BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
CISO Corner: Ivanti’s Mea Culpa; World Cup Hack; CISOs & Cyber Awareness
/in General NewsOur collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Dealing with a Ramadan cyber spike; funding Internet security; and Microsoft’s Azure AI changes.
darkreading – Read More
This backdoor almost infected Linux everywhere: The XZ Utils close call
/in General NewsFor the first time, an open-source maintainer put malware into a key Linux utility. We’re still not sure who or why – but here’s what you can do about it.
Latest stories for ZDNET in Security – Read More
The Tech Needed to Survive This Decade’s ‘Seismic’ APAC B2B Trends
/in General NewsFrom generative AI and virtual prototyping to the Internet of Things, blockchain and data analytics, Merkle has predicted that four shifts in the business-to-business market will shape tech buying appetites.
Security | TechRepublic – Read More
Magecart Attackers Pioneer Persistent E-Commerce Backdoor
/in General NewsThe infamous payment-skimmer cybercrime organization is exploiting CVE-2024-20720 in Magento for a novel approach to stealing card data.
darkreading – Read More
GAM3S.GG and Immutable Announce Partnership for Web3 Gaming Expansion
/in General NewsBy Uzair Amir
The partnership will bring millions of players into the Immutable web3 ecosystem while providing GAM3S.GG with the leading web3 gaming platform on the market.
This is a post from HackRead.com Read the original post: GAM3S.GG and Immutable Announce Partnership for Web3 Gaming Expansion
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
How your business should deal with negative feedback on social media
/in General NewsBy Owais Sultan
If used correctly, social media can not only provide businesses with a fantastic (generally free) chance to market…
This is a post from HackRead.com Read the original post: How your business should deal with negative feedback on social media
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks
/in General NewsNew research has found that artificial intelligence (AI)-as-a-service providers such as Hugging Face are susceptible to two critical risks that could allow threat actors to escalate privileges, gain cross-tenant access to other customers’ models, and even take over the continuous integration and continuous deployment (CI/CD) pipelines.
“Malicious models represent a major risk to AI systems,
The Hacker News – Read More
Cisco Warns of Vulnerability in Discontinued Small Business Routers
/in General NewsCisco says it will not release patches for a cross-site scripting vulnerability impacting end-of-life small business routers.
The post Cisco Warns of Vulnerability in Discontinued Small Business Routers appeared first on SecurityWeek.
SecurityWeek – Read More
Tech Companies Want to Build Artificial General Intelligence. But Who Decides When AGI is Attained?
/in General NewsWith so much money riding on the promise of AI advances, it’s no surprise that AGI is also becoming a corporate buzzword that sometimes attracts a quasi-religious fervor.
The post Tech Companies Want to Build Artificial General Intelligence. But Who Decides When AGI is Attained? appeared first on SecurityWeek.
SecurityWeek – Read More
Alleged Home Depot Data Breach: IntelBroker Leaks 22,000 Employee Data
/in General NewsBy Waqas
Another day, another data breach by IntelBroker hacker targeting a US-based giant!
This is a post from HackRead.com Read the original post: Alleged Home Depot Data Breach: IntelBroker Leaks 22,000 Employee Data
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More