BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
CISOs Pursuing AI Readiness Should Start by Updating Their Email Security Policy
/in General NewsEffective, updated policies are foundational to an organization’s cybersecurity strategy in this new era of AI-driven attacks. CISOs must proactively adapt their email security approach to protect against the latest social engineering threats.
Cyware News – Latest Cyber News – Read More
BloodAlchemy Malware Used to Target Government Agencies in Southern and Southeastern Asia
/in General NewsBLOODALCHEMY is an updated version of Deed RAT, which is believed to be a successor to ShadowPad malware. It has been used in attacks targeting government organizations in Southern and Southeastern Asia.
Cyware News – Latest Cyber News – Read More
How FHE Technology Is Making End-to-End Encryption a Reality
/in General NewsBy Uzair Amir
Is End-to-End Encryption (E2EE) a Myth? Traditional encryption has vulnerabilities. Fully Homomorphic Encryption (FHE) offers a new hope…
This is a post from HackRead.com Read the original post: How FHE Technology Is Making End-to-End Encryption a Reality
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Google Discovers Fourth Zero-Day in Less Than a Month
/in General NewsThe tech company has rolled out fixes for a type confusion vulnerability that has already been exploited by malicious actors.
darkreading – Read More
High-Severity GitLab Flaw Lets Attackers Take Over Accounts
/in General NewsThe security flaw (tracked as CVE-2024-4835) is an XSS weakness in the VS code editor (Web IDE) that lets threat actors steal restricted information using maliciously crafted pages.
Cyware News – Latest Cyber News – Read More
Get a Lifetime of 1TB Cloud Storage for Only $80 With FolderFort
/in General NewsFast, affordable cloud storage isn’t always easy to find for businesses, but now you can have a massive amount with maximum security.
Security | TechRepublic – Read More
AI Seoul Summit: 4 Key Takeaways on AI Safety Standards and Regulations
/in General NewsMajor breakthroughs were made in global nations’ AI safety commitments, AI safety institutes, research grants and AI risk thresholds at this month’s AI Seoul Summit.
Security | TechRepublic – Read More
Morocco-based Cybercriminals Cashing in on Bold Gift Card Scams
/in General News“Rather than scam or phish everyday people directly for gift card-based payments, Storm-0539 infiltrates large retailers and fraudulently issues gift card codes to themselves, virtually printing their own money,” Microsoft’s Vasu Jakkal explained.
Cyware News – Latest Cyber News – Read More
Bugcrowd Buys Informer to Enhance Attack Surface Management
/in General NewsBugcrowd CEO Dave Gerry said their acquisition of Brighton, England-based Informer will fuel the adoption of Bugcrowd’s penetration testing technology and prompt clients to expand the scope of their bug bounty programs.
Cyware News – Latest Cyber News – Read More
Three-Year-Old Apache Flink Flaw Now Under Active Attack
/in General NewsAn improper access control bug in Apache Flink that was fixed in January 2021 has been added to the US government’s Known Exploited Vulnerabilities Catalog, meaning criminals are right now abusing the flaw in the wild to compromise targets.
Cyware News – Latest Cyber News – Read More