BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Grab 9 Ethical Hacking Courses for $30 and Improve Your Business Security
/in General NewsYour customers expect you to keep their data secure, and this collection of video courses covers everything you need to know about cybersecurity.
Security | TechRepublic – Read More
Webinar: Learn Proactive Supply Chain Threat Hunting Techniques
/in General NewsIn the high-stakes world of cybersecurity, the battleground has shifted. Supply chain attacks have emerged as a potent threat, exploiting the intricate web of interconnected systems and third-party dependencies to breach even the most formidable defenses. But what if you could turn the tables and proactively hunt these threats before they wreak havoc?
We invite you to join us for an
The Hacker News – Read More
Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations
/in General NewsRussia-linked APT28 deploys the GooseEgg post-exploitation tool against numerous US and European organizations.
The post Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations appeared first on SecurityWeek.
SecurityWeek – Read More
How a new law protects your thoughts from tech companies – and why it matters
/in General NewsWelcome to the new data privacy frontier, where unregulated neurotech wearables are tracking, analyzing, and even recording your brain activity.
Latest stories for ZDNET in Security – Read More
Microsoft Warns of North Korean Hackers Turning to AI-Fueled Cyber Espionage
/in General NewsMicrosoft specifically highlighted a group named Emerald Sleet (aka Kimusky or TA427), which has been observed using LLMs to bolster spear-phishing efforts aimed at Korean Peninsula experts.
Cyware News – Latest Cyber News – Read More
Can a VPN Be Hacked?
/in General NewsLearn about the potential vulnerabilities of VPNs and the measures you can take to enhance your VPN security.
Security | TechRepublic – Read More
Behavioral Patterns of Ransomware Groups are Changing
/in General NewsThe ransomware landscape has undergone significant changes in Q1 2024, with major shifts in the behavior of Ransomware-as-a-Service (RaaS) groups, according to GuidePoint Security’s GRIT Q1 2024 Ransomware Report.
Cyware News – Latest Cyber News – Read More
Teetering on the Edge: VPNs, Firewalls’ Nonexistent Telemetry Lures APTs
/in General NewsState-sponsored groups are targeting critical vulnerabilities in virtual private network (VPN) gateways, firewall appliances, and other edge devices to make life difficult for incident responders, who rarely have visibility into the devices.
darkreading – Read More
Ransomware Gang Leaks Data Allegedly Stolen From Government Contractor
/in General NewsThe LockBit ransomware gang leaks data allegedly stolen from government contractor Tyler Technologies.
The post Ransomware Gang Leaks Data Allegedly Stolen From Government Contractor appeared first on SecurityWeek.
SecurityWeek – Read More
German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies
/in General NewsGerman authorities said they have issued arrest warrants against three citizens on suspicion of spying for China.
The full names of the defendants were not disclosed by the Office of the Federal Prosecutor (aka Generalbundesanwalt), but it includes Herwig F., Ina F., and Thomas R.
“The suspects are strongly suspected of working for a Chinese secret service since an unspecified
The Hacker News – Read More