BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Us Offers $5 Million for Info on North Korean IT Workers Involved in Job Fraud
/in General NewsThe U.S. government is offering a $5 million reward for information on a network of North Korean IT workers who allegedly scammed U.S. companies out of nearly $7 million through a job fraud scheme.
Cyware News – Latest Cyber News – Read More
Threat Actors Misusing Quick Assist in Social Engineering Attacks Leading to Ransomware
/in General NewsCybercriminals are exploiting Microsoft’s Quick Assist tool to conduct social engineering attacks and deliver ransomware like Black Basta to target users across various industries.
Cyware News – Latest Cyber News – Read More
Ongoing Malvertising Campaign leads to Ransomware
/in General NewsCybercriminals have weaponized popular software tools like WinSCP and PuTTY to deliver ransomware, tricking users into downloading malicious installers that infect their systems with a Sliver beacon and other malicious payloads.
Cyware News – Latest Cyber News – Read More
CISA Warns of Actively Exploited D-Link Router Vulnerabilities – Patch Now
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting D-Link routers to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The list of vulnerabilities is as follows –
CVE-2014-100005 – A cross-site request forgery (CSRF) vulnerability impacting D-Link DIR-600 routers that allows an
The Hacker News – Read More
Flaw in Wi-Fi-Standard can Enable SSID Confusion Attacks
/in General NewsA design flaw in the IEEE 802.11 Wi-Fi standard allows attackers to trick victims into connecting to a less secure wireless network than the one they intended to connect to, exposing them to higher risks of traffic interception and manipulation.
Cyware News – Latest Cyber News – Read More
Efficient Document Merging Strategies for Professionals
/in General NewsBy Uzair Amir
Discover time-saving document merging strategies for professionals. Learn how to streamline workflows, enhance collaboration, and protect document integrity for increased productivity and peace of mind.
This is a post from HackRead.com Read the original post: Efficient Document Merging Strategies for Professionals
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Are all Linux vendor kernels insecure? A new study says yes, but there’s a fix
/in General NewsAll vendor kernels are plagued with security vulnerabilities, according to a CIQ whitepaper. Will the Linux community ever accept upstream stable kernels?
Latest stories for ZDNET in Security – Read More
Addressing the Cybersecurity Vendor Ecosystem Disconnect
/in General NewsHow security teams can bridge the gap between short-term profits and long-term business needs.
darkreading – Read More
CrowdStrike launches advanced SIEM to power the AI-native SOC at RSAC 2024
/in General NewsWith attackers setting speed records for breakouts and tool download times, every security operations center (SOC) team needs to consider how AI can help bend time in their favor. It takes just two minutes and seven seconds to move laterally within a system after gaining access, and just 31 seconds for an attacker to download a toolkit and st…Read More
Security News | VentureBeat – Read More
Santander Falls Victim to Data Breach Involving Third-Party Provider
/in General NewsThe company reports that customers based in Chile, Spain, and Uruguay were the primary victims of the breach, alongside some former employees of the global bank.
darkreading – Read More