BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Google’s Gemini AI Vulnerable to Content Manipulation
/in General NewsLike ChatGPT and other GenAI tools, Gemini is susceptible to attacks that can cause it to divulge system prompts, reveal sensitive information, and execute potentially malicious actions.
darkreading – Read More
Broadcom Axes Carbon Black Sale, to Merge Unit with Symantec
/in General NewsThis decision came after offers to purchase Carbon Black fell short of expectations, resulting in Broadcom’s strategic shift to retain the company and merge it with Symantec.
Cyware News – Latest Cyber News – Read More
British Authorities Have Never Detected a Breach of Ransomware Sanctions — But is That Good or Bad News?
/in General NewsAside from frustrating ransomware payments, the sanctions regime is used by law enforcement agencies to hamper the ability of cyber threat actors to monetize their criminal activities and sow discord within certain groups.
Cyware News – Latest Cyber News – Read More
Roku Cancels Unauthorized Subscriptions and Provides Refunds for 15K Breached Accounts
/in General NewsRoku canceled unauthorized subscriptions, refunded affected user accounts, and reset passwords after discovering a breach involving hacked username and password combinations.
Cyware News – Latest Cyber News – Read More
Update: Third-Party Breach and Missing MFA Led to British Library Attack
/in General NewsThe attackers successfully copied a significant amount of data, including personal details of Library users and staff, leading to a deep and extensive impact on the institution.
Cyware News – Latest Cyber News – Read More
Binance’s Top Crypto Crime Investigator Is Being Detained in Nigeria
/in General NewsTigran Gambaryan, a former crypto-focused US federal agent, and a second Binance executive, Nadeem Anjarwalla, have been held in Abuja without passports for two weeks.
Security Latest – Read More
The French Government Says It’s Being Targeted by Unusual Intense Cyberattacks
/in General NewsA group of hackers called Anonymous Sudan, considered by cybersecurity experts as pro-Russia, claimed responsibility for the attacks in online posts.
The post The French Government Says It’s Being Targeted by Unusual Intense Cyberattacks appeared first on SecurityWeek.
SecurityWeek – Read More
Typosquatting Wave Shows No Signs of Abating
/in General NewsA spate of recent typosquatting attacks shows the scourge of this type of attack is still very much with us, even after decades of cyber defender experience with it.
darkreading – Read More
4 Security Tips From PCI DSS 4.0 Anyone Can Use
/in General NewsWith the final switchover to the latest version of the credit card standard, here’s what all security professionals can draw from the changes.
darkreading – Read More
IT-Harvest Reaches Milestone With Ingestion of 10K Cybersecurity Products Into Dashboard
/in General NewsPost Content
darkreading – Read More