BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
NASA IV&V Facility Expands Cybersecurity Work and Educational Outreach
/in General NewsNASA’s IV&V Facility is expanding its cybersecurity services to enhance the safety of its missions. This initiative includes incorporating cybersecurity assessments into their traditional roles of software examination.
Cyware News – Latest Cyber News – Read More
Nuclei: Open-Source Vulnerability Scanner
/in General NewsNuclei is an open-source vulnerability scanner known for its speed and customizable YAML-based templates. It offers flexibility in security checks by allowing customization of templates to send requests to multiple targets.
Cyware News – Latest Cyber News – Read More
Code Execution Vulnerability Found in WPML Plugin Installed on 1M WordPress Sites
/in General NewsA critical vulnerability in the WPML WordPress plugin could allow a remote attacker to execute arbitrary code on the server.
The post Code Execution Vulnerability Found in WPML Plugin Installed on 1M WordPress Sites appeared first on SecurityWeek.
SecurityWeek – Read More
CTEM in the Spotlight: How Gartner’s New Categories Help to Manage Exposures
/in General NewsWant to know what’s the latest and greatest in SecOps for 2024? Gartner’s recently released Hype Cycle for Security Operations report takes important steps to organize and mature the domain of Continuous Threat Exposure Management, aka CTEM. Three categories within this domain are included in this year’s report: Threat Exposure Management, Exposure Assessment Platforms (EAP), and Adversarial
The Hacker News – Read More
Why Every Business Should Prioritize Confidential Computing
/in General NewsConfidential computing safeguards data in use, making it a crucial component of cloud security.
darkreading – Read More
Researchers Warn of Text Scams That Send Drivers Fake Bills for Highway Tolls
/in General NewsCybercriminals are sending malicious SMS messages demanding payment for non-existent charges across Illinois, Florida, North Carolina, and Washington. These scams imitate state authorities and provide links to fake payment websites to steal data.
Cyware News – Latest Cyber News – Read More
Microsoft Convenes Endpoint Security Firms Following CrowdStrike Incident
/in General NewsMicrosoft has called together cybersecurity firms and government representatives for its Windows Endpoint Security Ecosystem Summit.
The post Microsoft Convenes Endpoint Security Firms Following CrowdStrike Incident appeared first on SecurityWeek.
SecurityWeek – Read More
Uber Hit With $324m GDPR Fine
/in General NewsThe Dutch Data Protection Authority (AP) announced the €290m ($324m) fine yesterday, claiming that it stems from the same concerns that have led to years-long legal wranglings between the EU and US.
Cyware News – Latest Cyber News – Read More
When Convenience Costs: CISOs Struggle With SaaS Security Oversight
/in General NewsSaaS applications are so easy to use, the decision, and the deployment, is sometimes undertaken by the business unit user with little reference to, nor oversight from, the security team.
The post When Convenience Costs: CISOs Struggle With SaaS Security Oversight appeared first on SecurityWeek.
SecurityWeek – Read More
The 5 Best Free Endpoint Protection Platforms for 2024
/in General NewsDiscover our top picks for reputable free endpoint protection platforms and compare their features, pros and cons in this in-depth guide.
Security | TechRepublic – Read More