BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Certificate Authority Market Size to Surpass $485M by 2033
/in General NewsPost Content
darkreading – Read More
Casio says ransomware attack exposed info of employees, customers and business partners
/in General NewsJapanese electronics manufacturer Casio confirmed on Friday that a cyber incident announced earlier this week was a ransomware attack that potentially exposed the information of employees, customers, business partners and affiliates.
The Record from Recorded Future News – Read More
Marriott & Starwood Face $52M Settlement After Security Breaches
/in General NewsThe hotel giant will be held to higher security standards in a series of proposed requirements, including implementing a new annually reviewed security program.
darkreading – Read More
American Water Reconnects Its Network Taps After Cyber Incident
/in General NewsThe company is beginning to bring its systems back online, though the investigation wages on.
darkreading – Read More
Relyance AI Raises $32M Series B Funding to Safeguard AI Innovation in the Enterprise
/in General NewsPost Content
darkreading – Read More
Firefox Update Patches Exploited Vulnerability
/in General NewsInvestigation of the use-after-free flaw is ongoing, but organizations and individual users can update Firefox now for a fix.
Security | TechRepublic – Read More
Deepfakes Can Fool Facial Recognition on Crypto Exchanges
/in General NewsCreating new accounts under fake identities provides attackers with a way to launder money or commit fraud.
Security | TechRepublic – Read More
Microsoft blocked your Windows 11 upgrade? This just-released tool can get the job done
/in General NewsA new version of the popular Rufus utility once again bypasses Microsoft’s strict hardware compatibility requirements for Windows 11 upgrades. But the way it’s implemented might make some people nervous.
Latest stories for ZDNET in Security – Read More
The Internet Archive Breach: Over 31 Million User Accounts Exposed
/in General NewsAttackers got hold of a 6.4 GB file containing the email addresses and hashed passwords of users registered with The Internet Archive.
Security | TechRepublic – Read More
GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks
/in General NewsA new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors.
“In this campaign, legitimate repositories such as the open-source tax filing software, UsTaxes, HMRC, and InlandRevenue were
The Hacker News – Read More