BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Transparency is sorely lacking amid growing AI interest
/in General NewsGetting companies to open up about how they train their foundation AI models is proving a challenge.
Latest stories for ZDNET in Security – Read More
Develop Valuable Cyber Security Skills Over a Lifetime for Only $56
/in General NewsNot only do you get access to over 90 courses, but also career mentoring, skills evaluation, training on real cyber security projects, and much more.
Security | TechRepublic – Read More
Google Fixes Fifth Chrome Zero-Day Exploited in Attacks This Year
/in General NewsThe high-severity issue tracked as CVE-2024-4671 is a “user after free” vulnerability in the Visuals component that handles the rendering and display of content on the browser.
Cyware News – Latest Cyber News – Read More
500,000 Impacted by Ohio Lottery Ransomware Attack
/in General NewsThe Ohio Lottery cyberattack conducted by the DragonForce ransomware group has impacted more than 500,000 individuals.
The post 500,000 Impacted by Ohio Lottery Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
RSA Conference 2024 – Announcements Summary (Day 4)
/in General NewsHundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
The post RSA Conference 2024 – Announcements Summary (Day 4) appeared first on SecurityWeek.
SecurityWeek – Read More
Singapore updates cybersecurity law to expand regulatory oversight
/in General NewsAmendments to the country’s cybersecurity bill aim to bolster its administration amid changes in the threat landscape.
Latest stories for ZDNET in Security – Read More
Researchers Uncover ‘LLMjacking’ Scheme Targeting Cloud-Hosted AI Models
/in General NewsCybersecurity researchers have discovered a novel attack that employs stolen cloud credentials to target cloud-hosted large language model (LLM) services with the goal of selling access to other threat actors.
The attack technique has been codenamed LLMjacking by the Sysdig Threat Research Team.
“Once initial access was obtained, they exfiltrated cloud credentials and gained
The Hacker News – Read More
CISA Courts Private Sector to Get Behind CIRCIA Reporting Rules
/in General NewsNew regulations will require the private sector to turn over incident data to CISA within three days or face enforcement. Here’s how the agency is presenting this as a benefit to the entire private sector.
darkreading – Read More
Dell Discloses Data Breach As Hacker Sells 49 Million Customer Data
/in General NewsBy Waqas
Dell has announced a data breach, while a hacker using the alias Menelik is selling 49 million Dell customer data on the notorious Breach Forums.
This is a post from HackRead.com Read the original post: Dell Discloses Data Breach As Hacker Sells 49 Million Customer Data
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
‘The Mask’ Espionage Group Resurfaces After 10-Year Hiatus
/in General NewsResearchers recently spotted the Spanish-speaking threat actor — with nearly 400 previous victims under its belt — in a new campaign in Latin America and Central Africa.
darkreading – Read More