BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Identities of Cybercriminals Linked to Malware Loaders Revealed
/in General NewsLaw enforcement reveals the identities of eight cybercriminals linked to recently disrupted malware loaders.
The post Identities of Cybercriminals Linked to Malware Loaders Revealed appeared first on SecurityWeek.
SecurityWeek – Read More
How Do Password Managers Work and Why Do You Need One?
/in General NewsLearn how password managers work, their benefits and why your organization needs one to secure sensitive data and prevent security breaches.
Security | TechRepublic – Read More
CISA’s Secure by Design Initiative at 1: A Report Card
/in General NewsThere is more that needs to be done, but, so far, the initiative is a success.
darkreading – Read More
5 Reasons Why You Should Use a Password Manager
/in General NewsHere are 5 reasons why you should consider using a password manager to protect your data and improve password management.
Security | TechRepublic – Read More
Live Nation Confirms Massive Ticketmaster Data Breach
/in General NewsBy Waqas
In an SEC filing, Live Nation Entertainment confirmed its subsidiary Ticketmaster suffered a data breach, claiming it will…
This is a post from HackRead.com Read the original post: Live Nation Confirms Massive Ticketmaster Data Breach
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
PoC Published for Exploited Check Point VPN Vulnerability
/in General NewsPoC code targeting a recent Check Point VPN zero-day has been released as Censys identifies 14,000 internet-accessible appliances.
The post PoC Published for Exploited Check Point VPN Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
SASE Threat Report: 8 Key Findings for Enterprise Security
/in General NewsThreat actors are evolving, yet Cyber Threat Intelligence (CTI) remains confined to each isolated point solution. Organizations require a holistic analysis across external data, inbound and outbound threats and network activity. This will enable evaluating the true state of cybersecurity in the enterprise.
Cato’s Cyber Threat Research Lab (Cato CTRL, see more details below) has recently released
The Hacker News – Read More
How Donald Trump Could Weaponize US Surveillance in a Second Term
/in General NewsDonald Trump has vowed to go after political enemies, undocumented immigrants, and others if he wins. Experts warn he could easily turn the surveillance state against his targets.
Security Latest – Read More
New V3B Phishing Kit Steals Logins and OTPs from EU Banking Users
/in General NewsBy Deeba Ahmed
New phishing kit targets European bank users! Protect yourself from V3B attacks designed to steal your logins and…
This is a post from HackRead.com Read the original post: New V3B Phishing Kit Steals Logins and OTPs from EU Banking Users
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Researcher Uncovers Flaws in Cox Modems, Potentially Impacting Millions
/in General NewsNow-patched authorization bypass issues impacting Cox modems that could have been abused as a starting point to gain unauthorized access to the devices and run malicious commands.
“This series of vulnerabilities demonstrated a way in which a fully external attacker with no prerequisites could’ve executed commands and modified the settings of millions of modems, accessed any business customer’s
The Hacker News – Read More