BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Develop Advanced Cybersecurity Skills for Just $64
/in General NewsIf you’re ready to start moving up to higher positions in the lucrative cybersecurity field, this e-learning bundle can help you pass certification exams. Use code ENJOY20 at checkout.
Security | TechRepublic – Read More
Fortinet Patches Critical RCE Vulnerability in FortiClientLinux
/in General NewsFortinet has released patches for a dozen vulnerabilities, including a critical-severity remote code execution flaw in FortiClientLinux.
The post Fortinet Patches Critical RCE Vulnerability in FortiClientLinux appeared first on SecurityWeek.
SecurityWeek – Read More
How to Stop Your Data From Being Used to Train AI
/in General NewsSome companies let you opt out of allowing your content to be used for generative AI. Here’s how to take back (at least a little) control from ChatGPT, Google’s Gemini, and more.
Security Latest – Read More
Sprinto Raises $20 Million for Automated Risk and Compliance Platform
/in General NewsRisk and compliance solutions provider Sprinto has raised $20 million in a Series B funding round led by Accel.
The post Sprinto Raises $20 Million for Automated Risk and Compliance Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Research Unearths RUBYCARP’s Multi-Miner Assault on Crypto
/in General NewsOne of the key findings from the technical write-up, published by Sysdig today, is the group’s use of a script capable of simultaneously deploying multiple cryptocurrency miners.
Cyware News – Latest Cyber News – Read More
Hands-on Review: Cynomi AI-powered vCISO Platform
/in General NewsThe need for vCISO services is growing. SMBs and SMEs are dealing with more third-party risks, tightening regulatory demands and stringent cyber insurance requirements than ever before. However, they often lack the resources and expertise to hire an in-house security executive team. By outsourcing security and compliance leadership to a vCISO, these organizations can more easily obtain
The Hacker News – Read More
Attack on Consumer Electronics Manufacturer boAt Leaks Data on 7.5M Customers
/in General NewsIn a cyberattack more reminiscent of the 2010s, a seemingly lone hacker fleeced a major corporation for millions of open customer records.
darkreading – Read More
New Threat Actor Starry Addax Targets Human Rights Defenders in North Africa
/in General NewsAccording to Cisco’s Talos threat research team, Starry Addax has been active since January 2024, orchestrating spear-phishing campaigns aimed at individuals sympathetic to the Sahrawi Arab Democratic Republic (SADR) cause.
Cyware News – Latest Cyber News – Read More
Thousands of LG TVs Possibly Exposed to Remote Hacking
/in General NewsMany LG TVs may be vulnerable to remote hacking due to a series of vulnerabilities found by Bitdefender researchers.
The post Thousands of LG TVs Possibly Exposed to Remote Hacking appeared first on SecurityWeek.
SecurityWeek – Read More
Sidestepping SharePoint Security: Two New Techniques to Evade Exfiltration Detection
/in General NewsThese techniques can bypass the detection and enforcement policies of traditional tools, such as cloud access security brokers, data loss prevention, and SIEMs, by hiding downloads as less suspicious access and sync events.
Cyware News – Latest Cyber News – Read More