BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Are Password Managers Safe to Use? (Benefits, Risks & Best Practices)
/in General NewsAre password managers safe to use? Find out if they are really secure and discover the benefits and risks of using password managers.
Security | TechRepublic – Read More
Unpacking 2024’s SaaS Threat Predictions
/in General NewsEarly in 2024, Wing Security released its State of SaaS Security report, offering surprising insights into emerging threats and best practices in the SaaS domain. Now, halfway through the year, several SaaS threat predictions from the report have already proven accurate. Fortunately, SaaS Security Posture Management (SSPM) solutions have prioritized mitigation capabilities to address many of
The Hacker News – Read More
Understanding HyperCycle’s HyperShare Smart Contract Feature
/in General NewsHyperCycle enhances AI safety and efficiency with cryptographic proofs and peer-to-peer nodes. HyperShare supports decentralized governance and income…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Chinese State-Backed Cyber Espionage Targets Southeast Asian Government
/in General NewsAn unnamed high-profile government organization in Southeast Asia emerged as the target of a “complex, long-running” Chinese state-sponsored cyber espionage operation codenamed Crimson Palace.
“The overall goal behind the campaign was to maintain access to the target network for cyberespionage in support of Chinese state interests,” Sophos researchers Paul Jaramillo, Morgan Demboski, Sean
The Hacker News – Read More
Hackers Leak 230,000 Users’ Data in “Tech in Asia” News Outlet Breach
/in General NewsA data breach allegedly at Tech in Asia has exposed the personal information of 230,000 users. Learn more…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Rebranded Knight Ransomware Targeting Healthcare and Businesses Worldwide
/in General NewsAn analysis of a nascent ransomware strain called RansomHub has revealed it to be an updated and rebranded version of Knight ransomware, itself an evolution of another ransomware known as Cyclops.
Knight (aka Cyclops 2.0) ransomware first arrived in May 2023, employing double extortion tactics to steal and encrypt victims’ data for financial gain. It’s operational across multiple platforms,
The Hacker News – Read More
Resurgence of Ransomware: Mandiant Observes Sharp Rise in Criminal Extortion Tactics
/in General NewsMandiant saw an increase in ransomware activity in 2023 compared to 2022, including a 75% increase in posts on data leak sites.
The post Resurgence of Ransomware: Mandiant Observes Sharp Rise in Criminal Extortion Tactics appeared first on SecurityWeek.
SecurityWeek – Read More
225,000 More Cybersecurity Workers Needed in US: CyberSeek
/in General NewsThere are 1.2 million cybersecurity workers in the US, but 225,000 more are needed to close the talent gap, according to new data.
The post 225,000 More Cybersecurity Workers Needed in US: CyberSeek appeared first on SecurityWeek.
SecurityWeek – Read More
Chinese Threat Clusters Triple-Team a High-Profile Asia Government Org
/in General NewsA trio of Chinese-affiliated clusters performed specialized tasks in a broader attack chain, likely under the watch of a single organization.
darkreading – Read More
‘NsaRescueAngel’ Backdoor Account Again Discovered in Zyxel Products
/in General NewsCritical vulnerabilities in discontinued Zyxel NAS products allow unauthenticated attackers to execute arbitrary code and OS commands.
The post ‘NsaRescueAngel’ Backdoor Account Again Discovered in Zyxel Products appeared first on SecurityWeek.
SecurityWeek – Read More