BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
The cybersecurity labor gap now stands at 4M+ open jobs. Intezer has raised $33M for AI tools to plug it
/in General NewsWhen it comes to talent shortages in tech, cybersecurity is one of the biggest and most urgent that needs filling. Malicious attacks are on the rise, and the techniques being used to worm into networks are also scaling up. Yet the World Economic Forum recently found that there are 4 million positions unfilled globally — […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Hydden Raises $4.4M in Seed Funding for Identity Security Platform
/in General NewsHydden has raised $4.4 million in seed funding for a solution designed to provide deep visibility into identities, accounts and privileges.
The post Hydden Raises $4.4M in Seed Funding for Identity Security Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Metabase Q Raises $11M in Series A Extension Funding
/in General NewsMetabase Q, an IT cybersecurity management company based in San Francisco, has raised $11M in its Series A extension funding. Backers include SYN Ventures and John Watters.
Cyware News – Latest Cyber News – Read More
The Dark Nexus Between Harm Groups and ‘The Com’ – Krebs on Security
/in General NewsWestern cybercriminals in online groups, like Scattered Spider, target vulnerable teens, pushing them towards harm and violence. The Com, a cybercriminal network, fosters extortion and violence among its members.
Cyware News – Latest Cyber News – Read More
Dependency Confusion Could Have Led to RCE in Google Cloud Platform
/in General NewsTenable shares details on a dependency confusion attack that led to the execution of code on Google’s internal servers.
The post Dependency Confusion Could Have Led to RCE in Google Cloud Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Researchers Seize Part of Internet Infrastructure by Exploiting an Expired WHOIS Domain
/in General NewsResearchers exploited an expired WHOIS domain, discovering that major organizations and Certificate Authorities unknowingly queried their WHOIS server, risking mis-issued TLS/SSL certificates and potential malicious exploitation.
Cyware News – Latest Cyber News – Read More
Malware Campaign Locks Browser in Kiosk Mode to Steal Google Credentials
/in General NewsThe campaign specifically targets Google’s login page and prevents users from closing the window or using certain keyboard keys to escape. Once users enter and save their credentials to unlock the computer, the StealC malware steals the credentials.
Cyware News – Latest Cyber News – Read More
DoJ: Chinese Man Used Spear-Phishing to Obtain Software From NASA, Military
/in General NewsChinese national Song Wu allegedly sent spear-phishing emails to NASA, Air Force, Navy, Army, and FAA employees.
The post DoJ: Chinese Man Used Spear-Phishing to Obtain Software From NASA, Military appeared first on SecurityWeek.
SecurityWeek – Read More
How Google and Yahoo’s shift to stricter email standards proved a windfall for this Armenian startup
/in General NewsEasyDMARC, a B2B SaaS startup out of Armenia that aims to simplify email security and authentication, said it has raised $20 million in a Series A round.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Misconfigured ServiceNow Knowledge Bases Expose Confidential Information
/in General NewsAppOmni researchers found over a thousand instances of misconfigured Knowledge Bases where articles could be compromised through Public Widgets.
Security | TechRepublic – Read More