BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Critical Mozilla Firefox Zero-Day Allows Code Execution
/in General NewsThe bug is already being exploited in the wild, but Firefox has provided patches for those who may be vulnerable.
darkreading – Read More
Looking at Security Challenges Through the Lens of Different Roles
/in General NewsWhat are CISOs and security leaders prioritizing versus the security operators?
The post Looking at Security Challenges Through the Lens of Different Roles appeared first on SecurityWeek.
SecurityWeek – Read More
Fidelity Notifies 77K Customers of Data Breach
/in General NewsThe third-party actor had access for two days, in the financial services company’s second major breach of the year.
darkreading – Read More
Fidelity Data Breach Exposes Data of Over 77,000 Customers
/in General NewsAn attacker snuck in by creating two new user accounts. Fidelity assures customers their investments aren’t affected.
Security | TechRepublic – Read More
Microsoft Previews New Windows Feature to Limit Admin Privileges
/in General NewsIn the latest Windows preview, Microsoft adds a feature — Administrator Protection — designed to prevent threat actors from easily escalating privileges and restrict lateral movement.
darkreading – Read More
OpenAI disrupts 20 campaigns to misuse its tech as federal officials mull international use of AI
/in General NewsThe AI giant published a 54-page report Wednesday detailing efforts by actors from China, Iran, Russia, Israel and other countries to misuse its technology for malicious purposes.
The Record from Recorded Future News – Read More
Mozilla fixes critical Firefox bug exploited in the wild
/in General NewsMozilla has patched a serious security flaw in its Firefox web browser that the company said is being exploited by hackers.
The Record from Recorded Future News – Read More
DDoS attacks on Internet Archive continue after data breach impacting 31 million
/in General NewsThe nonprofit Internet Archive, which also runs the Wayback Machine for web pages, said it was still facing trouble after a disruptive DDoS incident and data breach.
The Record from Recorded Future News – Read More
Deloitte: Why Only a Quarter of Cybersecurity Professionals are Women
/in General NewsDespite a huge talent shortage in the cybersecurity industry, women still feel discouraged from joining it due to concerns over their knowledge, its inclusivity, and the pay.
Security | TechRepublic – Read More
Simbian Introduces LLM AI Agents to Supercharge Threat Hunting and Incident Response
/in General NewsCybersecurity startup Simbian has launched three LLM AI Agents that work as virtual employees but with the speed, stamina, and accuracy of robots.
The post Simbian Introduces LLM AI Agents to Supercharge Threat Hunting and Incident Response appeared first on SecurityWeek.
SecurityWeek – Read More