BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Recent Version of LightSpy iOS Malware Packs Destructive Capabilities
/in General NewsA newer version of the LightSpy malware for iOS includes over a dozen new plugins, many with destructive capabilities.
The post Recent Version of LightSpy iOS Malware Packs Destructive Capabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Google Patches Critical Chrome Vulnerability Reported by Apple
/in General NewsGoogle has patched CVE-2024-10487, a critical Chrome vulnerability, and Mozilla has patched high-severity flaws in Firefox.
The post Google Patches Critical Chrome Vulnerability Reported by Apple appeared first on SecurityWeek.
SecurityWeek – Read More
Synology, QNAP, TrueNAS Address Vulnerabilities Exploited at Pwn2Own Ireland
/in General NewsSynology, QNAP and TrueNAS have started patching and mitigating the vulnerabilities exploited recently at Pwn2Own Ireland 2024.
The post Synology, QNAP, TrueNAS Address Vulnerabilities Exploited at Pwn2Own Ireland appeared first on SecurityWeek.
SecurityWeek – Read More
Best Antivirus Software for Small Businesses in 2024
/in General NewsBitdefender is our overall pick for the best antivirus software for small businesses, while Norton offers 24/7 support, and ESET provides scalability.
Security | TechRepublic – Read More
Italian Politicians Express Alarm at Latest Data Breach Allegedly Affecting 800,000 Citizens
/in General NewsProsecutors say the data of at least 800,000 Italians was compromised in breaches dating from 2022 by a private investigative agency.
The post Italian Politicians Express Alarm at Latest Data Breach Allegedly Affecting 800,000 Citizens appeared first on SecurityWeek.
SecurityWeek – Read More
Russia’s ‘Midnight Blizzard’ hackers target government workers in novel info-stealing campaign
/in General NewsMicrosoft’s Threat Intelligence team said it has seen a Russian actor it tracks as Midnight Blizzard sending “highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors” since October 22.
The Record from Recorded Future News – Read More
2024 Startup Battlefield Top 20 Finalists: ForceField
/in General NewsMARQ protects company, community & country data with tamper-proof badges. Patent-pending APIs defend against deepfake scams, fraud & breaches. Subscribe for more on YouTube: https://tcrn.ch/youtube Follow TechCrunch on Instagram: http://tcrn.ch/instagram TikTok: https://tcrn.ch/tiktok X: tcrn.ch/x Threads: https://tcrn.ch/threads Facebook: https://tcrn.ch/facebook Bluesky: https://tcrn.ch/bluesky Mastodon: https://tcrn.ch/mstdn Read more: https://techcrunch.com/
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Recurring Windows Flaw Could Expose User Credentials
/in General NewsNow a zero-day, the vulnerability enables NTLM hash theft, an issue that Microsoft has already fixed twice before.
darkreading – Read More
China’s ‘Evasive Panda’ APT Debuts High-End Cloud Hijacking
/in General NewsA professional-grade tool set, appropriately dubbed “CloudScout,” is infiltrating cloud apps like Microsoft Outlook and Google Drive, targeting sensitive info for exfiltration.
darkreading – Read More
How a series of opsec failures led US authorities to the alleged developer of the Redline password-stealing malware
/in General NewsProsecutors allege that Redline infected millions of computers around the world since 2020, including several hundred machines at the U.S. Dept. of Defense.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More