BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Cybersecurity Threats Intensify in the Middle East During Ramadan
/in General NewsHow security teams in the region fortify their defenses amid short-staffing — and increased DDoS, phishing, and ransomware campaigns — during the Muslim holy month.
darkreading – Read More
Funding the Organizations Securing the Internet
/in General NewsCommon Good Cyber is a global consortium connecting nonprofit, private sector, and government organizations to fund organizations focused on securing Internet infrastructure.
darkreading – Read More
Google to Purge Billions of Files Containing Personal Data in Settlement of Chrome Privacy Case
/in General NewsGoogle agreed to purge billions of records containing personal information collected from more than 136 million people using its Chrome web browser as part of settlement in a lawsuit accusing it of illegal surveillance.
The post Google to Purge Billions of Files Containing Personal Data in Settlement of Chrome Privacy Case appeared first on SecurityWeek.
SecurityWeek – Read More
Backdoor Discovered in XZ Utils: Patch Your Systems Now (CVE-2024-3094)
/in General NewsBy Waqas
Critical Backdoor Alert! Patch XZ Utils Now (CVE-2024-3094) & Secure Your Linux System. Learn how a hidden backdoor…
This is a post from HackRead.com Read the original post: Backdoor Discovered in XZ Utils: Patch Your Systems Now (CVE-2024-3094)
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Microsoft Beefs Up Defenses in Azure AI
/in General NewsMicrosoft adds tools to protect Azure AI from threats such as prompt injection, as well as give developers the capabilities to ensure generative AI apps are more resilient to model and content manipulation attacks.
darkreading – Read More
The Incognito Mode Myth Has Fully Unraveled
/in General NewsTo settle a years-long lawsuit, Google has agreed to delete “billions of data records” collected from users of “Incognito mode,” illuminating the pitfalls of relying on Chrome to protect your privacy.
Security Latest – Read More
XZ Utils Backdoor Implanted in Carefully Executed, Multiyear Supply Chain Attack
/in General NewsHad a Microsoft developer not spotted the malware when he did, the outcome could have been much worse.
darkreading – Read More
AT&T Confirms 73M Customers Affected in Data Leak
/in General NewsAT&T denies any evidence of unauthorized access but admits that a data set released on the Dark Web including Social Security numbers and other sensitive information on tens of millions of customers is genuine.
darkreading – Read More
Banks in Singapore begin sharing data to combat financial crime
/in General NewsSix banks will share customer data deemed suspicious in a bid to fight money laundering and terrorism financing activities.
Latest stories for ZDNET in Security – Read More
Sprawling Sellafield Nuclear Waste Site Prosecuted for Cybersecurity Failings
/in General NewsUK regulator said that one of the world’s most toxic sites accumulated cybersecurity “offenses” from 2019 to 2023.
darkreading – Read More