BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Cybersecurity Jobs: The Demand Grows, but Supply Falls Short, Report
/in General NewsU.S. cybersecurity jobs face a talent gap, per the CyberSeek report, with only enough workers for 85% of…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Third-Party Cyber Attacks: The Threat No One Sees Coming – Here’s How to Stop Them
/in General NewsLearn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk.
In an increasingly interconnected world, supply chain attacks have emerged as a formidable threat, compromising
The Hacker News – Read More
Google, Microsoft: Russian Threat Actors Pose High Risk to 2024 Paris Olympics
/in General NewsGoogle and Microsoft warn of elevated risks of cyber threats facing the 2024 Paris Olympics, especially from Russian threat actors.
The post Google, Microsoft: Russian Threat Actors Pose High Risk to 2024 Paris Olympics appeared first on SecurityWeek.
SecurityWeek – Read More
A Russian Cyber Gang Is Thought to Be Behind a Ransomware Attack That Hit London Hospitals
/in General NewsA Russian cyber gang is believed to be behind a ransomware attack that disrupted London hospitals and led to operations and appointments being canceled.
The post A Russian Cyber Gang Is Thought to Be Behind a Ransomware Attack That Hit London Hospitals appeared first on SecurityWeek.
SecurityWeek – Read More
Exploitation of Recent Check Point VPN Zero-Day Soars
/in General NewsGreyNoise has observed a rapid increase in the number of exploitation attempts targeting a recent Check Point VPN zero-day.
The post Exploitation of Recent Check Point VPN Zero-Day Soars appeared first on SecurityWeek.
SecurityWeek – Read More
Multiple Chinese APTs Targeted Southeast Asian Government for Two Years
/in General NewsMultiple Chinese state-sponsored groups have targeted a Southeast Asian government in a years-long cyberespionage campaign.
The post Multiple Chinese APTs Targeted Southeast Asian Government for Two Years appeared first on SecurityWeek.
SecurityWeek – Read More
Interpol and FBI Break Up a Cyber Scheme in Moldova to Get Asylum for Wanted Criminals
/in General NewsA multinational operation by Interpol and the FBI cracked down on attempts in Moldova to sabotage one of the international police agency’s key tools, the Red Notice system.
The post Interpol and FBI Break Up a Cyber Scheme in Moldova to Get Asylum for Wanted Criminals appeared first on SecurityWeek.
SecurityWeek – Read More
Upleveling the State of SMB Cybersecurity
/in General NewsGone are the days when cyberattacks were deemed concerns solely by corporate giants.
The post Upleveling the State of SMB Cybersecurity appeared first on SecurityWeek.
SecurityWeek – Read More
Vulnerabilities Patched in Kiuwan Code Security Products After Long Disclosure Process
/in General NewsIt took code security firm Kiuwan nearly two years to patch several serious vulnerabilities found in its SAST products.
The post Vulnerabilities Patched in Kiuwan Code Security Products After Long Disclosure Process appeared first on SecurityWeek.
SecurityWeek – Read More
Prevent Account Takeover with Better Password Security
/in General NewsTom works for a reputable financial institution. He has a long, complex password that would be near-impossible to guess. He’s memorized it by heart, so he started using it for his social media accounts and on his personal devices too. Unbeknownst to Tom, one of these sites has had its password database compromised by hackers and put it up for sale on the dark web. Now threat actors are working
The Hacker News – Read More