BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation
/in General NewsCISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild.
The post CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation appeared first on SecurityWeek.
SecurityWeek – Read More
Veeam Acquires Coveware to Boost its Ransomware Protection Capabilities
/in General NewsVeeam Software announced the acquisition of Coveware, a provider of cyber-extortion incident response. It brings ransomware recovery and first responder capabilities to further strengthen Veeam’s radical resilience solutions for customers.
Cyware News – Latest Cyber News – Read More
Nagomi Security Emerges From Stealth With $30 Million in Funding
/in General NewsNagomi Security, a company that helps customers prevent threats by leveraging existing security tools, emerged from stealth with $30 million in funding.
The post Nagomi Security Emerges From Stealth With $30 Million in Funding appeared first on SecurityWeek.
SecurityWeek – Read More
US Treasury Sanctions Iranians Linked to Government Cyberattacks
/in General NewsThe Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned four Iranian nationals for their involvement in cyberattacks against the U.S. government, defense contractors, and private companies.
Cyware News – Latest Cyber News – Read More
Prophet Security Emerges From Stealth Mode With $11 Million in Funding
/in General NewsBain Capital Ventures and angel investors invest $11 million in automated alerts analysis startup Prophet Security.
The post Prophet Security Emerges From Stealth Mode With $11 Million in Funding appeared first on SecurityWeek.
SecurityWeek – Read More
SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking
/in General NewsSD-WAN must be scalable, stable, secure, and fully operational to serve as a strong base for seamless modernization and progression to SASE.
The post SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking appeared first on SecurityWeek.
SecurityWeek – Read More
FTC Commercial Surveillance Rules Could Arrive Within Months, Sources Say
/in General NewsAccording to two sources familiar with the FTC’s plans, the rules will emphasize data security and data minimization, or the idea that companies should only collect the data they need to conduct business with consumers and delete it when concluded.
Cyware News – Latest Cyber News – Read More
New Password Cracking Analysis Targets Bcrypt
/in General NewsHive Systems conducts another study on cracking passwords via brute-force attacks, but it’s no longer targeting MD5.
The post New Password Cracking Analysis Targets Bcrypt appeared first on SecurityWeek.
SecurityWeek – Read More
Popular Keyboard Apps Leak User Data: Billion Potentially Exposed
/in General NewsBy Waqas
Popular keyboard apps leak user data! Citizen Lab reports 8 out of 9 Android IMEs expose keystrokes. Change yours & protect passwords!
This is a post from HackRead.com Read the original post: Popular Keyboard Apps Leak User Data: Billion Potentially Exposed
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
North Korean Hackers Targeted Dozens of South Korean Defense Companies
/in General NewsLocal reports claimed that the hackers targeted as many as 83 defense contractors and subcontractors, and managed to steal sensitive information from 10 of them between October 2022 and July 2023, although the campaign lasted over a year.
Cyware News – Latest Cyber News – Read More