BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
CISO Corner: Verizon DBIR Lessons; Workplace Microaggression; Shadow APIs
/in General NewsOur collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: a Tech Tip on setting up DMARC, a DNS mystery from Muddling Meerkat, and a cybersecurity checklist for M&A transitions.
darkreading – Read More
Paris Olympics Cybersecurity at Risk via Attack Surface Gaps
/in General NewsThough Olympics officials appear to have better secured their digital footprint than other major sporting events have, significant risks remain for the Paris Games.
darkreading – Read More
Palo Alto Networks Delivers Comprehensive SASE Capabilities
/in General NewsPost Content
darkreading – Read More
Permira to Acquire Majority Position in BioCatch at $1.3B Valuation
/in General NewsPost Content
darkreading – Read More
Dazz Unveils AI-Powered Automated Remediation for Application Security Posture Management
/in General NewsPost Content
darkreading – Read More
GAO: NASA Faces ‘Inconsistent’ Cybersecurity Across Spacecraft
/in General NewsThe space agency needs to implement stricter policies and standards when it comes to its cybersecurity practices, but doing so the wrong way would put machinery at risk, a federal review found.
darkreading – Read More
Code faster with generative AI, but beware the risks when you do
/in General NewsSoftware developers can achieve significant productivity gains with GenAI-powered coding help, but these may come with baggage.
Latest stories for ZDNET in Security – Read More
“Dirty Stream” Attack Affects Popular Android Apps
/in General NewsA vulnerability in popular Android apps like Xiaomi File Manager and WPS Office could allow malicious apps to overwrite files in the vulnerable app’s home directory, potentially leading to code execution and unauthorized access to user data.
Cyware News – Latest Cyber News – Read More
REvil Affiliate Off to Jail for Multimillion-Dollar Ransomware Scheme
/in General NewsCharges against the ransomware gang member included damage to computers, conspiracy to commit fraud, and conspiracy to commit money laundering.
darkreading – Read More
Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report
/in General NewsMicrosoft security chief Charlie Bell pledges significant reforms and a strategic shift to prioritize security above all other product features.
The post Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report appeared first on SecurityWeek.
SecurityWeek – Read More