BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
AuthenticID Unveils Enhanced Smart ReAuth™ for Instant Biometric Reauthentication
/in General NewsPost Content
darkreading – Read More
Top Travel Sites Have Some First-Class Security Issues to Clean Up
/in General NewsPublic-facing vulnerabilities, cloud sprawl, access to back-end servers are just a few of the challenges travel and hospitality companies must address.
darkreading – Read More
Exploited: CISA Highlights Apache OFBiz Flaw After PoC Emerges
/in General NewsThe vulnerability carries nearly the highest score possible on the CVSS scale, at 9.8, impacting a system used by major companies around the world.
darkreading – Read More
10 ways to speed up your slow internet connection today
/in General NewsIs your slow internet connection getting you down? Here are the most common causes and how to fix them.
Latest stories for ZDNET in Security – Read More
Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack
/in General NewsCybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with information-stealing malware.
“These campaigns delivered n-day exploits for which patches were available, but would still be effective against unpatched devices,” Google Threat Analysis Group (TAG) researcher Clement
The Hacker News – Read More
Vietnamese Human Rights Group Targeted in Multi-Year Cyberattack by APT32
/in General NewsA non-profit supporting Vietnamese human rights has been the target of a multi-year campaign designed to deliver a variety of malware on compromised hosts.
Cybersecurity company Huntress attributed the activity to a threat cluster known as APT32, a Vietnamese-aligned hacking crew that’s also known as APT-C-00, Canvas Cyclone (formerly Bismuth), Cobalt Kitty, and OceanLotus. The intrusion is
The Hacker News – Read More
Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs
/in General NewsThere are approximately 163 devices worldwide that are still exposed to attack via the CVE-2024-39717 vulnerability.
Security | TechRepublic – Read More
Hackers Calling Employees to Steal VPN Credentials from US Firms
/in General NewsWatch out for THE CALL!
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Powerful Spyware Exploits Enable a New String of ‘Watering Hole’ Attacks
/in General NewsSuspected Russian hackers have compromised a series of websites to utilize sophisticated spyware exploits that are eerily similar to those created by NSO Group and Intellexa.
Security Latest – Read More
How Telecom Vulnerabilities Can Be a Threat to Cybersecurity Posture
/in General NewsTelecom-based attacks such as SMS toll fraud and 2FA hijacking have evolved into a mainstream concern for CISOs.
darkreading – Read More