BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
German Law Could Protect Researchers Reporting Vulns
/in General NewsThe draft amendment also includes prison time for those who access systems to maliciously spy or intercept data.
darkreading – Read More
Increasing Awareness of DNS Hijacking: A Growing Cyber Threat
/in General NewsRead more about DNS hijacking and how organizations can prevent it.
Security | TechRepublic – Read More
International Police Effort Obliterates Cybercrime Network
/in General NewsInterpol disrupts 22,000 malicious IP addresses, 59 servers, 43 electronic devices, and arrests 41 suspected cybercriminals.
darkreading – Read More
Scammers Target BASE and Ethereum with Political Meme Coins and Rug Pulls
/in General NewsGlobal Blockchain Scams Surge on BASE and Across Networks, Trugard Labs Reports.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Despite Emerging Regulations, Mobile Device, IoT Security Requires More Industry Attention
/in General NewsOmdia Principal Analyst Hollie Hennessy says that until a promising new set of regulations around the world comes online, connected device security entails a shared responsibility among consumers, enterprises, and manufacturers.
darkreading – Read More
Nokia: No Evidence So Far That Hackers Breached Company Data
/in General NewsThe mobile device maker continues to investigate IntelBroker’s claims of another high-profile data breach, with the cybercriminal group posting on BreachForums internal data allegedly stolen from Nokia through a third-party contractor.
darkreading – Read More
Outages impact Washington state courts after ‘unauthorized activity’ detected on network
/in General NewsCourts in the Washington counties of Thurston, Monroe, Renton, Puyallup, Bainbridge, King, Pierce, Whatcom, and Lewis have all been impacted by what may be a cyber intrusion.
The Record from Recorded Future News – Read More
INTERPOL Arrests 41, Takes Down 22,000 Malicious IPs and 59 Servers
/in General NewsINTERPOL with global law enforcement and Group-IB, successfully dismantled a vast network of malicious IP addresses and servers.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Google Cloud Rolling Out Mandatory MFA for All Users
/in General NewsStarting this month, Google Cloud will be rolling out mandatory MFA for all users who sign in with a password.
The post Google Cloud Rolling Out Mandatory MFA for All Users appeared first on SecurityWeek.
SecurityWeek – Read More
How to Outsmart Stealthy E-Crime and Nation-State Threats
/in General NewsIn a time of increasingly sophisticated cross-domain attacks, relying solely on automated solutions isn’t enough.
darkreading – Read More