BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
New Vulnerability “LeakyCLI” Leaks AWS and Google Cloud Credentials
/in General NewsBy Waqas
A critical vulnerability named LeakyCLI exposes sensitive cloud credentials from popular tools used with AWS and Google Cloud. This poses a major risk for developers, showing the need for strong security practices. Learn how to mitigate LeakyCLI and fortify your cloud infrastructure.
This is a post from HackRead.com Read the original post: New Vulnerability “LeakyCLI” Leaks AWS and Google Cloud Credentials
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Global Cybercriminal Duo Face Imprisonment After Hive RAT Scheme
/in General NewsThe two allegedly sold the Trojan on Hack Forums, allowing other threat actors to gain unauthorized control, disable programs, browse files, record keystrokes, and steal credentials.
darkreading – Read More
Report: Bad Bots Drive 10% Annual Surge in Account Takeover Attacks
/in General NewsInternet traffic associated with malicious bots now accounts for a third (32%) of the total, driving a 10% year-on-year (YoY) increase in account takeover (ATO) attacks last year, according to Imperva.
Cyware News – Latest Cyber News – Read More
Virtual Event Tomorrow: Ransomware Resilience & Recovery Summit
/in General NewsJoin this one-day virtual summit as we shine the spotlight on the shadowy dynamics of ransomware attacks and how you can best prepare your organization to defend against and recover from these relentless attacks.
The post Virtual Event Tomorrow: Ransomware Resilience & Recovery Summit appeared first on SecurityWeek.
SecurityWeek – Read More
Gen AI training costs soar yet risks are poorly measured, says Stanford AI report
/in General NewsCost and safety issues are part of a burgeoning industrial market for AI taking over from a research community of AI scholars.
Latest stories for ZDNET in Security – Read More
US Senate to Vote on a Wiretap Bill That Critics Call ‘Stasi-Like’
/in General NewsA controversial bill reauthorizing the Section 702 spy program may force whole new categories of businesses to eavesdrop on the US government’s behalf, including on fellow Americans.
Security Latest – Read More
FTC Bans Online Mental Health Firm From Sharing Certain Data
/in General NewsThe FTC in its complaint against Cerebral Inc. and the company’s former CEO Kyle Robertson, alleges unfair or deceptive practice violations of the FTC Act and the Opioid Act, which pertains to substance use disorder treatment services.
Cyware News – Latest Cyber News – Read More
Name That Toon: Last Line of Defense
/in General NewsFeeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
darkreading – Read More
Microsoft will Limit Exchange Online Bulk Emails to Fight Spam
/in General News“Exchange Online enforces a Recipient Rate limit of 10,000 recipients. The 2,000 ERR limit will become a sub-limit within this 10,000 Recipient Rate limit,” the Exchange Team said on Monday.
Cyware News – Latest Cyber News – Read More
Critical PuTTY Vulnerability Allows Secret Key Recovery
/in General NewsPuTTY vulnerability CVE-2024-31497 allows attackers to compromise private keys and use them to forge signatures.
The post Critical PuTTY Vulnerability Allows Secret Key Recovery appeared first on SecurityWeek.
SecurityWeek – Read More