BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
CISOs in Australia Urged to Take a Closer Look at Data Breach Risks
/in General NewsA leading cyber lawyer in Australia has warned CISOs and other IT leaders their organisations and careers could be at stake if they do not understand data risk and data governance practices.
Security | TechRepublic – Read More
Fake Antivirus Websites Deliver Malware to Android and Windows Devices
/in General NewsThreat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices.
“Hosting malicious software through sites which look legitimate is predatory to general consumers, especially those who look to protect their devices
The Hacker News – Read More
The SEC’s SolarWinds Case: What CISOs Should Do Now
/in General NewsThe SEC’s lawsuit may take years to resolve through litigation, but here are five things CISOs should do now to protect both themselves as individuals as well as their organizations.
darkreading – Read More
Google Fixes Eighth Actively Exploited Chrome Zero-Day This Year
/in General NewsThe security issue was discovered internally by Google’s Clément Lecigne and is tracked as CVE-2024-5274. It is a high-severity ‘type confusion’ in V8, Chrome’s JavaScript engine responsible for executing JS code.
Cyware News – Latest Cyber News – Read More
Machine Identities Lack Essential Security Controls, Pose Major Threat
/in General NewsSiloed approaches to securing human and machine identities are driving identity-based attacks across enterprises and their ecosystems, according to a new report by CyberArk.
Cyware News – Latest Cyber News – Read More
Cyber Force Provision Gets House Committee’s Approval
/in General NewsA requirement for the Pentagon to commission an independent study on the creation of a U.S. Cyber Force was added late Wednesday to the House version of the defense policy bill.
Cyware News – Latest Cyber News – Read More
When ‘No’ & ‘Good Enough’ Challenge Cybersecurity
/in General NewsAs the digital landscape evolves, these words must become an impetus for innovation and dialogue, not insurmountable barriers.
darkreading – Read More
White House Seeks Critical Cyber Assistance for Water Utilities, Healthcare
/in General NewsNational Cyber Director Harry Coker Jr. said the administration is taking actions to strengthen key critical infrastructure sectors, including healthcare and water utilities, and will pursue additional steps to fight ransomware and boost resilience.
Cyware News – Latest Cyber News – Read More
Averlon Emerges From Stealth Mode With $8 Million in Funding
/in General NewsAverson secures seed funding to build technology that uses AI to identify cloud security weaknesses and counter cyberattacks.
The post Averlon Emerges From Stealth Mode With $8 Million in Funding appeared first on SecurityWeek.
SecurityWeek – Read More
Courtroom Recording Software Compromised With Backdoor Installer
/in General News“Through ongoing monitoring and collaboration with cyber authorities, we identified attempts to replace our Viewer 8.3.7 software with a compromised file,” the company said in a statement on Thursday.
Cyware News – Latest Cyber News – Read More