BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware Arsenal
/in General NewsMultiple threat actors are weaponizing a design flaw in Foxit PDF Reader to deliver a variety of malware such as Agent Tesla, AsyncRAT, DCRat, NanoCore RAT, NjRAT, Pony, Remcos RAT, and XWorm.
“This exploit triggers security warnings that could deceive unsuspecting users into executing harmful commands,” Check Point said in a technical report. “This exploit has been used by multiple
The Hacker News – Read More
Are All Linux Vendor Kernels Insecure? A New Study Says Yes, but There’s a Fix
/in General NewsA study by CIQ found that Linux vendor kernels, such as those used in Red Hat Enterprise Linux (RHEL), have significant security vulnerabilities due to the backporting process used to maintain stability.
Cyware News – Latest Cyber News – Read More
CyberArk to Acquire Machine Identity Firm Venafi for $1.54 Billion
/in General NewsCyberArk agreed to acquire machine identity management Venafi from Thoma Bravo for $1.54 billion.
The post CyberArk to Acquire Machine Identity Firm Venafi for $1.54 Billion appeared first on SecurityWeek.
SecurityWeek – Read More
WikiLeaks’ Julian Assange Can Appeal His Extradition to the US, British Court Says
/in General NewsTwo judges in London have ruled WikiLeaks’ founder Julian Assange can appeal his extradition to the US on freedom of speech grounds.
Security Latest – Read More
CISA Senior Official Goldstein to Leave Agency in June
/in General NewsEric Goldstein, the executive assistant director for cybersecurity at the CISA, is leaving the agency in June after playing a crucial role in driving the agency’s secure-by-design initiatives and strengthening partnerships with the private sector.
Cyware News – Latest Cyber News – Read More
Eric Goldstein Leaving CISA for Private Sector Role
/in General NewsCISA executive assistant director for cybersecurity Eric Goldstein is leaving the agency after more than three years.
The post Eric Goldstein Leaving CISA for Private Sector Role appeared first on SecurityWeek.
SecurityWeek – Read More
White House Unveils AI Safety Framework for US Workers
/in General NewsThe White House unveiled a framework to protect U.S. workers from AI risks, emphasizing health and safety rights, governance, human oversight, and transparency as organizations adopt new technologies.
Cyware News – Latest Cyber News – Read More
2.4 Million Impacted by WebTPA Data Breach
/in General NewsHealth insurance firm WebTPA says the personal information of 2.4 million individuals was compromised in a data breach.
The post 2.4 Million Impacted by WebTPA Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
Two Students Uncover Security Bug That Could Let Millions Do Their Laundry for Free
/in General NewsTwo students at UC Santa Cruz, Alexander Sherbrooke and Iakov Taranenko, discovered a security vulnerability in the API used by CSC ServiceWorks’ mobile app that allows anyone to remotely operate the company’s laundry machines for free.
Cyware News – Latest Cyber News – Read More
Cybersecurity M&A Roundup for First Half of May 2024
/in General NewsRoundup of the cybersecurity-related merger and acquisition (M&A) deals announced in the first half of May 2024.
The post Cybersecurity M&A Roundup for First Half of May 2024 appeared first on SecurityWeek.
SecurityWeek – Read More