BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Microsoft Warns of ‘Dirty Stream’ Vulnerability in Popular Android Apps
/in General NewsMicrosoft has uncovered a new type of attack called Dirty Stream that impacted Android apps with billions of installations.
The post Microsoft Warns of ‘Dirty Stream’ Vulnerability in Popular Android Apps appeared first on SecurityWeek.
SecurityWeek – Read More
Essential Steps for Zero-Trust Strategy Implementation
/in General NewsAccording to Gartner, 63% of organizations worldwide have fully or partially implemented a zero-trust strategy. For 78% of organizations implementing a zero-trust strategy, this investment represents less than 25% of the overall cybersecurity budget.
Cyware News – Latest Cyber News – Read More
Watch Out for Tech Support Scams Lurking in Sponsored Search Results
/in General NewsScammers often impersonate reputable companies like CNN and Amazon, leading users to malicious sites. Victims are urged to call fake tech support numbers, leading to costly scams.
Cyware News – Latest Cyber News – Read More
NASA Doesn’t Know if Its Spacecraft Have Adequate Cyber Defenses, GAO Warns
/in General NewsNASA has been cautioned by the Government Accountability Office (GAO) for not having mandatory security guidance in place for its spacecraft acquisition policies and standards.
Cyware News – Latest Cyber News – Read More
White House Issues National Security Memorandum for Critical Infrastructure
/in General NewsThe White House has published a national security memorandum focusing on critical infrastructure security and resilience.
The post White House Issues National Security Memorandum for Critical Infrastructure appeared first on SecurityWeek.
SecurityWeek – Read More
Lawsuits and Company Devaluations Await For Breached Firms
/in General NewsA new report from Netwrix has laid bare the significant financial and reputational costs stemming from serious cyber-attacks, including what are often unplanned expenses.
Cyware News – Latest Cyber News – Read More
These Dangerous Scammers Don’t Even Bother to Hide Their Crimes
/in General News“Yahoo Boy” cybercriminals are openly running dozens of scams across Facebook, WhatsApp, Telegram, TikTok, YouTube, and more.
Security Latest – Read More
Why Cloud Vulnerabilities Need CVEs
/in General NewsCloud services have introduced new challenges for vulnerability management, as organizations no longer control the underlying infrastructure and must focus on configuration management rather than just patching.
Cyware News – Latest Cyber News – Read More
Ransomware Rising Despite Takedowns, Says Corvus Report
/in General NewsIn its latest ransomware report, Ransomware Groups Don’t Die, They Multiply, published on April 30, the cyber insurance firm Corvus found that ransomware activity increased by 21% in the first quarter of 2024 compared to the same period in 2023.
Cyware News – Latest Cyber News – Read More
Ukrainian REvil Ransomware Affiliate Gets 13 Years in US Prison
/in General NewsYaroslav Vasinskyi was sentenced to 13 years and seven months in prison for his alleged role in the REvil ransomware operation.
The post Ukrainian REvil Ransomware Affiliate Gets 13 Years in US Prison appeared first on SecurityWeek.
SecurityWeek – Read More