BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
In the jungle of AWS S3 Enumeration
/in General NewsBy Daily Contributors
Amazon Web Services (AWS) Simple Storage Service (S3) is a foundational pillar of cloud storage, offering scalable object…
This is a post from HackRead.com Read the original post: In the jungle of AWS S3 Enumeration
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
One Phish, Two Phish, Red Phish, Blue Phish
/in General NewsBy Daily Contributors
One of the interesting things about working for a cybersecurity company is that you get to talk to…
This is a post from HackRead.com Read the original post: One Phish, Two Phish, Red Phish, Blue Phish
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Proofpoint’s CISO 2024 Report: Top Challenges Include Human Error & Risk
/in General NewsThis new report also indicates an increasing attack surface as putting pressure on CISOs. One positive note is CISOs’ improving relationships with board members.
Security | TechRepublic – Read More
Cops Swarm Global Cybercrime Botnet Infrastructure in 2 Massive Ops
/in General NewsEuropol undertook dropper malware botnet takedown while US law enforcement dismantled a sprawling cybercrime botnet for hire.
darkreading – Read More
Flawed AI Tools Create Worries for Private LLMs, Chatbots
/in General NewsCompanies are looking to large language models to help their employees glean information from unstructured data, but vulnerabilities could lead to disinformation and, potentially, data leaks.
darkreading – Read More
CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Linux kernel to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked as CVE-2024-1086 (CVSS score: 7.8), the high-severity issue relates to a use-after-free bug in the netfilter component that permits a local attacker to elevate privileges
The Hacker News – Read More
Ecuador Is Literally Powerless in the Face of Drought
/in General NewsDrought-stricken hydro dams have led to daily electricity cuts in Ecuador. As weather becomes less predictable die to climate change, experts say other countries need to take notice.
Security Latest – Read More
ShinyHunters Claims Santander Bank Breach: 30M Customers’ Data for Sale
/in General NewsBy Waqas
ShinyHunters’ claims surfaced two weeks after Santander Bank acknowledged a data breach linked to a third-party contractor involving…
This is a post from HackRead.com Read the original post: ShinyHunters Claims Santander Bank Breach: 30M Customers’ Data for Sale
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Do you need an anti-spy camera finder and bug detector? How they work
/in General NewsSocial media is awash with ads for gadgets to detect hidden cameras and bugs that might be in your home, hotel room, or Airbnb. Are they actually useful?
Latest stories for ZDNET in Security – Read More
FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine
/in General NewsCloudflare on Thursday said it took steps to disrupt a month-long phishing campaign orchestrated by a Russia-aligned threat actor called FlyingYeti targeting Ukraine.
“The FlyingYeti campaign capitalized on anxiety over the potential loss of access to housing and utilities by enticing targets to open malicious files via debt-themed lures,” Cloudflare’s threat intelligence team Cloudforce One
The Hacker News – Read More