BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
CYRISMA Secures $7M Growth Equity Financing led by Blueprint Equity
/in General NewsPost Content
darkreading – Read More
Mamba 2FA Cybercrime Kit Targets Microsoft 365 Users
/in General NewsA stealthy new underground offering uses sophisticated adversary-in-the-middle (AitM) techniques to convincingly serve up “Microsoft” login pages of various kinds, with dynamic enterprise branding.
darkreading – Read More
Hackers Hide Remcos RAT in GitHub Repository Comments
/in General NewsThe tack highlights bad actors’ interest in trusted development and collaboration platforms — and their users.
darkreading – Read More
Australia Intros Its First National Cyber Legislation
/in General NewsThe bill is broken up into several pieces, including ransomware reporting and securing smart devices, among other objectives.
darkreading – Read More
Palo Alto Patches Critical Firewall Takeover Vulnerabilities
/in General NewsPalo Alto warns that attackers can access usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
The post Palo Alto Patches Critical Firewall Takeover Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
American Water Cyberattack Renews Focus on Protecting Critical Infrastructure
/in General NewsA cyberattack continues to affect the largest regulated water and wastewater utility company in the US, renewing a focus on the importance of protecting critical infrastructure sites.
The post American Water Cyberattack Renews Focus on Protecting Critical Infrastructure appeared first on SecurityWeek.
SecurityWeek – Read More
Supra Redefines the Layer-2 Debate with “Supra Containers” – Is This the End of L2s?
/in General NewsZug, Switzerland, October 8, 2024 // Supra, the 500k TPS Layer-1 blockchain with MultiVM compatibility for MoveVM and…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
3 More Ivanti Cloud Vulns Exploited in the Wild
/in General NewsThe security bugs were found susceptible to exploitation in connection to the previously disclosed, critical CVE-2024-8963 vulnerability in the security vendor’s Cloud Services Appliance (CSA).
darkreading – Read More
Gradio 5 is here: Hugging Face’s newest tool simplifies building AI-powered web apps
/in General NewsHugging Face launches Gradio 5, a powerful tool that simplifies AI app development for enterprises, featuring enhanced security, natural language app creation, and a roadmap for future innovations.Read More
Security News | VentureBeat – Read More
Cloud, AI Talent Gaps Plague Cybersecurity Teams
/in General NewsCyber pros are scrambling to stay up-to-date as the businesses they work for quickly roll out AI tools and keep expanding their cloud initiatives.
darkreading – Read More