BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Network Threats: A Step-by-Step Attack Demonstration
/in General NewsFollow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy.
Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit
The Hacker News – Read More
Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking
/in General NewsThe Brocade SANnav management application is affected by multiple vulnerabilities, including a publicly available root password.
The post Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking appeared first on SecurityWeek.
SecurityWeek – Read More
Popular File Transfer Software CrushFTP Hit by Zero-Day Exploit
/in General NewsBy Deeba Ahmed
Popular File Transfer Software Hit by Zero-Day Exploit: Millions Potentially Exposed – Install Patches Right Now!
This is a post from HackRead.com Read the original post: Popular File Transfer Software CrushFTP Hit by Zero-Day Exploit
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Attackers Leverage Black Hat SEO Techniques to Distribute Info-Stealer Malware
/in General NewsThreat actors utilize fraudulent websites hosted on popular legitimate platforms to spread malware and steal data. To evade detection, attackers employ obfuscation methods and checks on referral URLs.
Cyware News – Latest Cyber News – Read More
Endpoint Security Firm ThreatLocker Raises $115 Million in Series D Funding
/in General NewsZero trust endpoint security company ThreatLocker has announced a $115 million Series D funding round that brings the total to $240 million.
The post Endpoint Security Firm ThreatLocker Raises $115 Million in Series D Funding appeared first on SecurityWeek.
SecurityWeek – Read More
DOJ Arrests Founders of Crypto Mixer Samourai for $2 Billion in Illegal Transactions
/in General NewsThe U.S. Department of Justice (DoJ) on Wednesday announced the arrest of two co-founders of a cryptocurrency mixer called Samourai and seized the service for allegedly facilitating over $2 billion in illegal transactions and for laundering more than $100 million in criminal proceeds.
To that end, Keonne Rodriguez, 35, and William Lonergan Hill, 65, have been charged
The Hacker News – Read More
Ring Customers Get $5.6 Million in Privacy Breach Settlement
/in General NewsThe FTC is sending $5.6 million in refunds to Ring users whose private video feeds were accessed without consent by Amazon employees and contractors, or had their accounts and devices hacked because of insufficient security protections.
Cyware News – Latest Cyber News – Read More
Vulnerabilities in Microsoft’s PlayReady DRM Could Enable Illegal Movie Downloads From Streaming Services
/in General NewsThe research identified deficiencies in various PMP components that could be exploited to gain access to plaintext content keys guarded by PlayReady DRM in Windows 10/11 environments.
Cyware News – Latest Cyber News – Read More
ArcaneDoor Hackers Exploit Cisco Zero-Days to Breach Government Networks
/in General NewsThe hackers, identified as UAT4356 by Cisco Talos and STORM-1849 by Microsoft, began infiltrating vulnerable edge devices in early November 2023 in a cyber-espionage campaign tracked as ArcaneDoor.
Cyware News – Latest Cyber News – Read More
Report: Security Leaders Braced for Daily AI-Driven Attacks by Year-End
/in General NewsMost businesses are concerned about AI-enabled cyber-threats, with 93% of security leaders expecting to face daily AI-driven attacks by the end of 2024, according to a new report by Netacea.
Cyware News – Latest Cyber News – Read More