BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
BlackCat Ransomware Successor Cicada3301 Emerges
/in General NewsThe Cicada3301 ransomware shows multiple similarities with BlackCat and is believed to mark the reemergence of the threat.
The post BlackCat Ransomware Successor Cicada3301 Emerges appeared first on SecurityWeek.
SecurityWeek – Read More
Latrodectus Malware Increasingly Used by Cybercriminals
/in General NewsLatrodectus malware has been increasingly used by cybercriminals, with recent campaigns targeting the financial, automotive and healthcare sectors.
The post Latrodectus Malware Increasingly Used by Cybercriminals appeared first on SecurityWeek.
SecurityWeek – Read More
Palo Alto Networks Adds New Capabilities to OT Security Solution
/in General NewsPalo Alto Networks has added new remote access, virtual patching and firewall capabilities to its OT Security solution.
The post Palo Alto Networks Adds New Capabilities to OT Security Solution appeared first on SecurityWeek.
SecurityWeek – Read More
Pharma Giant Johnson & Johnson Discloses Data Breach
/in General NewsJohnson & Johnson has disclosed a data breach impacting the personal information of thousands of people.
The post Pharma Giant Johnson & Johnson Discloses Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability
/in General NewsVMware has released software updates to address an already patched security flaw in vCenter Server that could pave the way for remote code execution.
The vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), concerns a case of heap-overflow vulnerability in the implementation of the DCE/RPC protocol.
“A malicious actor with network access to vCenter Server may trigger this vulnerability by
The Hacker News – Read More
CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation as a zero-day.
The vulnerability in question, tracked as CVE-2024-9537 (CVSS v4 score: 9.3), refers to a bug involving an unspecified third-party component that could
The Hacker News – Read More
Russia-Linked Hackers Attack Japan’s Govt, Ports
/in General NewsRussia-linked hackers have taken aim at Japan, following its ramping up of military exercises with regional allies and the increase of its defense budget.
darkreading – Read More
Unmanaged Cloud Credentials Pose Risk to Half of Orgs
/in General NewsThese types of “long-lived” credentials pose a risk for users across all major cloud service providers, and must meet their very timely ends, researchers say.
darkreading – Read More
Meta tests facial recognition for spotting ‘celeb-bait’ ads scams and easier account recovery
/in General NewsMeta is expanding tests of facial recognition as an anti-scam measure to combat celebrity scam ads and more broadly, the Facebook owner announced Monday. Monika Bickert, Meta’s VP of content policy, wrote in a blog post that some of the tests aim to bolster its existing anti-scam measures, such as the automated scans (using machine […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Cisco Disables DevHub Access After Security Breach
/in General NewsThe networking company confirms that cyberattackers illegally accessed data belonging to some of its customers.
darkreading – Read More