BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Suspicious NuGet Package Harvesting Information From Industrial Systems
/in General NewsA suspicious NuGet package likely targets developers working with technology from Chinese firm Bozhon.
The post Suspicious NuGet Package Harvesting Information From Industrial Systems appeared first on SecurityWeek.
SecurityWeek – Read More
Senator Demands Answers From HHS About $7.5 Million Cyber Theft in 2023
/in General NewsHHS has not issued a public statement about the incident, and its Office of the Inspector General declined to confirm or deny an investigation was underway when pressed about it in January.
Cyware News – Latest Cyber News – Read More
Report Urges Congress to Form an Armed Cyber Military Branch
/in General NewsThe U.S. military requires a seventh branch to serve as an independent cyber armed service amid growing threats in cyberspace, according to a leading national security think tank.
Cyware News – Latest Cyber News – Read More
Shadow AI is the Latest Cybersecurity Threat You Need to Prepare For
/in General NewsShadow IT – the use of software, hardware, systems, and services that haven’t been approved by an organization’s IT/IT Sec departments – has been a problem for the last couple of decades, and a difficult area for IT leaders to manage effectively.
Cyware News – Latest Cyber News – Read More
Pure Storage, Nvidia partner to democratize AI with new infrastructure solutions
/in General NewsPure Storage and Nvidia collaborate to deliver validated AI infrastructure solutions, empowering enterprises with high-performance data storage and compute capabilities for successful AI deployments at scale.Read More
Security News | VentureBeat – Read More
CISA Alerts on Active Exploitation of Flaws in Fortinet, Ivanti, and Nice Products
/in General NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerabilities added are as follows –
CVE-2023-48788 (CVSS score: 9.3) – Fortinet FortiClient EMS SQL Injection Vulnerability
CVE-2021-44529 (CVSS score: 9.8) – Ivanti
The Hacker News – Read More
UN Adopts Resolution for ‘Secure, Trustworthy’ AI
/in General NewsCountries around the world are signaling support of secure AI practices, but not necessarily committing to them.
darkreading – Read More
Chinese State-Sponsored Hackers Charged, Sanctions Levied by US
/in General NewsThe US and the UK charge seven Chinese nationals for operating as part of threat group APT31.
darkreading – Read More
Africa Tackles Online Disinformation Campaigns During Major Election Year
/in General NewsCyber-disinformation campaigns targeting Africa have taken off in 2024, as 18 nations prepare to hold elections, and cybersecurity efforts are key to taming the threat.
darkreading – Read More
International Sting Takes Down Major Dark Web Marketplace “Nemesis Market”
/in General NewsBy Waqas
Another day, another popular dark web marketplace bites the dust!
This is a post from HackRead.com Read the original post: International Sting Takes Down Major Dark Web Marketplace “Nemesis Market”
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More