BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Cybercriminals Pose a Greater Threat of Disruptive US Election Hacks Than Russian or China
/in General NewsA report distributed by the US Department of Homeland Security warned that financially motivated cybercriminals are more likely to attack US election infrastructure than state-backed hackers.
Security Latest – Read More
AP Sources: Chinese Hackers Targeted Phones of Trump, Vance, People Associated With Harris Campaign
/in General NewsChinese hackers engaged in a broader espionage operation targeted cellphones used by Donald Trump, JD Vance, and the Kamala Harris campaign.
The post AP Sources: Chinese Hackers Targeted Phones of Trump, Vance, People Associated With Harris Campaign appeared first on SecurityWeek.
SecurityWeek – Read More
‘All servers’ for Redline and Meta infostealers hacked by Dutch police and FBI
/in General NewsAuthorities said Operation Magnus “gained full access” to the servers for malware known as Redline and Meta, both of which are popular among cybercriminals.
The Record from Recorded Future News – Read More
Is Firefox Password Manager Secure?
/in General NewsLike other password managers, there are risks and drawbacks to consider before trusting Firefox Password Manager with your credentials.
Security | TechRepublic – Read More
Four REvil Ransomware Group Members Sentenced to Prison in Russia
/in General NewsFour members of the REvil ransomware group, arrested in 2022, were last week sentenced to prison by a Russian court.
The post Four REvil Ransomware Group Members Sentenced to Prison in Russia appeared first on SecurityWeek.
SecurityWeek – Read More
Delta Sues Cybersecurity Firm CrowdStrike Over Tech Outage That Canceled Flights
/in General NewsDelta Air Lines has sued CrowdStrike, claiming the cybersecurity company had cut corners and caused a worldwide technology outage that led to thousands of canceled flight in July.
The post Delta Sues Cybersecurity Firm CrowdStrike Over Tech Outage That Canceled Flights appeared first on SecurityWeek.
SecurityWeek – Read More
Cyber Guru Raises $25 Million for Training Platform
/in General NewsCybersecurity training provider Cyber Guru has raised $25 million in a Series B funding round led by Riverside Acceleration Capital.
The post Cyber Guru Raises $25 Million for Training Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Filigran secures $35M for its ceybersecurity threat management suite
/in General NewsParis-based startup Filigran is fast becoming the next cybersecurity rocketship to track: The company just raised a $35 million Series B round, only a few months after it raised $16 million in a Series A round. Filigran’s main product is OpenCTI, an open-source threat intelligence platform that lets companies or public sector organizations import threat […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel
/in General NewsA new attack technique could be used to bypass Microsoft’s Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks.
“This bypass allows loading unsigned kernel drivers, enabling attackers to deploy custom rootkits that can neutralize security controls, hide processes and network activity, maintain stealth, and much more,” SafeBreach
The Hacker News – Read More
How (and why) federated learning enhances cybersecurity
/in General NewsFederated learning’s popularity is rapidly increasing because it addresses common development-related security concerns.Read More
Security News | VentureBeat – Read More