BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Decoding the data dilemma: Strategies for effective data deletion in the age of AI
/in General NewsWhy navigating the intricacies of data deletion requires a strategic approach around legal, cybersecurity and financial implications.Read More
Security News | VentureBeat – Read More
Lazarus Group Hackers Appear to Return to Tornado Cash for Money Laundering
/in General NewsNorth Korea’s Lazarus hacking group has reportedly used the Tornado Cash mixing service to launder $23 million stolen during a November 2023 cyberattack on the HTX cryptocurrency exchange.
Cyware News – Latest Cyber News – Read More
Pennsylvania’s Scranton School District Dealing with Ransomware Attack
/in General NewsAs a result of the attack, some computer systems and services are temporarily disrupted, causing files to be inaccessible and certain functions to operate slower than usual.
Cyware News – Latest Cyber News – Read More
Critical Vulnerability Remains Unpatched in Two Permanently Closed MiniOrange WordPress Plugins
/in General NewsThousands of WordPress websites are at risk due to critical vulnerabilities in two discontinued MiniOrange plugins, allowing attackers to escalate privileges and compromise sites.
Cyware News – Latest Cyber News – Read More
Security expert Chris Krebs on TikTok, AI and the key to survival
/in General NewsVentureBeat spoke with Krebs about the recent TikTok legislation, AI and what companies can do to be vigilant about cybersecurity.Read More
Security News | VentureBeat – Read More
5 Best VPNs for Travel in 2024 (Free & Paid VPNs)
/in General NewsWhat’s the best VPN to use when traveling? Our in-depth guide helps you understand what to look for in a VPN and find the best solution for your needs.
Security | TechRepublic – Read More
NHS Breach, HSE Bug Expose Healthcare Data in the British Isles
/in General NewsWhoopsies in Ireland and Scotland speak to a tenuousness of cyber protections for sensitive private healthcare data.
darkreading – Read More
Apple researchers achieve breakthroughs in multimodal AI as company ramps up investments
/in General NewsApple researchers achieve state-of-the-art results in multimodal AI with MM1 models, combining text and images for breakthroughs in image captioning, visual question answering, and few-shot learning, as the company invests heavily in AI to enhance Siri, Messages, and future products.Read More
Security News | VentureBeat – Read More
GhostRace – New Data Leak Vulnerability Affects Modern CPUs
/in General NewsA group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution.
Dubbed GhostRace (CVE-2024-2193), it is a variation of the transient execution CPU vulnerability known as Spectre v1 (CVE-2017-5753). The approach combines speculative execution and race conditions.
“All the common synchronization primitives implemented
The Hacker News – Read More
Sinking Section 702 Wiretap Program Offered One Last Lifeboat
/in General NewsFor months, US lawmakers have examined every side of a historic surveillance debate. With the introduction of the SAFE Act, all that’s left to do now is vote.
Security Latest – Read More