BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
OWASP Beefs Up GenAI Security Guidance Amid Growing Deepfakes
/in General NewsAs businesses worry over deepfake scams and other AI attacks, organizations are adding guidance for cybersecurity teams on how to detect, and respond to, next-generation threats. That includes Exabeam, which was recently targeted by a deepfaked job candidate.
darkreading – Read More
Software Makers Encouraged to Stop Using C/C++ by 2026
/in General NewsThe Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation assert that C, C++, and other memory-unsafe languages contribute to potential security breaches.
Security | TechRepublic – Read More
Ohio’s capital says July ransomware attack leaked info of 500,000
/in General NewsThe city government of Columbus, Ohio, said a ransomware attack that stirred up a high-profile lawsuit had exposed the data of about 500,000 people.
The Record from Recorded Future News – Read More
How AI Is Changing the Cloud Security and Risk Equation
/in General NewsDiscover how AI amplifies cloud security risks and how to mitigate them, with insights from Tenable’s Liat Hayun on managing data sensitivity, misconfigurations, and over-privileged access.
Security | TechRepublic – Read More
Hackers Claim Access to Nokia Internal Data, Selling for $20,000
/in General NewsHackers claim to have breached Nokia through a third-party contractor, allegedly stealing SSH keys, source code, and internal…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Name That Edge Toon: Aerialist’s Choice
/in General NewsFeeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
darkreading – Read More
Google: Big Sleep AI Agent Puts SQLite Software Bug to Bed
/in General NewsA research tool by the company found a vulnerability in the SQLite open source database, demonstrating the “defensive potential” for using LLMs to find vulnerabilities in applications before they’re publicly released.
darkreading – Read More
Cyberattack disrupts classes at Irish technology university
/in General NewsStudents were advised that classes at SETU’s Waterford campuses would be postponed so academics could plan around the disruption.
The Record from Recorded Future News – Read More
Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning
/in General NewsCybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a malicious actor to perform various actions, including denial-of-service, model poisoning, and model theft.
“Collectively, the vulnerabilities could allow an attacker to carry out a wide-range of malicious actions with a single HTTP request, including
The Hacker News – Read More
Columbus says ransomware gang stole personal data of 500,000 Ohio residents
/in General NewsColumbus says hackers accessed resident’s Social Security numbers and bank account details
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More