BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
XZ Utils Scare Exposes Hard Truths About Software Security
/in General NewsMuch of the open source code embedded in enterprise software stacks comes from small, under-resourced, volunteer-run projects.
darkreading – Read More
National Security Agency Announces Dave Luber As Director of Cybersecurity
/in General NewsPost Content
darkreading – Read More
MedSec Launches Cybersecurity Program For Resource-Constrained Hospitals
/in General NewsPost Content
darkreading – Read More
Wiz Acquires Gem Security to Expand Cloud Detection and Response Offering
/in General NewsPost Content
darkreading – Read More
Selecting the Right Authentication Protocol for Your Business
/in General NewsPrioritizing security and user experience will help you build a robust and reliable authentication system for your business.
darkreading – Read More
Trump Loyalists Kill Vote on US Wiretap Program
/in General NewsAn attempt to reauthorize Section 702, the so-called crown jewel of US spy powers, failed for a third time in the House of Representatives after former president Donald Trump criticized the law.
Security Latest – Read More
NSA Updates Zero-Trust Advice to Reduce Attack Surfaces
/in General NewsAgency encourages broader use of encryption, data-loss prevention, as well as data rights management to safeguard data, networks, and users.
darkreading – Read More
CISA Releases Malware Next-Gen Analysis System for Public Use
/in General NewsCISA’s Malware Next-Gen system is now available for any organization to submit malware samples and other suspicious artifacts for analysis.
The post CISA Releases Malware Next-Gen Analysis System for Public Use appeared first on SecurityWeek.
SecurityWeek – Read More
TA547 Uses an LLM-Generated Dropper to Infect German Orgs
/in General NewsIt’s finally happening: Rather than just for productivity and research, threat actors are using LLMs to write malware. But companies need not worry just yet.
darkreading – Read More
Uber adds safety options that every rider should start using – here’s how
/in General NewsWith the ride-sharing app’s new safety preferences, passengers can customize and schedule settings that give them more control over their security.
Latest stories for ZDNET in Security – Read More