BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
New Cyware Survey Reveals Critical Gaps in Cybersecurity Threat Intelligence Sharing and Collaboration
/in General NewsAs per the Cyware survey, 91% of respondents recognize the significance of collaboration in cybersecurity, but many struggle to effectively combine insights across teams and platforms.
Cyware News – Latest Cyber News – Read More
Crowdstrike’s faulty update triggers global Windows blackout, disrupting critical enterprise operations
/in General NewsWhile many Windows systems continue to be impacted, the problem has been narrowed down to cybersecurity firm Crowdstrike. Read More
Security News | VentureBeat – Read More
APT41 Infiltrates Networks in Italy, Spain, Taiwan, Turkey, and the U.K.
/in General NewsSeveral organizations operating within global shipping and logistics, media and entertainment, technology, and automotive sectors in Italy, Spain, Taiwan, Thailand, Turkey, and the U.K. have become the target of a “sustained campaign” by the prolific China-based APT41 hacking group.
“APT41 successfully infiltrated and maintained prolonged, unauthorized access to numerous victims’ networks since
The Hacker News – Read More
SolarWinds Patches 11 Critical Flaws in Access Rights Manager Software
/in General NewsSolarWinds has addressed a set of critical security flaws impacting its Access Rights Manager (ARM) software that could be exploited to access sensitive information or execute arbitrary code.
Of the 11 vulnerabilities, seven are rated Critical in severity and carry a CVSS score of 9.6 out of 10.0. The remaining four weaknesses have been rated High in severity, with each of them having a CVSS
The Hacker News – Read More
Huge Microsoft Outage, Linked to CrowdStrike, Takes Down Computers Around the World
/in General NewsA software update from cybersecurity company Crowdstrike appears to have inadvertently disrupted IT systems globally.
Security Latest – Read More
$300,000 Offered for WhatsApp Exploit at Pwn2Own Ireland
/in General NewsThe Pwn2Own hacking competition is moving to Ireland and $300,000 is being offered for a zero-click exploit against WhatsApp.
The post $300,000 Offered for WhatsApp Exploit at Pwn2Own Ireland appeared first on SecurityWeek.
SecurityWeek – Read More
SolarWinds Fixes Eight Critical Bugs in Access Rights Audit Software
/in General NewsThe vulnerabilities (CVE-2024-23469, CVE-2024-23466, CVE-2024-23467, CVE-2024-28074, CVE-2024-23471, and CVE-2024-23470) were all rated with severity scores of 9.6/10 and posed risks of unauthorized actions and information disclosure.
Cyware News – Latest Cyber News – Read More
Critical Cisco Bug Lets Hackers Add Root Users on SEG Devices
/in General NewsCisco has addressed a critical vulnerability that allows attackers to add new users with root privileges and crash Security Email Gateway (SEG) appliances by sending emails with malicious attachments.
Cyware News – Latest Cyber News – Read More
Summary of “AI Leaders Spill Their Secrets” Webinar
/in General NewsEvent Overview
The “AI Leaders Spill Their Secrets” webinar, hosted by Sigma Computing, featured prominent AI experts sharing their experiences and strategies for success in the AI industry. The panel included Michael Ward from Sardine, Damon Bryan from Hyperfinity, and Stephen Hillian from Astronomer, moderated by Zalak Trivedi, Sigma Computing’s Product Manager.
Key Speakers and Their
The Hacker News – Read More
Instagram unveiled a new feature. Here’s how you can use it (and why you’ll want to)
/in General NewsNotes on Instagram is about to take on a new meaning.
Latest news – Read More