BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Microsoft’s Security Chickens Have Come Home to Roost
/in General NewsNews analysis: SecurityWeek editor-at-large Ryan Naraine reads the CSRB report on China’s audacious Microsoft’s Exchange Online hack and isn’t at all surprised by the findings.
The post Microsoft’s Security Chickens Have Come Home to Roost appeared first on SecurityWeek.
SecurityWeek – Read More
Ivanti Rushes Patches for 4 New Flaw in Connect Secure and Policy Secure
/in General NewsIvanti has released security updates to address four security flaws impacting Connect Secure and Policy Secure Gateways that could result in code execution and denial-of-service (DoS).
The list of flaws is as follows –
CVE-2024-21894 (CVSS score: 8.2) – A heap overflow vulnerability in the IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an
The Hacker News – Read More
Singapore Sets High Bar in Cybersecurity Preparedness
/in General NewsWhile Singaporean organizations have adopted the majority of their government’s cybersecurity recommendations, they aren’t immune: More than eight in 10 experienced a cybersecurity incident over the course of the year.
darkreading – Read More
LockBit Ransomware Takedown Strikes Deep Into Brand’s Viability
/in General NewsNearly three months after Operation Cronos, it’s clear the gang is not bouncing back from the innovative law-enforcement action. RaaS operators are on notice, and businesses should pay attention.
darkreading – Read More
More Than Half of Organizations Plan to Adopt AI Solutions in Coming Year, Reports Cloud Security Alliance and Google Cloud
/in General NewsPost Content
darkreading – Read More
CyberRatings.org Announces Test Results for Cloud Network Firewall
/in General NewsPost Content
darkreading – Read More
TAG Report Reveals Endpoint Backup Is Essential to Improving Data Resiliency
/in General NewsPost Content
darkreading – Read More
Want to keep getting Windows 10 updates next year? Here’s what it will cost
/in General NewsThe official price list for the Windows 10 Extended Security Updates program is out. For businesses, it’s shockingly expensive. For educators, it’s just a few bucks. Here’s how it works.
Latest stories for ZDNET in Security – Read More
TruCentive Enhances Privacy With HIPAA Compliant Personal Information De-identification
/in General NewsPost Content
darkreading – Read More
How Soccer’s 2022 World Cup in Qatar Was Nearly Hacked
/in General NewsA China-linked threat actor had access to a router configuration database that could have completely disrupted coverage, a security vendor says.
darkreading – Read More