BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Sophos X-Ops: Ransomware gangs escalating tactics, going to ‘chilling’ lengths
/in General NewsWhether targeting executives’ family members or snitching on those that don’t pay, ransomware gangs are taking their tactics to new heights.Read More
Security News | VentureBeat – Read More
Iran Reportedly Grapples With Major Cyberattack on Banking Systems
/in General NewsThe last known cyberattack waged against Iranian infrastructure took place last December with the blame placed on Israel and the US.
darkreading – Read More
The Slow-Burn Nightmare of the National Public Data Breach
/in General NewsSocial Security numbers, physical addresses, and more—all available online. After months of confusion, leaked information from a background-check firm underscores the long-term risks of data breaches.
Security Latest – Read More
Are 2024 US Political Campaigns Prepared for the Coming Cyber Threats?
/in General NewsWhen it comes to this year’s candidates and political campaigns fending off major cyberattacks, a lot has changed since the 2016 election cycle.
darkreading – Read More
Doppelgänger Operation Rushes to Secure Itself Amid Ongoing Detections, German Agency Says
/in General NewsEuropean hosting companies were found to be supporting the Kremlin-linked disinformation campaign, prompting Doppelgänger operators to quickly back up their systems and data.
Cyware News – Latest Cyber News – Read More
Threat Actors Increasingly Target macOS, Report Finds
/in General NewsA new report from cyber threat intelligence company Intel471 reveals that threat actors are infiltrating macOS.
Security | TechRepublic – Read More
DigiCert Announces Acquisition of Vercara
/in General NewsDigiCert has announced the acquisition of Vercara to offer customers a unified DNS and certificate management experience. Vercara provides cloud-based services like managed DNS and DDoS security to protect networks and applications.
Cyware News – Latest Cyber News – Read More
Why Training is Critical to Implementing Cisco HyperShield
/in General NewsCary, United States / North Carolina, 16th August 2024, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Biotech Company Hacked in 2023 Pays States $4.5 Million Over Breached Data
/in General NewsThe state attorneys general of New York, New Jersey, and Connecticut reached an agreement with Enzo Biochem, which revealed the incident to the federal government in May 2023.
Cyware News – Latest Cyber News – Read More
Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts
/in General NewsA large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files (.env) that contain credentials associated with cloud and social media applications.
“Multiple security missteps were present in the course of this campaign, including the following: Exposing environment variables, using long-lived credentials, and absence
The Hacker News – Read More