BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
No feed items found.
Exploit DB
- [webapps] ABB Cylon Aspect 3.08.01 - Arbitrary File Delete
- [webapps] ABB Cylon Aspect 3.08.01 - Remote Code Execution
- [webapps] Elaine's Realtime CRM Automation 6.18.17 - Reflected XSS
- [webapps] XWiki Standard 14.10 - Remote Code Execution (RCE)
- [local] Solstice Pod 6.2 - API Session Key Extraction via API Endpoint
- [webapps] Progress Telerik Report Server 2024 Q1 (10.0.24.305) - Authentication Bypass
- [webapps] Litespeed Cache 6.5.0.1 - Authentication Bypass
- [webapps] CodeCanyon RISE CRM 3.7.0 - SQL Injection
- [webapps] Rejetto HTTP File Server 2.3m - Remote Code Execution (RCE)
- [webapps] Sonatype Nexus Repository 3.53.0-01 - Path Traversal
Vulnerability in R Programming Language Could Fuel Supply Chain Attacks
/in General NewsA vulnerability (CVE-2024-27322) in the R programming language implementation can be exploited to execute arbitrary and be used as part of a supply chain attack.
The post Vulnerability in R Programming Language Could Fuel Supply Chain Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
The White House Has a New Master Plan to Stop Worst-Case Scenarios
/in General NewsPresident Joe Biden will update the directives to protect US critical infrastructure against major threats, from cyberattacks to terrorism to climate change.
Security Latest – Read More
SafeBase Scores $33M Series B Investment
/in General NewsSafeBase has raised north of $50 million since launching in 2020 with plans to simplify vendor risk assessment disclosures.
The post SafeBase Scores $33M Series B Investment appeared first on SecurityWeek.
SecurityWeek – Read More
The 6 Data Security Sessions You Shouldn’t Miss at RSAC 2024
/in General NewsThemed “The Art of Possible,” this year’s conference celebrates new challenges and opportunities in the age of AI.
darkreading – Read More
Researchers Unveil Novel Attack Methods Targeting Intel’s Conditional Branch Predictor
/in General NewsResearchers have found two novel types of attacks that target the conditional branch predictor found in high-end Intel processors, which could be exploited to compromise billions of processors currently in use.
Cyware News – Latest Cyber News – Read More
UK Enacts IoT Cybersecurity Law
/in General NewsThe Product Security and Telecommunications Infrastructure (PSTI) Act has come into effect, requiring manufacturers of consumer-grade IoT products sold in the UK to stop using guessable default passwords and have a vulnerability disclosure policy.
Cyware News – Latest Cyber News – Read More
Prompt Fuzzer: Open-Source Tool for Strengthening GenAI Apps
/in General NewsPrompt Fuzzer is interactive and user-friendly, allowing users to repeat the process as many times as needed to harden their system prompts and see their security score increase as the prompt becomes more resilient.
Cyware News – Latest Cyber News – Read More
Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues
/in General NewsMicrosoft provides an easy and logical first step into GenAI for many organizations, but beware of the pitfalls.
The post Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues appeared first on SecurityWeek.
SecurityWeek – Read More
U.S. Government Releases New AI Security Guidelines for Critical Infrastructure
/in General NewsThe U.S. government has unveiled new security guidelines aimed at bolstering critical infrastructure against artificial intelligence (AI)-related threats.
“These guidelines are informed by the whole-of-government effort to assess AI risks across all sixteen critical infrastructure sectors, and address threats both to and from, and involving AI systems,” the Department of Homeland Security (DHS)&
The Hacker News – Read More
Muddling Meerkat Hackers Manipulate DNS Using China’s Great Firewall
/in General NewsDiscovered by Infoblox, the threat activity does not have a clear goal or motivation but demonstrates sophistication and advanced capabilities to manipulate global DNS systems.
Cyware News – Latest Cyber News – Read More