BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
PSA: You shouldn’t upload your medical images to AI chatbots
/in General NewsSecurity and privacy advocates have long warned that sensitive medical data can be used to train AI models, and can expose personal data down the line.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Apple Confirms Zero-Day Attacks Hitting Intel-based Macs
/in General NewsApple rushes out out major macOS and iOS security updates to cover a pair of vulnerabilities already being exploited in the wild.
The post Apple Confirms Zero-Day Attacks Hitting Intel-based Macs appeared first on SecurityWeek.
SecurityWeek – Read More
Dell Unveils AI and Cybersecurity Solutions at Microsoft Ignite 2024
/in General NewsDell announced new AI and cybersecurity advancements at Microsoft Ignite, including APEX File Storage and Copilot services for Azure.
Security | TechRepublic – Read More
Microsoft offers $4 million in AI and cloud bug bounties – how to qualify
/in General NewsThe company’s Zero Day Quest hacking event will reward researchers who find new security flaws.
Latest stories for ZDNET in Security – Read More
‘Phobos’ Ransomware Cybercriminal Extradited From South Korea
/in General NewsAccording to the unsealed criminal charges, the operation is believed to have running for nearly four years.
darkreading – Read More
Russian Ransomware Gangs on the Hunt for Pen Testers
/in General NewsIn further proof of the professionalization of Russian cybercriminal groups, ransomware gangs have been posting job ads for security positions such as pen testers, looking to boost their ransomware deployment operations.
darkreading – Read More
Vulnerable Jupyter Servers Targeted for Sports Piracy
/in General NewsMisconfigured instances of JupyterLab and Jupyter Notebook have been targeted by threat actors for sports stream ripping.
The post Vulnerable Jupyter Servers Targeted for Sports Piracy appeared first on SecurityWeek.
SecurityWeek – Read More
Employee Data Compromised in Hacker Attack on Space Technology Firm Maxar
/in General NewsSatellite maker Maxar Space Systems has disclosed a data breach impacting the personal information of its employees.
The post Employee Data Compromised in Hacker Attack on Space Technology Firm Maxar appeared first on SecurityWeek.
SecurityWeek – Read More
YC-backed Formal brings a clever security reverse-proxy out of stealth
/in General NewsFormal is a security startup coming out of stealth on Tuesday with a nice list of investors and an interesting product positioning. The company has designed a reverse-proxy for data stores and APIs so that security teams can more easily secure access to sensitive data. In more practical terms, Formal is a proxy that you […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Salt Typhoon Hits T-Mobile as Part of Telecom Attack Spree
/in General NewsThe company says no sensitive data was stolen, but federal agencies claim otherwise. CISA and FBI sources said attackers accessed all records of specific customers and the private communications of targeted individuals.
darkreading – Read More