BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Apple Opens Private Cloud Compute for Public Security Inspection
/in General NewsCupertino said the research lab and tooling offers “verifiable transparency” of its promises to secure AI-powered data on its platforms.
The post Apple Opens Private Cloud Compute for Public Security Inspection appeared first on SecurityWeek.
SecurityWeek – Read More
Meta just beat Google and Apple in the race to put powerful AI on phones
/in General NewsMeta has launched compressed AI models that run directly on smartphones, making artificial intelligence faster and more private while using less memory than cloud-based alternatives.Read More
Security News | VentureBeat – Read More
Lazarus Group Exploits Chrome 0-Day for Crypto with Fake NFT Game
/in General NewsNorth Korean hackers from Lazarus Group exploited a zero-day vulnerability in Google Chrome to target cryptocurrency investors with…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Nvidia Patches High-Severity Flaws in Windows, Linux Graphics Drivers
/in General NewsNvidia rolls out urgent security updates to fix at least 8 high-severity vulnerabilities in GPU drivers for Windows and Linux.
The post Nvidia Patches High-Severity Flaws in Windows, Linux Graphics Drivers appeared first on SecurityWeek.
SecurityWeek – Read More
AI Chatbots Ditch Guardrails After ‘Deceptive Delight’ Cocktail
/in General NewsThe latest GenAI jailbreak technique tricks chatbots into returning restricted content by blending different prompt topics together.
darkreading – Read More
Cisco ASA, FTD Software Under Active VPN Exploitation
/in General NewsUnauthenticated threat actors can remotely cause a denial-of-service (DoS) cyberattack within the Remote Access VPN software in Cisco’s ASA and Firepower software.
darkreading – Read More
The Most Secure Payment Solutions in the USA: Zelle, MoneyGram, CashApp, and Venmo
/in General NewsSecure payment solutions ensure safe transfers amidst rising risks of cybercrime and fraud. Discover how third-party platforms like…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Why Cybersecurity Acumen Matters in the C-Suite
/in General NewsUntil CEOs and boards prioritize learning more about mitigating threats, organizations are leaving themselves and their businesses open to the potential for disaster.
darkreading – Read More
North Korean Hackers Exploited Chrome Zero-Day for Cryptocurrency Theft
/in General NewsThe Lazarus APT created a deceptive website that exploited a Chrome zero-day to install malware and steal cryptocurrency.
The post North Korean Hackers Exploited Chrome Zero-Day for Cryptocurrency Theft appeared first on SecurityWeek.
SecurityWeek – Read More
Misconfigured UN Database Exposes 228GB of Gender Violence Victims’ Data
/in General NewsA cybersecurity researcher discovered a massive data leak exposing over 115,000 sensitive documents associated with the UN Trust…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More