUnit 29155 of Russia’s GRU military intelligence agency—a team responsible for coup attempts, assassinations, and bombings—has branched out into brazen hacking operations with targets across the world.
Security Latest – Read More
Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government
/in General NewsThis campaign, active since July, utilizes at least three malicious ISO files to compromise Malaysian entities, containing components like a malicious executable and a decoy PDF file, ultimately delivering the Babylon RAT as a final payload.
Cyware News – Latest Cyber News – Read More
Why It’s So Hard to Fully Block X in Brazil
/in General NewsWith 20,000 internet providers across the country, the technical challenges of blocking X in Brazil mean some connections are slipping through the cracks.
Security Latest – Read More
Australia Proposes Mandatory Guardrails for AI
/in General NewsNew mandatory guardrails will apply to AI models in high-risk settings, with businesses encouraged to adopt new safety standards starting now.
Security | TechRepublic – Read More
Businesses still ready to invest in Gen AI, with risk management a top priority
/in General NewsAccording to a Salesforce study, 87% of C-suite executives say implementing AI technology is a top business priority, but 93% acknowledge barriers to adoption in their organizations.
Latest stories for ZDNET in Security – Read More
The Role of Trust Anchors in Modern IT Security
/in General NewsTo fully realize the benefits trust anchors provide, organizations need to implement processes and technologies that maintain the privacy and security of trust anchors and the personal data they contain.
darkreading – Read More
Cisco Warns of Backdoor Admin Account in Smart Licensing Utility
/in General NewsCisco has issued a warning about a backdoor admin account discovered in the Cisco Smart Licensing Utility (CSLU), allowing unauthorized access to unpatched systems. This critical flaw (CVE-2024-20439) enables remote access with admin privileges.
Cyware News – Latest Cyber News – Read More
EUCLEAK Attack Allows Yubico Security Keys to be Cloned
/in General NewsDespite this, the risk is limited as attackers would need physical access to the device, specific knowledge of targeted accounts, and specialized equipment for the attack.
Cyware News – Latest Cyber News – Read More
The AI Wild West: Unraveling the Security and Privacy Risks of GenAI Apps
/in General NewsGenAI users are uploading data to over eight apps every month – what are the security and privacy concerns?
The post The AI Wild West: Unraveling the Security and Privacy Risks of GenAI Apps appeared first on SecurityWeek.
SecurityWeek – Read More