BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
The AI Wild West: Unraveling the Security and Privacy Risks of GenAI Apps
/in General NewsGenAI users are uploading data to over eight apps every month – what are the security and privacy concerns?
The post The AI Wild West: Unraveling the Security and Privacy Risks of GenAI Apps appeared first on SecurityWeek.
SecurityWeek – Read More
U.S. Seizes 32 Pro-Russian Propaganda Domains in Major Disinformation Crackdown
/in General NewsThe U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 32 internet domains used by a pro-Russian propaganda operation called Doppelganger as part of a sweeping set of actions.
Accusing the Russian government-directed foreign malign influence campaign of violating U.S. money laundering and criminal trademark laws, the agency called out companies Social Design Agency (SDA),
The Hacker News – Read More
Google Fixed Actively Exploited Android Privilege Escalation Flaw (CVE-2024-32896)
/in General NewsGoogle has patched a high-severity vulnerability, known as CVE-2024-32896, in its Android OS actively exploited in the wild. The issue involves a privilege escalation in the Android Framework component.
Cyware News – Latest Cyber News – Read More
CISA Warns of Three Actively Exploited Vulnerabilities That Demand Immediate Attention
/in General NewsTwo vulnerabilities, CVE-2021-20123 and CVE-2021-20124, pose serious risks for Draytek VigorConnect routers, potentially leading to unauthorized access to sensitive files. Another vulnerability, CVE-2024-7262, affects Kingsoft WPS Office.
Cyware News – Latest Cyber News – Read More
RomCom Group’s Underground Ransomware Exploits Microsoft Zero-Day Flaw
/in General NewsA new ransomware variant named Underground, linked to the Russia-based RomCom group, encrypts files on victims’ Windows machines and demands a ransom for decryption. It has been active since July 2023.
Cyware News – Latest Cyber News – Read More
Abusix Launches Guardian: Cutting-Edge Security Platform for Email and Network Providers
/in General NewsBoston, MA, 5th September 2024, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Revival Hijack Attack Puts 22,000 PyPI Packages at Risk of Hijack
/in General NewsThis method could potentially lead to numerous malicious package downloads. The attack involves hijacking popular projects by registering new projects under the names of removed packages on PyPI.
Cyware News – Latest Cyber News – Read More
Acuvity Raises $9 Million Seed Funding for Gen-AI Governance and In-house Development
/in General NewsActivity emerged from stealth with $9 million seed funding to provide solutions for enterprises to safely adopt GenAI.
The post Acuvity Raises $9 Million Seed Funding for Gen-AI Governance and In-house Development appeared first on SecurityWeek.
SecurityWeek – Read More
Cisco Patches Critical Vulnerabilities in Smart Licensing Utility
/in General NewsCisco has released patches for multiple vulnerabilities, including two critical-severity flaws in Smart Licensing Utility.
The post Cisco Patches Critical Vulnerabilities in Smart Licensing Utility appeared first on SecurityWeek.
SecurityWeek – Read More
Fake OnlyFans Checker Tool Infects Hackers with Lummac Stealer Malware
/in General NewsOnlyFans account hackers are finding themselves on the receiving end of a nasty cyber surprise.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More