BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
CVS Group Restoring Systems Impacted by Cyberattack
/in General NewsVeterinary services provider CVS Group is restoring systems after a cyberattack disrupted its UK operations.
The post CVS Group Restoring Systems Impacted by Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More
CISO Conversations: Nick McKenzie (Bugcrowd) and Chris Evans (HackerOne)
/in General NewsSecurityWeek discusses cybersecurity leadership with CISOs from crowdsourced hacking organizations Bugcrowd (Nick McKenzie) and HackerOne (Chris Evans)
The post CISO Conversations: Nick McKenzie (Bugcrowd) and Chris Evans (HackerOne) appeared first on SecurityWeek.
SecurityWeek – Read More
DOJ-Collected Information Exposed in Data Breach Affecting 340,000
/in General NewsEconomic analysis and litigation support firm GMA says personal and medical information was stolen in a May 2023 data breach.
The post DOJ-Collected Information Exposed in Data Breach Affecting 340,000 appeared first on SecurityWeek.
SecurityWeek – Read More
6 Best Open Source Password Managers for Windows in 2024
/in General NewsDiscover the top open-source password managers for Windows. Learn about the features and benefits of each to determine which one is the best fit for your needs.
Security | TechRepublic – Read More
Second Ransomware Group Extorting Change Healthcare
/in General NewsRansomHub is extorting Change Healthcare, threatening to release data stolen in a February 2024 BlackCat ransomware attack.
The post Second Ransomware Group Extorting Change Healthcare appeared first on SecurityWeek.
SecurityWeek – Read More
Patches for CVE-2024-1086 for CloudLinux 6h, 7 Users on KernelCare Live
/in General NewsThe KernelCare team is working on deploying a live patch for CVE-2024-1086 for CloudLinux users. A patch has already been released for CloudLinux 6h and CloudLinux 7, and users can manually update without a live patch.
Cyware News – Latest Cyber News – Read More
Hackers Deploy Crypto Drainers on Thousands of WordPress Sites
/in General NewsAccording to cybersecurity researcher MalwareHunterTeam, the threat actors have now begun monetizing the pool of compromised WordPress sites to display pop-ups promoting fake NFT offers and crypto discounts.
Cyware News – Latest Cyber News – Read More
Automating Pikabot’s String Deobfuscation
/in General NewsPrevious versions of Pikabot used advanced string encryption techniques, which have been replaced with simpler algorithms. Previously, the strings were encrypted using a combination of AES-CBC and RC4 algorithms.
Cyware News – Latest Cyber News – Read More
Embracing the Cloud: Revolutionizing Privileged Access Management with One Identity Cloud PAM Essentials
/in General NewsAs cyber threats loom around every corner and privileged accounts become prime targets, the significance of implementing a robust Privileged Access Management (PAM) solution can’t be overstated. With organizations increasingly migrating to cloud environments, the PAM Solution Market is experiencing a transformative shift toward cloud-based offerings. One Identity PAM Essentials stands
The Hacker News – Read More
StrikeReady Raises $12M to Build AI-Powered Security Command Center
/in General NewsStrikeReady, an early-stage Silicon Valley startup working on technology to modernize cybersecurity command centers, has banked $12 million in new financing from 33N Ventures. The Palo Alto, Calif.-based StrikeReady said the Series A included equity interests for Hitachi Ventures, Monta Vista Capital and a handful of prominent cybersecurity executives. StrikeReady has raised a total of […]
The post StrikeReady Raises $12M to Build AI-Powered Security Command Center appeared first on SecurityWeek.
SecurityWeek – Read More