BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Russia arrests hacker accused of preventing electronic voting during local election
/in General NewsAccording to the agency’s press service, the 61-year-old suspect used Ukraine-made software to carry out the DDoS attacks on Russia’s critical information infrastructure. His activity coincided with the regional parliamentary and municipal elections.
The Record from Recorded Future News – Read More
How to Find the Right CISO
/in General NewsGreat CISOs are in short supply, so choose wisely. Here are five ways to make sure you’ve made the right pick.
darkreading – Read More
Zenity Raises $38 Million to Secure Agentic AI
/in General NewsAgentic AI security startup Zenity has raised $38 million in a Series B funding round led by Third Point Ventures and DTCP.
The post Zenity Raises $38 Million to Secure Agentic AI appeared first on SecurityWeek.
SecurityWeek – Read More
Augmenting Training Datasets Using Generative AI
/in General NewsCustom generative AI solutions have the potential to transform industries, equipping businesses to reach their goals with exceptional…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
A Sherlock Holmes Approach to Cybersecurity: Eliminate the Impossible with Exposure Validation
/in General NewsSherlock Holmes is famous for his incredible ability to sort through mounds of information; he removes the irrelevant and exposes the hidden truth. His philosophy is plain yet brilliant: “When you have eliminated the impossible, whatever remains, however improbable, must be the truth.” Rather than following every lead, Holmes focuses on the details that are needed to move him to the solution.
In
The Hacker News – Read More
Dutch Police Disrupt Major Info Stealers RedLine and MetaStealer in Operation Magnus
/in General NewsThe Dutch National Police, along with international partners, have announced the disruption of the infrastructure powering two information stealers tracked as RedLine and MetaStealer.
The takedown, which took place on October 28, 2024, is the result of an international law enforcement task force codenamed Operation Magnus that involved authorities from the U.S., the U.K., Belgium, Portugal, and
The Hacker News – Read More
How to Improve the Security of AI-Assisted Software Development
/in General NewsCISOs need an AI visibility and KPI plan that supports a “just right” balance to enable optimal security and productivity outcomes.
The post How to Improve the Security of AI-Assisted Software Development appeared first on SecurityWeek.
SecurityWeek – Read More
Canada Says Chinese Reconnaissance Scans Targeting Government Organizations
/in General NewsCanada says multiple government and critical infrastructure organizations have been targeted in Chinese reconnaissance scans.
The post Canada Says Chinese Reconnaissance Scans Targeting Government Organizations appeared first on SecurityWeek.
SecurityWeek – Read More
Apple Patches Over 70 Vulnerabilities Across iOS, macOS, Other Products
/in General NewsApple has released security updates for iOS 18 and macOS Sequoia 15 to address dozens of vulnerabilities.
The post Apple Patches Over 70 Vulnerabilities Across iOS, macOS, Other Products appeared first on SecurityWeek.
SecurityWeek – Read More
U.S. Government Issues New TLP Guidance for Cross-Sector Threat Intelligence Sharing
/in General NewsThe U.S. government (USG) has issued new guidance governing the use of the Traffic Light Protocol (TLP) to handle the threat intelligence information shared between the private sector, individual researchers, and Federal Departments and Agencies.
“The USG follows TLP markings on cybersecurity information voluntarily shared by an individual, company, or other any organization, when not in
The Hacker News – Read More