BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
‘EastWind’ Cyber-Spy Campaign Combines Various Chinese APT Tools
/in General NewsThe likely China-linked campaign is deploying CloudSorcerer and other proprietary binaries belonging to known state-sponsored groups, showing how advanced persistent threat groups often collaborate with each other.
darkreading – Read More
CBA’s x15ventures Set to Lead in Fintech AI Innovation
/in General NewsCBA’s x15ventures is transforming fintech AI with its Xccelerate program, boosting innovation and setting new industry benchmarks in AI technology.
Security | TechRepublic – Read More
Microsoft Patched 6 Actively Exploited Zero-Day Flaws
/in General NewsPatch Tuesday brought updates for 90 security vulnerabilities, including patching severe remote code execution vulnerabilities and closing some doors in Chromium.
Security | TechRepublic – Read More
Mimecast Announces Acquisition of Aware, Doubles Down on AI-Powered Human Risk Management Capabilities
/in General NewsPost Content
darkreading – Read More
Google Pixel 9 is first Android phone to get satellite SOS messaging
/in General NewsSkylo is powering the new emergency texting feature, which will be free for at least two years.
Latest stories for ZDNET in Security – Read More
New ISAGCA Report Explores Zero-Trust Outcomes in OT Cybersecurity
/in General NewsPost Content
darkreading – Read More
Experian Acquires Behavioral Analytics Company NeuroID
/in General NewsPost Content
darkreading – Read More
Black Basta-Linked Attackers Target Users with SystemBC Malware
/in General NewsAn ongoing social engineering campaign with alleged links to the Black Basta ransomware group has been linked to “multiple intrusion attempts” with the goal of conducting credential theft and deploying a malware dropper called SystemBC.
“The initial lure being utilized by the threat actors remains the same: an email bomb followed by an attempt to call impacted users and offer a fake solution,”
The Hacker News – Read More
Guardz Launches Free ‘Community Shield’ Plan to Empower MSPs
/in General NewsPost Content
darkreading – Read More
Gcore Radar Report Shows 46% Increase in Number of DDoS Attacks in First Half of 2024
/in General NewsPost Content
darkreading – Read More