BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Alleged Snowflake hacker detained in Canada at DOJ’s request
/in General NewsThe hacker suspected of launching a series of major breaches involving data stored on Snowflake accounts was arrested in Canada last week after a request was issued by U.S. officials.
The Record from Recorded Future News – Read More
Flaw in Right-Wing ‘Election Integrity’ App Exposes Voter-Suppression Plan and User Data
/in General NewsA bug WIRED discovered in True the Vote’s VoteAlert app revealed user information—and an election worker who wrote about carrying out an illegal voter-suppression scheme.
Security Latest – Read More
Meet the startup that just won the Pentagon’s first AI defense contract
/in General NewsThe Pentagon awards its first-ever generative AI defense contract worth $1.8M to Jericho Security, targeting deepfake attacks and AI-powered threats against military personnel including drone pilots.Read More
Security News | VentureBeat – Read More
Canadian authorities say they arrested hacker linked to Snowflake data breaches
/in General NewsAlexander Moucka was arrested in October in Canada. Moucka is suspected of being linked to the series of Snowflake data breaches this year.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
VMWare Explore Barcelona 2024: VMWAre Tanzu Platform 10 Enters General Availability
/in General NewsAbout a year after Broadcom’s acquisition of VMWare, the company released VMware Tanzu Data Services to make connections to some third-party data engines easier.
Security | TechRepublic – Read More
How to Win at Cyber by Influencing People
/in General NewsZero trust is a mature approach that will improve your organization’s security.
darkreading – Read More
Canadian Authorities Arrest Suspected Snowflake Hacker
/in General NewsCanadian authorities have arrested Alexander ‘Connor’ Moucka, suspected of hacking multiple Snowflake accounts earlier this year.
The post Canadian Authorities Arrest Suspected Snowflake Hacker appeared first on SecurityWeek.
SecurityWeek – Read More
Oh, the Humanity! How to Make Humans Part of Cybersecurity Design
/in General NewsGovernment and industry want to jump-start the conversation around “human-centric cybersecurity” to boost the usability and effectiveness of security products and services.
darkreading – Read More
Enhance customer experiences with Generative AI
/in General NewsThe advent of Generative AI and its application in real-life use cases has been on the cards for…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
DocuSign Abused to Deliver Fake Invoices
/in General NewsCybercriminals are abusing DocuSign APIs to send bogus email messages that bypass protections such as spam and phishing filters.
The post DocuSign Abused to Deliver Fake Invoices appeared first on SecurityWeek.
SecurityWeek – Read More