BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Sisense’s data breach is serious enough that CISA is investigating. Here’s what you need to do
/in General NewsA major breach left Sisense customer credentials open to hackers.
Latest stories for ZDNET in Security – Read More
Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files
/in General News“Test files” associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys, new findings from Phylum reveal.
liblzma-sys, which has been downloaded over 21,000 times to date, provides Rust developers with bindings to the liblzma implementation, an underlying library that is part of the XZ Utils data compression software. The
The Hacker News – Read More
Sophos Study: 94% of Ransomware Victims Have Their Backups Targeted By Attackers
/in General NewsResearch has found that criminals can demand higher ransom when they compromise an organisation’s backup data in a ransomware attack. Discover advice from security experts on how to properly protect your backup.
Security | TechRepublic – Read More
RubyCarp: Insights Into the Longevity of a Romanian Cybercriminal Gang
/in General NewsOperational for at least ten years, RubyCarp has its own botnet, its own tools, and its own community of users that concentrate on cryptomining and credential phishing.
The post RubyCarp: Insights Into the Longevity of a Romanian Cybercriminal Gang appeared first on SecurityWeek.
SecurityWeek – Read More
Intel and Lenovo Servers Impacted by 6-Year-Old BMC Flaw
/in General NewsThe security issue could lead to the exfiltration of process memory addresses, which could help attackers bypass protection mechanisms like Address Space Layout Randomization (ASLR).
Cyware News – Latest Cyber News – Read More
DarkBeatC2: The Latest MuddyWater Attack Framework
/in General NewsThe Iranian threat actor known as MuddyWater has been attributed to a new command-and-control (C2) infrastructure called DarkBeatC2, becoming the latest such tool in its arsenal after SimpleHarm, MuddyC3, PhonyC2, and MuddyC2Go.
Cyware News – Latest Cyber News – Read More
5 Best CAPTCHA Plugins for WordPress Websites
/in General NewsBy Waqas
Here’s an updated list of five effective CAPTCHA plugins for WordPress that can help enhance the security of your website by preventing spam and bot activities:
This is a post from HackRead.com Read the original post: 5 Best CAPTCHA Plugins for WordPress Websites
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
In Other News: Moscow Sewage Hack, Women in Cybersecurity Report, Dam Security Concerns
/in General NewsNoteworthy stories that might have slipped under the radar: Moscow sewage system hacked, a new women in cybersecurity report, PasteHub domain seized by law enforcement.
The post In Other News: Moscow Sewage Hack, Women in Cybersecurity Report, Dam Security Concerns appeared first on SecurityWeek.
SecurityWeek – Read More
Apple Boosts Spyware Alerts For Mercenary Attacks
/in General NewsApple has updated its documentation related to its warning system for mercenary spyware threats, now specifying that it alerts users when they may have been individually targeted by such attacks.
Cyware News – Latest Cyber News – Read More
US-China Competition to Field Military Drone Swarms Could Fuel Global Arms Race
/in General NewsMilitary planners envision a scenario in which hundreds, even thousands of AI-powered machines engage in coordinated battle.
The post US-China Competition to Field Military Drone Swarms Could Fuel Global Arms Race appeared first on SecurityWeek.
SecurityWeek – Read More