BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Enhancing Study with QR Codes: A Modern Educational Tool
/in General NewsQR codes are enhancing education by giving students instant access to study resources, interactive homework, and collaborative tools.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
LinkedIn Hit With 310 Million Euro Fine for Data Privacy Violations From Irish Watchdog
/in General NewsLinkedIn has received a 310 million euro fine from Ireland’s Data Protection Commission for data privacy violations.
The post LinkedIn Hit With 310 Million Euro Fine for Data Privacy Violations From Irish Watchdog appeared first on SecurityWeek.
SecurityWeek – Read More
My Journey From the Air Force to Cybersecurity
/in General NewsCybersecurity is mission-driven, meaningful work that coincides with the service branches’ goals to protect, defend, and create a safer world.
darkreading – Read More
Cybersecurity Isn’t Easy When You’re Trying to Be Green
/in General NewsRenewable energy firms deal with a large cyberattack surface area, given the distributed nature of power generation and more pervasive connectivity.
darkreading – Read More
US, Australia Release New Security Guide for Software Makers
/in General NewsCISA, FBI, and ACSC have published guidance to help software manufacturers establish secure deployment processes.
The post US, Australia Release New Security Guide for Software Makers appeared first on SecurityWeek.
SecurityWeek – Read More
Landmark Admin Discloses Data Breach Impacting 800,000 People
/in General NewsInsurance administrator Landmark Admin says personal information stolen in a ransomware attack earlier this year.
The post Landmark Admin Discloses Data Breach Impacting 800,000 People appeared first on SecurityWeek.
SecurityWeek – Read More
UNC5820 Exploits FortiManager Zero-Day Vulnerability (CVE-2024-47575)
/in General NewsFortinet and Mandiant investigated the mass exploitation of FortiManager devices via CVE-2024-47575, impacting 50+ systems across industries. Threat…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
SEC Charges 4 Companies Over Misleading SolarWinds Cyberattack Disclosures
/in General NewsThe U.S. Securities and Exchange Commission (SEC) has charged four current and former public companies for making “materially misleading disclosures” related to the large-scale cyber attack that stemmed from the hack of SolarWinds in 2020.
The SEC said the companies – Avaya, Check Point, Mimecast, and Unisys – are being penalized for how they handled the disclosure process in the aftermath of
The Hacker News – Read More
AWS Seizes Domains Used by Russia’s APT29
/in General NewsAWS announced the seizure of domains used by Russian hacker group APT29 in phishing attacks targeting Ukraine and other countries.
The post AWS Seizes Domains Used by Russia’s APT29 appeared first on SecurityWeek.
SecurityWeek – Read More
New Rules for US National Security Agencies Balance AI’s Promise With Need to Protect Against Risks
/in General NewsNew rules from the White House on AI use by US national security and spy agencies aim to balance the technology’s promise with the need to protect against risks.
The post New Rules for US National Security Agencies Balance AI’s Promise With Need to Protect Against Risks appeared first on SecurityWeek.
SecurityWeek – Read More