BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Ivanti Patches 50 Vulnerabilities Across Several Products
/in General NewsIvanti has released fixes for dozens of vulnerabilities in Endpoint Manager, Avalanche, Connect Secure, Policy Secure, and Secure Access Client.
The post Ivanti Patches 50 Vulnerabilities Across Several Products appeared first on SecurityWeek.
SecurityWeek – Read More
Chipmaker Patch Tuesday: Intel Publishes 44 and AMD Publishes 8 New Advisories
/in General NewsIntel and AMD have published November 2024 Patch Tuesday security advisories to inform customers about vulnerabilities found recently in their products.
The post Chipmaker Patch Tuesday: Intel Publishes 44 and AMD Publishes 8 New Advisories appeared first on SecurityWeek.
SecurityWeek – Read More
CISO Forum Virtual Summit is Today
/in General NewsThe CISO Forum Virtual Summit takes place on November 13th in SecurityWeek’s Virtual Conference Center.
The post CISO Forum Virtual Summit is Today appeared first on SecurityWeek.
SecurityWeek – Read More
ICE Started Ramping Up Its Surveillance Arsenal Immediately After Donald Trump Won
/in General NewsUS Immigration and Customs Enforcement put out a fresh call for contracts for surveillance technologies before an anticipated surge in the number of people it monitors ahead of deportation hearings.
Security Latest – Read More
How to add PGP support on Android for added security and privacy
/in General NewsIf you need to add encryption or digital signing to the Thunderbird email app (or other supporting apps) on Android, there’s one clear and easy route to success.
Latest stories for ZDNET in Security – Read More
Citrix, Fortinet Patch High-Severity Vulnerabilities
/in General NewsCitrix and Fortinet have released patches for multiple vulnerabilities, including high-severity bugs in NetScaler and FortiOS.
The post Citrix, Fortinet Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
ICS Patch Tuesday: Security Advisories Released by CISA, Schneider, Siemens, Rockwell
/in General NewsCISA, Schneider Electric, Siemens, and Rockwell Automation have released November 2024 Patch Tuesday security advisories.
The post ICS Patch Tuesday: Security Advisories Released by CISA, Schneider, Siemens, Rockwell appeared first on SecurityWeek.
SecurityWeek – Read More
China’s Volt Typhoon Rebuilding Botnet
/in General NewsSecurity researchers say the botnet created by China’s Volt Typhoon re-emerged recently, leveraging the same core infrastructure and techniques.
The post China’s Volt Typhoon Rebuilding Botnet appeared first on SecurityWeek.
SecurityWeek – Read More
Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs
/in General NewsMicrosoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild.
The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated Critical, 85 are rated Important, and one is rated Moderate in
The Hacker News – Read More
Middle East Cybersecurity Efforts Catch Up After Late Start
/in General NewsDespite having only a scant focus on cybersecurity regulations a decade ago, countries in the Middle East — led by Saudi Arabia and other Gulf nations — have adopted mature frameworks and regulations amid escalating volumes of attacks.
darkreading – Read More