BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Debian Patches Two Dovecot Vulnerabilities
/in General NewsDebian has patched two critical vulnerabilities in the Dovecot mail server, identified as CVE-2024-23184 and CVE-2024-23185, which could lead to denial-of-service attacks.
Cyware News – Latest Cyber News – Read More
Keeping up With Automated Threats is Becoming Harder
/in General NewsAutomated threats are increasingly difficult to keep up with, with 98% of organizations attacked by bots experiencing revenue loss, according to Kasada. Web scraping and account fraud are the primary threats causing revenue losses.
Cyware News – Latest Cyber News – Read More
White House Calls Attention to ‘Hard Problem’ of Securing Internet Traffic Routing
/in General NewsThe White House advised network operators to implement Resource Public Key Infrastructure (RPKI) to enhance security, which involves digital certificates managed by Regional Internet Registries.
Cyware News – Latest Cyber News – Read More
INE Security Announces 5 Practical Steps to Elevate Cyber Defense Strategies
/in General NewsCary, North Carolina, 4th September 2024, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Zyxel Patches Critical Vulnerabilities in Networking Devices
/in General NewsZyxel has released patches for multiple vulnerabilities in its networking devices, including a critical flaw impacting access points and security routers.
The post Zyxel Patches Critical Vulnerabilities in Networking Devices appeared first on SecurityWeek.
SecurityWeek – Read More
Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database
/in General NewsThe Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition firm Clearview AI for violating the General Data Protection Regulation (GDPR) in the European Union (E.U.) by building an “illegal database with billions of photos of faces,” including those of Dutch citizens.
“Facial recognition is a highly intrusive technology that you
The Hacker News – Read More
D-Link Says it is Not Fixing Four RCE Flaws in DIR-846W Routers
/in General NewsD-Link has announced that it will not be fixing four critical remote code execution (RCE) vulnerabilities in its DIR-846W routers due to the products no longer being supported.
Cyware News – Latest Cyber News – Read More
Zyxel Warns of Critical OS Command Injection Flaw in Routers
/in General NewsThe flaw, known as CVE-2024-7261, has a CVSS v3 score of 9.8, enabling hackers to execute arbitrary commands on the host operating system by manipulating user-supplied data.
Cyware News – Latest Cyber News – Read More
Android’s September 2024 Update Patches Exploited Vulnerability
/in General NewsGoogle has released Android security updates to patch an exploited local privilege escalation vulnerability.
The post Android’s September 2024 Update Patches Exploited Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
D-Link Warns of Code Execution Flaws in Discontinued Router Model
/in General NewsD-Link warns of multiple remote code execution vulnerabilities impacting its discontinued DIR-846 router model.
The post D-Link Warns of Code Execution Flaws in Discontinued Router Model appeared first on SecurityWeek.
SecurityWeek – Read More