BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Avast Releases Free Decryptor for Mallox Ransomware
/in General NewsAvast has released a decryptor for the Mallox ransomware after identifying a weakness in its cryptographic schema.
The post Avast Releases Free Decryptor for Mallox Ransomware appeared first on SecurityWeek.
SecurityWeek – Read More
SIGA Launches OT Threat Detection and Response Suite
/in General NewsOT security firm targets CISOs with new solution described as a multi-layer machine learning process-oriented OT cybersecurity suite.
The post SIGA Launches OT Threat Detection and Response Suite appeared first on SecurityWeek.
SecurityWeek – Read More
CISA, DOJ Propose Rules for Protecting Personal Data Against Foreign Adversaries
/in General NewsCISA and the DOJ are seeking comment on rules whose goal is to protect the personal data of Americans against foreign adversaries.
The post CISA, DOJ Propose Rules for Protecting Personal Data Against Foreign Adversaries appeared first on SecurityWeek.
SecurityWeek – Read More
Millions of iOS and Android Users at Risk as Popular Apps Expose Cloud Keys
/in General NewsMillions of iOS and Android users are at risk after Symantec discovered that popular apps contain hardcoded, unencrypted…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
NotLockBit Ransomware Can Target macOS Devices
/in General NewsA file-encrypting malware family posing as the LockBit ransomware has been observed targeting macOS systems.
The post NotLockBit Ransomware Can Target macOS Devices appeared first on SecurityWeek.
SecurityWeek – Read More
Ransomware Gangs Use LockBit’s Fame to Intimidate Victims in Latest Attacks
/in General NewsThreat actors have been observed abusing Amazon S3 (Simple Storage Service) Transfer Acceleration feature as part of ransomware attacks designed to exfiltrate victim data and upload them to S3 buckets under their control.
“Attempts were made to disguise the Golang ransomware as the notorious LockBit ransomware,” Trend Micro researchers Jaromir Horejsi and Nitesh Surana said. “However, such is
The Hacker News – Read More
Researchers Reveal ‘Deceptive Delight’ Method to Jailbreak AI Models
/in General NewsCybersecurity researchers have shed light on a new adversarial technique that could be used to jailbreak large language models (LLMs) during the course of an interactive conversation by sneaking in an undesirable instruction between benign ones.
The approach has been codenamed Deceptive Delight by Palo Alto Networks Unit 42, which described it as both simple and effective, achieving an average
The Hacker News – Read More
Think You’re Secure? 49% of Enterprises Underestimate SaaS Risks
/in General NewsIt may come as a surprise to learn that 34% of security practitioners are in the dark about how many SaaS applications are deployed in their organizations. And it’s no wonder—the recent AppOmni 2024 State of SaaS Security Report reveals that only 15% of organizations centralize SaaS security within their cybersecurity teams. These statistics not only highlight a critical security blind spot,
The Hacker News – Read More
Dutch Police Infiltrate Telegram Groups, Arrest 4 for Illegal Data Trading
/in General NewsDutch police arrested four individuals for selling stolen personal data via Telegram groups, seizing devices and firearms in…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
White Hat Hackers Earn $500,000 on First Day of Pwn2Own Ireland 2024
/in General NewsPwn2Own Ireland 2024 participants have earned half a million dollars on the first day for hacking NAS devices, cameras, speakers and printers.
The post White Hat Hackers Earn $500,000 on First Day of Pwn2Own Ireland 2024 appeared first on SecurityWeek.
SecurityWeek – Read More