BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Proofpoint: APAC Employees Are Choosing Convenience, Speed Over Cyber Security
/in General NewsRisky cyber security behaviours are putting employees at risk of phishing and other attacks, according to Proofpoint research, with many employees still unclear security is their responsibility, too.
Security | TechRepublic – Read More
Atlassian Patches Critical Vulnerability in Bamboo Data Center and Server
/in General NewsAtlassian releases patches for two dozen vulnerabilities, including a critical-severity bug in Bamboo Data Center and Server.
The post Atlassian Patches Critical Vulnerability in Bamboo Data Center and Server appeared first on SecurityWeek.
SecurityWeek – Read More
50,000 Vulnerabilities Discovered in DoD Systems Through Bug Bounty
/in General NewsThe DoD Cyber Crime Center (DC3) reported on March 15, 2024, that it processed its 50,000th vulnerability since introducing its crowd-sourced ethical hacking scheme in November 2016.
Cyware News – Latest Cyber News – Read More
Hackers Posing as Law Firms Phish Global Orgs in Multiple Languages
/in General NewsCompanies trust lawyers with the most sensitive information they’ve got. Attackers are aiming to exploit that bond to deliver malware.
darkreading – Read More
Pharmaceutical Development Company Investigating Cyberattack After LockBit Posting
/in General NewsA Nasdaq-listed pharmaceutical development company said it is investigating a cybersecurity incident following claims from the LockBit ransomware gang that data was stolen.
Cyware News – Latest Cyber News – Read More
FTC Warns Scammers are Impersonating its Employees to Steal Money
/in General NewsFTC staff has received numerous reports from consumers who have fallen victim to scams in which fraudsters exploited the identities of agency personnel to coerce them via phone calls, email, or text messages into transferring or wiring money.
Cyware News – Latest Cyber News – Read More
Risk Management Firm CyberSaint Raises $21 Million
/in General NewsCyber risk management company CyberSaint announced on Wednesday that it has raised $21 million in Series A funding. The latest investment, which brings the total raised by the company to $29 million, was led by Riverside Acceleration Capita (RAC), with participation from Sage Hill Investors, Audeo Capital, and BlueIO. CyberSaint said the new funding enables […]
The post Risk Management Firm CyberSaint Raises $21 Million appeared first on SecurityWeek.
SecurityWeek – Read More
300,000 Systems Vulnerable to New Loop DoS Attack
/in General NewsAcademic researchers describe a new application-layer loop DoS attack affecting Broadcom, Honeywell, Microsoft and MikroTik.
The post 300,000 Systems Vulnerable to New Loop DoS Attack appeared first on SecurityWeek.
SecurityWeek – Read More
AUCloud Announces $30 Million Acquisition of Three IT Firms
/in General NewsThe ASX-listed cloud and cyber security provider AUCloud has announced it has entered into binding agreements to acquire Australian IT firms PCG Cyber, Venn IT, and Arado.
Cyware News – Latest Cyber News – Read More
U.S. EPA Forms Task Force to Protect Water Systems from Cyberattacks
/in General NewsThe U.S. Environmental Protection Agency (EPA) said it’s forming a new “Water Sector Cybersecurity Task Force” to devise methods to counter the threats faced by the water sector in the country.
“In addition to considering the prevalent vulnerabilities of water systems to cyberattacks and the challenges experienced by some systems in adopting best practices, this Task Force in its deliberations
The Hacker News – Read More