BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Hacker Conversations: Tom Anthony and Scratching an Itch Without Doing Harm
/in General NewsMany hackers trace their origin to an interest in, and early exposure to, computers. Tom Anthony is no different.
The post Hacker Conversations: Tom Anthony and Scratching an Itch Without Doing Harm appeared first on SecurityWeek.
SecurityWeek – Read More
Feds Seize Radar/Dispossessor Ransomware Gang Servers in US and Europe
/in General NewsFederal authorities have seized servers belonging to the Radar/Dispossessor ransomware gang in the U.S. and Europe. The FBI dismantled dozens of servers linked to the group, which is believed to have ties to the LockBit ransomware enterprise.
Cyware News – Latest Cyber News – Read More
460k Impacted by Kootenai Health Ransomware Attack
/in General NewsKootenai Health says the personal and health information of over 460,000 individuals was stolen in a ransomware attack.
The post 460k Impacted by Kootenai Health Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Report: 35% of Exposed API Keys Still Active, Posing Major Security Risks
/in General NewsNightfall AI’s research found that 35% of exposed API keys were still active, leading to significant security risks. The study uncovered an average of about 350 secrets, including passwords and API keys, exposed per 100 employees annually on GitHub.
Cyware News – Latest Cyber News – Read More
DNC Credentials Compromised by ‘IntelFetch’ Telegram Bot
/in General NewsThe Democratic National Convention soon to take place in Chicago, already under heavy security, faces an additional threat in the form of stolen credentials for delegates.
darkreading – Read More
Critical SAP Flaw Allows Remote Attackers to Bypass Authentication
/in General NewsSAP has released a security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass flaw (CVE-2024-41730) in the SAP BusinessObjects Business Intelligence Platform.
Cyware News – Latest Cyber News – Read More
Ivanti Patches Critical Vulnerabilities in Neurons for ITSM, Virtual Traffic Manager
/in General NewsIvanti has released patches for multiple vulnerabilities in Neurons for ITSM, Avalanche, and Virtual Traffic Manager, including critical bugs.
The post Ivanti Patches Critical Vulnerabilities in Neurons for ITSM, Virtual Traffic Manager appeared first on SecurityWeek.
SecurityWeek – Read More
The AMD SinkClose security hole is dangerous. Here’s how to protect your systems
/in General NewsThe flaw threatens servers, data centers, and clouds more than the PC in front of you.
Latest stories for ZDNET in Security – Read More
Manufacturer Orion SA says scammers conned it out of $60M
/in General NewsOrion SA recently disclosed to US regulators that it fell victim to a criminal wire fraud scheme resulting in a $60 million loss. The incident, possibly a BEC scam, involved fraudulent wire transfers to unknown third-party accounts by an employee.
Cyware News – Latest Cyber News – Read More
DeathGrip: Emergence of a new Ransomware-as-a-Service
/in General NewsPromoted through Telegram and other underground forums, DeathGrip RaaS offers aspiring threat actors on the dark web sophisticated ransomware tools, including LockBit 3.0 and Chaos builders.
Cyware News – Latest Cyber News – Read More