BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Passkey Adoption Is Accelerating in APAC — Except for Australia
/in General NewsAustralian banks and government agencies are not rushing to adopt passkey authentication methods, despite the added security benefits.
Security | TechRepublic – Read More
GreenCharlie Infrastructure Targeting US Political Entities with Advanced Phishing and Malware
/in General NewsGreenCharlie attackers use dynamic DNS providers to register domains for phishing attacks, with deceptive themes like cloud services and document visualization to trick victims into revealing sensitive information or downloading malware payloads.
Cyware News – Latest Cyber News – Read More
Why Incident Response Planning is Critical for Cybersecurity Resilience
/in General NewsCyber threats are inevitable, making preparedness necessary. In 2023, the average cost of a data breach reached $4.45…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
A New Variant of Cicada Ransomware Targets VMware ESXi Systems
/in General NewsThe group behind Cicada3301 has been recruiting affiliates on cybercrime forums since June. It is speculated that Cicada3301 could be related to the now-defunct ALPHV group, as both ransomware share similarities.
Cyware News – Latest Cyber News – Read More
Uniqkey Raises $5.92M in Funding
/in General NewsBackers included BackingMinds, in combination with industry veterans such as Jesper Zerlang (ex-CEO of Logpoint), Lars Ankjer, Otto Krabbe, Rolf Bladt, and several angels and key employees.
Cyware News – Latest Cyber News – Read More
Sinon: Open-Source Automatic Generative Burn-in for Windows Deception Hosts
/in General NewsSinon is an open-source tool designed to automate the burn-in process of Windows-based deception hosts. It simplifies the orchestration of deception hosts at scale by incorporating generative capabilities to introduce diversity and randomness.
Cyware News – Latest Cyber News – Read More
Fake Palo Alto GlobalProtect Tool Used as Lure to Backdoor Enterprises
/in General NewsA fake Palo Alto GlobalProtect VPN access tool is being used as bait by threat actors targeting Middle Eastern organizations. The malware, disguised as a legitimate tool, can steal data and execute remote commands to infiltrate networks further.
Cyware News – Latest Cyber News – Read More
The 6 Best Small Business VPNs for 2024
/in General NewsLooking for the best VPN services for SMBs? Here’s a comprehensive guide covering the top options for secure remote access and data protection on a budget.
Security | TechRepublic – Read More
Cyber Threats That Shaped the First Half of 2024
/in General NewsAccording to a report by Critical Start Cyber Research Unit, the manufacturing industry was the top target for cyber threats in H1 2024, professional services saw a 15% increase in attacks, and healthcare experienced a 180% surge in incidents.
Cyware News – Latest Cyber News – Read More
NIST Releases New Draft of Digital Identity Proofing Guidelines
/in General NewsThe new draft of NIST’s digital identity proofing guidelines includes updates to accommodate passkeys and mobile driver’s licenses, as well as options for identification without using biometrics like facial recognition.
Cyware News – Latest Cyber News – Read More