BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
‘Muddling Meerkat’ Poses Nation-State DNS Mystery
/in General NewsLikely China-linked adversary has blanketed the Internet with DNS mail requests over the past five years via open resolvers, furthering Great Firewall of China ambitions. But the exact nature of its activity is unclear.
darkreading – Read More
91% of ransomware victims paid at least one ransom in the past year, survey finds
/in General NewsWith more than half of organizations experiencing at least six ransomware attack attempts over the past year, many want more budget to cope.
Latest stories for ZDNET in Security – Read More
Kaiser Permanente Discloses Data Breach Impacting 13.4 Million Patients
/in General NewsUS healthcare giant is warning millions of current and former patients that their personal information was exposed to third-party advertisers.
The post Kaiser Permanente Discloses Data Breach Impacting 13.4 Million Patients appeared first on SecurityWeek.
SecurityWeek – Read More
China-Linked ‘Muddling Meerkat’ Hijacks DNS to Map Internet on Global Scale
/in General NewsA previously undocumented cyber threat dubbed Muddling Meerkat has been observed undertaking sophisticated domain name system (DNS) activities in a likely effort to evade security measures and conduct reconnaissance of networks across the world since October 2019.
Cloud security firm Infoblox described the threat actor as likely affiliated with the
The Hacker News – Read More
Beyond the Buzz: Rethinking Alcohol as a Cybersecurity Bonding Ritual
/in General NewsJennifer Leggio makes the case for more alcohol-free networking events at conferences, and community-building opportunities for sober individuals working in cybersecurity.
The post Beyond the Buzz: Rethinking Alcohol as a Cybersecurity Bonding Ritual appeared first on SecurityWeek.
SecurityWeek – Read More
DDoS Attacks Continue, Post-Election, Against Russian Independent Media Site Meduza
/in General NewsIn April, Meduza faced two large-scale distributed denial-of-service (DDoS) attacks, prompting it to reach out to Qurium to investigate their origin and composition, the researchers said.
Cyware News – Latest Cyber News – Read More
More Than 800 Vulnerabilities Resolved Through CISA Ransomware Notification Pilot
/in General NewsThe Ransomware Vulnerability Warning Pilot was unveiled in January 2023 as a program designed to “identify organizations with internet-accessible vulnerabilities commonly associated with known ransomware actors.”
Cyware News – Latest Cyber News – Read More
Addressing Risk Caused by Innovation
/in General NewsBy embracing a proactive approach to cyber-risk management, companies can better detect, prevent, and mitigate cyber threats while integrating the latest state-of-the-art technology.
darkreading – Read More
How to Red Team GenAI: Challenges, Best Practices, and Learnings
/in General NewsRed teaming is a crucial part of proactive GenAI security that helps map and measure AI risks.
darkreading – Read More
British Intelligence Moves to Protect Research Universities From Espionage
/in General NewsThe head of Britain’s domestic intelligence agency warned the country’s leading research universities on Thursday that foreign states are targeting their institutions and imperiling national security.
Cyware News – Latest Cyber News – Read More