BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
High-Severity Flaw Affects Cisco Firepower Management Center
/in General NewsCisco states that there are no workarounds that address this vulnerability. The IT giant has confirmed that this vulnerability does not affect Adaptive Security Appliance (ASA) Software or Firepower Threat Defense (FTD) Software.
Cyware News – Latest Cyber News – Read More
Pakistan-linked Hackers Deploy Python, Golang, and Rust Malware on Indian Targets
/in General NewsThe Pakistan-nexus Transparent Tribe actor has been linked to a new set of attacks targeting Indian government, defense, and aerospace sectors using cross-platform malware written in Python, Golang, and Rust.
“This cluster of activity spanned from late 2023 to April 2024 and is anticipated to persist,” the BlackBerry Research and Intelligence Team said in a technical report
The Hacker News – Read More
6 Facts About How Interpol Fights Cybercrime
/in General NewsSo you think you know Interpol? Here are some key details of how this international law enforcement entity disrupts cybercrime worldwide.
darkreading – Read More
Shut the back door: Understanding prompt injection and minimizing risk
/in General NewsThe bottom line on prompt injection: Take it seriously and minimize the risk, but don’t let it hold you back. Read More
Security News | VentureBeat – Read More
The modern CISO: Scapegoat or value creator?
/in General NewsWhy keeping pace with the latest technology and ensuring open and honest communications with non-cybersecurity stakeholders is imperative.Read More
Security News | VentureBeat – Read More
Data Leak Exposes 500GB of Indian Police, Military Biometric Data
/in General NewsBy Waqas
The records belonged to two separate India-based firms, ThoughtGreen Technologies and Timing Technologies. Both provide application development, RFID technology, and biometric verification services.
This is a post from HackRead.com Read the original post: Data Leak Exposes 500GB of Indian Police, Military Biometric Data
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Experts Find Flaw in Replicate AI Service Exposing Customers’ Models and Data
/in General NewsCybersecurity researchers have discovered a critical security flaw in an artificial intelligence (AI)-as-a-service provider Replicate that could have allowed threat actors to gain access to proprietary AI models and sensitive information.
“Exploitation of this vulnerability would have allowed unauthorized access to the AI prompts and results of all Replicate’s platform customers,”
The Hacker News – Read More
Microsoft’s New Recall AI Tool May Be a ‘Privacy Nightmare’
/in General NewsPlus: US surveillance reportedly targets pro-Palestinian protesters, the FBI arrests a man for AI-generated CSAM, and stalkerware targets hotel computers.
Security Latest – Read More
Cybercriminals Exploit Cloud Storage for SMS Phishing Scams
/in General NewsSecurity researchers have revealed a series of criminal campaigns that exploit cloud storage services such as Amazon S3, Google Cloud Storage, Backblaze B2 and IBM Cloud Object Storage.
Cyware News – Latest Cyber News – Read More
NSA Issues Guidance for Maturing Application, Workload Capabilities Under Zero Trust; Dave Luber Quoted
/in General News“This guidance helps organizations disrupt malicious cyber activity by applying granular access control and visibility to applications and workloads in modern network environments,” said Dave Luber, director of cybersecurity at NSA.
Cyware News – Latest Cyber News – Read More