BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Microsoft’s Windows Agent Arena: Teaching AI assistants to navigate your PC
/in General NewsMicrosoft unveils Windows Agent Arena, a groundbreaking benchmark for testing AI agents on Windows, accelerating development of AI assistants that could revolutionize human-computer interaction.Read More
Security News | VentureBeat – Read More
Fortinet Confirms Customer Data Breach via Third Party
/in General NewsThe incident is a reminder why organizations need to pay attention to how they store and secure data in SaaS and cloud environments.
darkreading – Read More
Apple Suddenly Drops NSO Group Spyware Lawsuit
/in General NewsApple said there’s “too significant a risk” of exposing the anti-exploit work needed to fend off the very adversaries involved in the case.
The post Apple Suddenly Drops NSO Group Spyware Lawsuit appeared first on SecurityWeek.
SecurityWeek – Read More
Tennessee school district loses $3.4 million to a fake curriculum vendor
/in General NewsPost Content
The Record from Recorded Future News – Read More
Over a Third of Cyberattacks Result in Job Losses
/in General NewsPost Content
darkreading – Read More
Malicious Actors Sow Discord With False Election Compromise Claims
/in General NewsThe FBI and CISA are warning citizens of attempts to convince voters that US election infrastructure has been compromised. (It hasn’t been.)
darkreading – Read More
Compliance Automation Pays Off for a Growing Company
/in General NewsIn this case study, a CISO helps a B2B marketing automation company straighten out its manual compliance process by automating it.
darkreading – Read More
Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel
/in General NewsMicrosoft is revamping how anti-malware tools interact with the Windows kernel to avoid another CrowdStrike faulty update catastrophe.
The post Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel appeared first on SecurityWeek.
SecurityWeek – Read More
NFL Teams Block & Tackle Cyberattacks in a Digital World
/in General NewsAs the 104th season of the National Football League kicks off, expect cyberattacks aimed at its customers, players, and arenas.
darkreading – Read More
Cloud-Native Network Security Up 17%, Hardware Down 2%
/in General NewsPost Content
darkreading – Read More