BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Broke Cyber Pros Flock to Cybercrime Side Hustles
/in General NewsBurned-out cybersecurity professionals dealing with layoffs and stressful working conditions are increasingly finding a better way to earn a buck: cybercrime.
darkreading – Read More
Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets
/in General NewsMicrosoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard (aka APT29 or Cozy Bear) managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024.
“In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our
The Hacker News – Read More
Sam Altman reinstated to OpenAI board after investigation clears him of wrongdoing
/in General NewsIn a stunning turn of events, Sam Altman, the high-profile CEO of OpenAI, will be rejoining the company’s board of directors just months after being ousted amid concerns about his leadership. The move comes as an independent investigation commissioned by OpenAI’s board found no evidence of misconduct that would warrant Altman’s re…Read More
Security News | VentureBeat – Read More
Unsecured Video Doorbells Sold on Major Platforms: Millions at Risk of Hacking
/in General NewsBy Deeba Ahmed
Major Retailers Selling Video Doorbells with Serious Security Flaws, Consumer Reports Warns.
This is a post from HackRead.com Read the original post: Unsecured Video Doorbells Sold on Major Platforms: Millions at Risk of Hacking
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive Emails
/in General NewsMicrosoft says the Midnight Blizzard APT group may still be poking around its internal network after stealing source code, spying on emails.
The post Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive Emails appeared first on SecurityWeek.
SecurityWeek – Read More
You can now add extra security to your ChatGPT – here’s how and why you should
/in General NewsSetting up multi-factor authentication on your OpenAI account is simple and free.
Latest stories for ZDNET in Security – Read More
Russia-Sponsored Cyberattackers Infiltrate Microsoft’s Code Base
/in General NewsThe Midnight Blizzard APT is mounting a sustained, focused cyber campaign against the computing kahuna, using secrets it stole from emails back in January.
darkreading – Read More
Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory
/in General NewsThe proof-of-concept exploits for Atlassian Confluence would enable arbitrary code execution without requiring file system access.
darkreading – Read More
Cisco Fixes High-Severity Code Execution and VPN Hijacking Flaws
/in General NewsBy Deeba Ahmed
Cisco announced patches for high-severity vulnerabilities on Wednesday, March 6, 2024.
This is a post from HackRead.com Read the original post: Cisco Fixes High-Severity Code Execution and VPN Hijacking Flaws
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Law Enforcement Personnel Say LexisNexis Retaliated When Asked to Remove Data
/in General NewsMore than 18,000 New Jersey law enforcement personnel are alleging that LexisNexis retaliated against them by freezing their credit and falsely reporting them as identity theft victims after they requested their information to remain private.
Cyware News – Latest Cyber News – Read More