BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
The Dangerous Rise of GPS Attacks
/in General NewsThousands of planes and ships are facing GPS jamming and spoofing. Experts warn these attacks could potentially impact critical infrastructure, communication networks, and more.
Security Latest – Read More
Apptega Raises $15 Million for Cybersecurity Compliance Platform
/in General NewsMainsail Partners leads a $15 million financing round for end-to-end cybersecurity compliance platform company Apptega.
The post Apptega Raises $15 Million for Cybersecurity Compliance Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Island Secures $175M Investment as Enterprise Browser Startups Defy Tech Giants
/in General NewsDespite competitive pressures from industry behemoths like Microsoft and Google, investors are still betting big on startups in the specialized enterprise browser space.
The post Island Secures $175M Investment as Enterprise Browser Startups Defy Tech Giants appeared first on SecurityWeek.
SecurityWeek – Read More
Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover
/in General NewsThree vulnerabilities in the Judge0 open source service could allow attackers to escape the sandbox and obtain root privileges on the host.
The post Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover appeared first on SecurityWeek.
SecurityWeek – Read More
Wireless Carriers Face $200M FCC Fine As Data Privacy Waters Roil
/in General NewsVerizon, AT&T, and T-Mobile USA are being fined for sharing location data. They plan to appeal the decision, which is the culmination of a four-year investigation into how carriers sold customer data to third parties.
darkreading – Read More
Chinese Hackers Have Been Probing DNS Networks Globally for Years: Report
/in General NewsWhile China-linked Muddling Meerkat’s operations look like DNS DDoS attacks, it seems unlikely that denial of service is their goal, at least in the near term.
The post Chinese Hackers Have Been Probing DNS Networks Globally for Years: Report appeared first on SecurityWeek.
SecurityWeek – Read More
Researchers Discover Coordinated Attacks on Docker Hub to Plant Millions of Malicious Repositories
/in General NewsOf the 4.79 million imageless Docker Hub repositories uncovered, 3.2 million of them are said to have been used as landing pages to redirect unsuspecting users to fraudulent sites as part of three broad campaigns.
Cyware News – Latest Cyber News – Read More
Microsoft Releases New-Open Source Tool for OT Security
/in General NewsMicrosoft has released a new open-source security tool to close gaps in threat analysis for industrial control systems and help address increased nation-state attacks on critical infrastructure.
Cyware News – Latest Cyber News – Read More
FCC Fines Wireless Carriers for Sharing User Locations Without Consent
/in General NewsThe Federal Communications Commission leveraged nearly $200 million in fines against wireless carriers AT&T, Sprint, T-Mobile and Verizon for illegally sharing customers’ location data.
The post FCC Fines Wireless Carriers for Sharing User Locations Without Consent appeared first on SecurityWeek.
SecurityWeek – Read More
Millions of Malicious ‘Imageless’ Containers Planted on Docker Hub Over 5 Years
/in General NewsCybersecurity researchers have discovered multiple campaigns targeting Docker Hub by planting millions of malicious “imageless” containers over the past five years, once again underscoring how open-source registries could pave the way for supply chain attacks.
“Over four million of the repositories in Docker Hub are imageless and have no content except for the repository
The Hacker News – Read More