BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
The NIS2 Directive: How Far Does it Reach?
/in General NewsKey aspects of the NIS2 Directive include a focus on proactive cybersecurity measures for entities within its scope, such as risk analysis, incident handling, and supply chain security.
Cyware News – Latest Cyber News – Read More
Iranian Hackers Set Up New Network to Target U.S. Political Campaigns
/in General NewsCybersecurity researchers have unearthed new network infrastructure set up by Iranian threat actors to support activities linked to the recent targeting of U.S. political campaigns.
Recorded Future’s Insikt Group has linked the infrastructure to a threat it tracks as GreenCharlie, an Iran-nexus cyber threat group that overlaps with APT42, Charming Kitten, Damselfly, Mint Sandstorm (formerly
The Hacker News – Read More
BlackByte Ransomware Gang Believed to Be More Active Than Leak Site Suggests
/in General NewsCisco Talos has a blog post on the BlackByte ransomware group’s continuing evolution and new TTPs.
The post BlackByte Ransomware Gang Believed to Be More Active Than Leak Site Suggests appeared first on SecurityWeek.
SecurityWeek – Read More
California Advances Landmark Legislation to Regulate Large AI Models
/in General NewsEfforts in California to establish first-in-the-nation safety measures for the largest artificial intelligence systems cleared an important vote.
The post California Advances Landmark Legislation to Regulate Large AI Models appeared first on SecurityWeek.
SecurityWeek – Read More
Year-Long Malware Campaign Exploits NPM to Attack Roblox Developers
/in General NewsA year-long malware campaign targets Roblox developers using fake NPM packages mimicking “noblox.js” to steal data. Despite takedowns,…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Integrity360 Expands to South Africa with Grove Acquisition
/in General NewsGrove Group, a cybersecurity and cloud services company based in Cape Town, brings around 600 customers across 51 countries to Integrity360. This acquisition will also enhance Integrity360’s security operations center (SOC) business.
Cyware News – Latest Cyber News – Read More
In Other News: Automotive CTF, Deepfake Scams, Singapore’s OT Security Masterplan
/in General NewsNoteworthy stories that might have slipped under the radar: automotive CTF with $100k in prizes, deepfake scams, and Singapore’s OT security masterplan for 2024.
The post In Other News: Automotive CTF, Deepfake Scams, Singapore’s OT Security Masterplan appeared first on SecurityWeek.
SecurityWeek – Read More
Check Point, Cisco Boost AI Investments With Latest Deals
/in General NewsCisco’s deal to acquire Robust Intelligence will make it possible to use red team algorithms to assess risk in AI models and applications, while Check Point’s acquisition of Cyberint will add threat intelligence to its SOC platform.
darkreading – Read More
New Malware Masquerades as Palo Alto VPN Targeting Middle East Users
/in General NewsCybersecurity researchers have disclosed a new campaign that potentially targets users in the Middle East through malware that disguises itself as Palo Alto Networks GlobalProtect virtual private network (VPN) tool.
“The malware can execute remote PowerShell commands, download and exfiltrate files, encrypt communications, and bypass sandbox solutions, representing a significant threat to
The Hacker News – Read More
Cisco Bolsters AI Security by Buying Robust Intelligence
/in General NewsCisco is strengthening its AI security by acquiring Robust Intelligence, a startup led by a former Harvard professor. This acquisition emphasizes the importance of AI security in modern IT infrastructure.
Cyware News – Latest Cyber News – Read More