BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
SafeBase Scores $33M Series B Investment
/in General NewsSafeBase has raised north of $50 million since launching in 2020 with plans to simplify vendor risk assessment disclosures.
The post SafeBase Scores $33M Series B Investment appeared first on SecurityWeek.
SecurityWeek – Read More
The 6 Data Security Sessions You Shouldn’t Miss at RSAC 2024
/in General NewsThemed “The Art of Possible,” this year’s conference celebrates new challenges and opportunities in the age of AI.
darkreading – Read More
Researchers Unveil Novel Attack Methods Targeting Intel’s Conditional Branch Predictor
/in General NewsResearchers have found two novel types of attacks that target the conditional branch predictor found in high-end Intel processors, which could be exploited to compromise billions of processors currently in use.
Cyware News – Latest Cyber News – Read More
UK Enacts IoT Cybersecurity Law
/in General NewsThe Product Security and Telecommunications Infrastructure (PSTI) Act has come into effect, requiring manufacturers of consumer-grade IoT products sold in the UK to stop using guessable default passwords and have a vulnerability disclosure policy.
Cyware News – Latest Cyber News – Read More
Prompt Fuzzer: Open-Source Tool for Strengthening GenAI Apps
/in General NewsPrompt Fuzzer is interactive and user-friendly, allowing users to repeat the process as many times as needed to harden their system prompts and see their security score increase as the prompt becomes more resilient.
Cyware News – Latest Cyber News – Read More
Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues
/in General NewsMicrosoft provides an easy and logical first step into GenAI for many organizations, but beware of the pitfalls.
The post Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues appeared first on SecurityWeek.
SecurityWeek – Read More
U.S. Government Releases New AI Security Guidelines for Critical Infrastructure
/in General NewsThe U.S. government has unveiled new security guidelines aimed at bolstering critical infrastructure against artificial intelligence (AI)-related threats.
“These guidelines are informed by the whole-of-government effort to assess AI risks across all sixteen critical infrastructure sectors, and address threats both to and from, and involving AI systems,” the Department of Homeland Security (DHS)&
The Hacker News – Read More
Muddling Meerkat Hackers Manipulate DNS Using China’s Great Firewall
/in General NewsDiscovered by Infoblox, the threat activity does not have a clear goal or motivation but demonstrates sophistication and advanced capabilities to manipulate global DNS systems.
Cyware News – Latest Cyber News – Read More
FCC Imposes $200 Million in Fines on Four US Carriers
/in General NewsThe FCC has fined four major U.S. wireless carriers – AT&T, Sprint, T-Mobile, and Verizon – a total of nearly $200 million for unlawfully selling access to their customers’ real-time location data without consent.
Cyware News – Latest Cyber News – Read More
Google Rejected 2.28 Million Risky Android Apps From Play Store in 2023
/in General NewsAdditionally, the tech giant reports that it identified and blocked 333,000 Google Play accounts that uploaded malware, fraudulent apps, or engaged in repeated grave policy violations.
Cyware News – Latest Cyber News – Read More