BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
SurveyLama Data Breach Impacts 4.4 Million Users
/in General NewsData breach impacting users’ personal information prompts survey rewards platform SurveyLama to reset passwords.
The post SurveyLama Data Breach Impacts 4.4 Million Users appeared first on SecurityWeek.
SecurityWeek – Read More
Center Identity Launches Patented Passwordless Authentication for Businesses
/in General NewsBy Cyber Newswire
Portland, Oregon, April 4th, 2024, CyberNewsWire Center Identity, a pioneering cybersecurity company, is excited to unveil its patented…
This is a post from HackRead.com Read the original post: Center Identity Launches Patented Passwordless Authentication for Businesses
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
US Cancer Center Data Breach Impacting 800,000
/in General NewsCity of Hope is notifying 800,000 individuals of a data breach impacting their personal and health information.
The post US Cancer Center Data Breach Impacting 800,000 appeared first on SecurityWeek.
SecurityWeek – Read More
AI’s Dual Role on SMB Brand Spoofing
/in General NewsCybercriminals are using AI to impersonate small businesses. Security architects are using it to help small businesses fight back.
darkreading – Read More
Report: 73% Brace for Cybersecurity Impact on Business in the Next Year or Two
/in General NewsOnly 3% of organizations across the globe have the ‘mature’ level of readiness needed to be resilient against modern cybersecurity risks, according to Cisco. The readiness is down from one year ago, when 15% of companies were ranked mature.
Cyware News – Latest Cyber News – Read More
Targeted Phishing Linked to ‘The Com’ Surges in the US, the UK, and Canada
/in General NewsA persistent social engineering threat faced by enterprises involves attackers trying to obtain login credentials for identity and access management (IAM), cloud resources, or single sign-on (SSO)-enabled systems.
Cyware News – Latest Cyber News – Read More
Distinctive Campaign Evolution of Pikabot Malware
/in General NewsPikaBot, along with other malicious loaders like QBot and DarkGate, heavily depends on spam campaigns for distribution. Its initial access strategies are intricately crafted, utilizing geographically targeted spam emails for specific countries.
Cyware News – Latest Cyber News – Read More
5 Best Password Managers for Android in 2024
/in General NewsExplore the best password managers for Android devices that offer secure storage and easy access to your passwords. Find out which one suits your needs best.
Security | TechRepublic – Read More
Considerations for Operational Technology Cybersecurity
/in General NewsOperational Technology (OT) refers to the hardware and software used to change, monitor, or control the enterprise’s physical devices, processes, and events. Unlike traditional Information Technology (IT) systems, OT systems directly impact the physical world. This unique characteristic of OT brings additional cybersecurity considerations not typically present in conventional IT security
The Hacker News – Read More
New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks
/in General NewsNew research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks.
The technique has been codenamed HTTP/2 CONTINUATION Flood by security researcher Bartek Nowotarski, who reported the issue to the CERT Coordination Center (CERT/CC) on January 25, 2024.
“Many HTTP/2 implementations do not properly limit or sanitize the
The Hacker News – Read More