BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Heartbleed is 10 Years Old – Farewell Heartbleed, Hello QuantumBleed!
/in General NewsHeartbleed made most certificates vulnerable. The future problem is that quantum decryption will make all certificates and everything else using RSA encryption vulnerable to everyone.
The post Heartbleed is 10 Years Old – Farewell Heartbleed, Hello QuantumBleed! appeared first on SecurityWeek.
SecurityWeek – Read More
OWASP Data Breach Caused by Server Misconfiguration
/in General NewsThe OWASP Foundation says a wiki misconfiguration exposed resumes filed over a decade ago by aspiring members.
The post OWASP Data Breach Caused by Server Misconfiguration appeared first on SecurityWeek.
SecurityWeek – Read More
Advanced Cybersecurity Strategies Boost Shareholder Returns
/in General NewsCompanies demonstrating advanced cybersecurity performance generate a shareholder return that is 372% higher than their peers with basic cybersecurity performance, according to a new report from Diligent and Bitsight.
Cyware News – Latest Cyber News – Read More
AI Abuse and Misinformation Campaigns Threaten Financial Institutions
/in General NewsThough generative AI offers financial firms remarkable business and cybersecurity utility, cyber threats relating to GenAI in financial services are a consistent concern, according to FS-ISAC.
Cyware News – Latest Cyber News – Read More
Update: Prudential Insurance Says Data of 36,000 Exposed During February Cyberattack
/in General News“Through the investigation, we learned that the unauthorized third party gained access to our network on February 4, 2024, and removed a small percentage of personal information from our systems,” the breach notification letters said.
Cyware News – Latest Cyber News – Read More
Boat Dealer MarineMax Confirms Data Breach
/in General NewsMarineMax confirms suffering a data breach as a result of a recent ransomware attack, with the attackers claiming to have obtained 180,000 files.
The post Boat Dealer MarineMax Confirms Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
Skyflow Raises $30M in Extended Series B
/in General NewsSkyflow, a Palo Alto, CA-based data privacy vault company, raised $30M in Extended Series B funding. The round was led by Khosla Ventures with participation from Mouro Capital, Foundation Capital, and Canvas Ventures.
Cyware News – Latest Cyber News – Read More
India Says it has Rescued 250 Citizens From Cambodian Cyber Slavery
/in General NewsOn Saturday, India’s Ministry of External Affairs responded to local media reports about Indians trapped in Cambodia, saying they are closely collaborating with Cambodian authorities to rescue them.
Cyware News – Latest Cyber News – Read More
Google to Delete Billions of Browsing Records in ‘Incognito Mode’ Privacy Lawsuit Settlement
/in General NewsGoogle has agreed to purge billions of data records reflecting users’ browsing activities to settle a class action lawsuit that claimed the search giant tracked them without their knowledge or consent in its Chrome browser.
The class action, filed in 2020, alleged the company misled users by tracking their internet browsing activity who thought that it remained private when using the ”
The Hacker News – Read More
The XZ Backdoor: Everything You Need to Know
/in General NewsDetails are starting to emerge about a stunning supply chain attack that sent the open source software community reeling.
Security Latest – Read More