BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Qilin Ransomware’s Sophisticated Tactics Unveiled By Experts
/in General NewsWith over 150 organizations in 25 countries affected, Qilin’s sophisticated tactics include exploiting vulnerabilities, using tools like Mimikatz for privilege escalation, and evading defenses by deleting logs and using PowerShell commands.
Cyware News – Latest Cyber News – Read More
Hacked YouTube Channels Use Trump Assassination News to Push Crypto Scam
/in General NewsThe scam involves deepfake videos of Elon Musk promising insights into the attack and encouraging viewers to participate in a cryptocurrency giveaway by scanning a QR code in the video.
Cyware News – Latest Cyber News – Read More
WazirX Cryptocurrency Exchange Loses $230 Million in Major Security Breach
/in General NewsIndian cryptocurrency exchange WazirX has confirmed that it was the target of a security breach that led to the theft of $230 million in cryptocurrency assets.
“A cyber attack occurred in one of our [multi-signature] wallets involving a loss of funds exceeding $230 million,” the company said in a statement. “This wallet was operated utilizing the services of Liminal’s digital asset custody and
The Hacker News – Read More
The mindset, technology and tools that are stopping ecommerce in its tracks
/in General NewsCatch up with this VB Spotlight to learn how to protect your company and customers against the newest ecommerce threats fueled by AI.Read More
Security News | VentureBeat – Read More
US Data Breach Victim Numbers Increase by 1,000%, Literally
/in General NewsThough the number of victims has risen, the actual number of breaches has gone down, as fewer, bigger breaches affect more individuals.
darkreading – Read More
SolarWinds Charges Tossed Out of Court in Legal Victory Against SEC
/in General NewsJudge dismisses claims against SolarWinds for actions taken after its systems had been breached, but allows the case to proceed for alleged misstatements prior to the incident.
darkreading – Read More
Nvidia finally open sources some of its GPU drivers. How to tell what’s under your hood
/in General NewsA welcome step toward a more open ecosystem for Linux users and developers, the upcoming R560 driver release also puts Nvidia in a better position to compete with AMD. It’s about time.
Latest news – Read More
Using Threat Intelligence to Predict Potential Ransomware Attacks
/in General NewsThe risk of suffering a ransomware attack is high and organizations must take proactive steps to protect themselves and minimize the impact of a potential breach.
The post Using Threat Intelligence to Predict Potential Ransomware Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
OpenAI Rolls Out Compliance API and Integrations for ChatGPT Enterprise
/in General NewsThe tools are being positioned as crucial to help business customers meet requirements for regulations like FINRA, HIPAA, and GDPR.
The post OpenAI Rolls Out Compliance API and Integrations for ChatGPT Enterprise appeared first on SecurityWeek.
SecurityWeek – Read More
High-Severity Cisco Bug Grants Attackers Password Access
/in General NewsThe vulnerability was given the highest CVSS score possible, though few details have been released due to its severity.
darkreading – Read More