BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Microsoft Deploys Generative AI for US Spies
/in General NewsPlus: China is suspected in a hack targeting the UK’s military, the US Marines are testing gun-toting robotic dogs, and Dell suffers a data breach impacting 49 million customers.
Security Latest – Read More
Attack Makes Autonomous Vehicle Tech Ignore Road Signs
/in General NewsResearchers have developed a technique called “GhostStripe” that can exploit the camera-based computer vision systems of autonomous vehicles, causing them to fail to recognize road signs, making it very risky for Tesla and Baidu Apollo vehicles.
Cyware News – Latest Cyber News – Read More
FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT
/in General NewsThe financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT.
“The threat actors used malicious websites to impersonate well-known brands, including AnyDesk, WinSCP, BlackRock, Asana, Concur, The Wall
The Hacker News – Read More
Cisco reimagines cybersecurity at RSAC 2024 with AI and kernel-level visibility
/in General NewsDefending against adversarial AI-based attacks and the torrent of new tradecraft attackers are creating requires a new approach to cybersecurity.Read More
Security News | VentureBeat – Read More
Millions of IoT Devices at Risk from Flaws in Integrated Cellular Modem
/in General NewsResearchers discovered seven vulnerabilities — including an unauthenticated RCE issue — in widely deployed Telit Cinterion modems.
darkreading – Read More
Europol Hacked? IntelBroker Claims Major Law Enforcement Breach
/in General NewsBy Waqas
Notorious hacker IntelBroker claims a major data breach at Europol. Allegedly, sensitive data including employee info, source code, and operational documents were compromised. Europol has yet to confirm the breach. Could this expose ongoing investigations and endanger law enforcement personnel? Find out more.
This is a post from HackRead.com Read the original post: Europol Hacked? IntelBroker Claims Major Law Enforcement Breach
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
New LLMjacking Attack Lets Hackers Hijack AI Models for Profit
/in General NewsBy Deeba Ahmed
Researchers uncover a novel cyberattack scheme called “LLMjacking” exploiting stolen cloud credentials to hijack powerful AI models. This article explores the implications of attackers leveraging large language models (LLMs) for malicious purposes and offers security recommendations for the cloud and AI communities.
This is a post from HackRead.com Read the original post: New LLMjacking Attack Lets Hackers Hijack AI Models for Profit
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
CISO as a CTO: When and Why It Makes Sense
/in General NewsEnterprises are increasingly recognizing that the CISO’s skills and experience building risk-based cyber programs translate well to other C-suite positions.
darkreading – Read More
Is CISA’s Secure by Design Pledge Toothless?
/in General NewsCISA’s agreement is voluntary and, frankly, basic. Signatories say that’s a good thing.
darkreading – Read More
Reality Defender Wins RSAC Innovation Sandbox Competition
/in General NewsIn a field thick with cybersecurity startups showing off how they use AI and LLMs, Reality Defender stood out for its tool for detecting and labeling deepfakes and other artificial content.
darkreading – Read More