BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
MITRE’s Cyber Resiliency Engineering Framework Aligns With DoD Cyber Maturity Model Cert
/in General NewsPost Content
darkreading – Read More
Jason Haddix Joins Flare As Field CISO
/in General NewsPost Content
darkreading – Read More
New Research Suggests Africa Is Being Used As a ‘Testing Ground’ for Nation State Cyber Warfare
/in General NewsPost Content
darkreading – Read More
Intel Harnesses Hackathons to Tackle Hardware Vulnerabilities
/in General NewsThe semiconductor manufacturing giant’s security team describes how hardware hackathons, such as Hack@DAC, have helped chip security by finding and sharing hardware vulnerabilities.
darkreading – Read More
Thousands of Qlik Sense Servers Open to Cactus Ransomware
/in General NewsThe business intelligence servers contain vulnerabilities that Qlik patched last year, but which Cactus actors have been exploiting since November. Swathes of organizations have not yet been patched.
darkreading – Read More
7-Year-Old 0-Day in Microsoft Office Exploited to Drop Cobalt Strike
/in General NewsBy Deeba Ahmed
Hackers are dusting off old tricks! A recent attack exploited vulnerabilities in systems running outdates Microsoft Office to deliver Cobalt Strike malware. Learn how to protect yourself!
This is a post from HackRead.com Read the original post: 7-Year-Old 0-Day in Microsoft Office Exploited to Drop Cobalt Strike
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Palo Alto Updates Remediation for Max-Critical Firewall Bug
/in General NewsThough PAN originally described the attacks exploiting the vulnerability as being limited, they are increasingly growing in volume, with more exploits disclosed by outside parties.
darkreading – Read More
CISO Corner: Evil SBOMs; Zero-Trust Pioneer Slams Cloud Security; MITRE’s Ivanti Issue
/in General NewsOur collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: security license mandates; a move to four-day remediation requirements; lessons on OWASP for LLMs.
darkreading – Read More
Held Back: What Exclusion Looks Like in Cybersecurity
/in General NewsYou can’t thinking about inclusion in the workplace without first understanding what kinds of exclusive behaviors prevent people from advancing in their careers.
darkreading – Read More
BeyondTrust Report: Microsoft Security Vulnerabilities Decreased by 5% in 2023
/in General NewsRefreshed software and collaboration with the security researcher community may have contributed to the 5% drop.
Security | TechRepublic – Read More