BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Bugcrowd Acquires Informer to Enhance Attack Surface Management, Penetration Testing
/in General NewsPost Content
darkreading – Read More
MIT Brothers Charged With Exploiting Ethereum to Steal $25 Million
/in General NewsThe two MIT graduates discovered a flaw in a common trading tool for the Ethereum blockchain. Does it presage problems ahead for cryptocurrency?
darkreading – Read More
Stalkerware App With Security Bug Discovered on Hotel Systems
/in General NewsThe spyware is able to capture screenshots of a user’s device every few seconds from any location globally.
darkreading – Read More
Courtroom Recording Platform JAVS Hijacked in Supply Chain Attack
/in General NewsWith more than 10,000 installations across prisons, courts, and governments, impacted Justice AV Solutions users are urged to re-image affected endpoints and reset credentials.
darkreading – Read More
Anthropic’s Generative AI Research Reveals More About How LLMs Affect Security and Bias
/in General NewsAnthropic opened a window into the ‘black box’ where ‘features’ steer a large language model’s output.
Security | TechRepublic – Read More
The SEC slaps NYSE’s parent company with a $10M fine for not immediately reporting a hack
/in General NewsIntercontinental Exchange failed to notify nine of its subsidiaries about a VPN breach, sitting on the information for days.
Latest stories for ZDNET in Security – Read More
New Gift Card Scam Targets Retailers, Not Buyers, to Print Endless $$$
/in General NewsMicrosoft researchers discover an old-timey scam with a facelift for the cloud era: hacking retailers’ portals to make it rain gift cards.
darkreading – Read More
IBM X-Force Report: Grandoreiro Malware Targets More Than 1,500 Banks in 60 Countries
/in General NewsFind out how Grandoreiro banking trojan campaigns work and the countries targeted, as well as how to mitigate this malware threat.
Security | TechRepublic – Read More
CISA Warns of Actively Exploited Apache Flink Security Vulnerability
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting Apache Flink, the open-source, unified stream-processing and batch-processing framework, to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked as CVE-2020-17519, the issue relates to a case of improper access control that
The Hacker News – Read More
WhatsApp Engineers Fear Encryption Flaw Exposes User Data, Memo
/in General NewsBy Deeba Ahmed
Is your WhatsApp privacy a myth? New reports reveal a vulnerability that could expose who you message to government agents.
This is a post from HackRead.com Read the original post: WhatsApp Engineers Fear Encryption Flaw Exposes User Data, Memo
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More