BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Get NordVPN free for three months with this early Black Friday deal
/in General NewsAs Black Friday approaches, you can take advantage of NordVPN’s latest promotion: a discounted plan with free months of service thrown in to sweeten the deal.
Latest stories for ZDNET in Security – Read More
Patch Tuesday: Critical Flaws in Adobe Commerce, Photoshop, InDesign, Illustrator
/in General NewsAdobe patches critical-severity bugs in multiple products, including the Adobe Commerce and Magento Open Source platforms.
The post Patch Tuesday: Critical Flaws in Adobe Commerce, Photoshop, InDesign, Illustrator appeared first on SecurityWeek.
SecurityWeek – Read More
‘GoIssue’ Cybercrime Tool Targets GitHub Developers En Masse
/in General NewsMarketed on a cybercriminal forum, the $700 tool harvests email addresses from public GitHub profiles, priming cyberattackers for further credential theft, malware delivery, OAuth subversion, supply chain attacks, and other corporate breaches.
darkreading – Read More
Surge in exploits of zero-day vulnerabilities is ‘new normal’ warns Five Eyes alliance
/in General NewsIn a co-authored advisory, the agencies list the top 15 most routinely exploited vulnerabilities of 2023, with CVE-2023-3519 — an issue affecting Citrix’s networking product NetScalers — being the most widely used.
The Record from Recorded Future News – Read More
Citrix ‘Recording Manager’ Zero-Day Bug Allows Unauthenticated RCE
/in General NewsThe unpatched security vulnerability, which doesn’t have a CVE yet, is due to an exposed Microsoft Message Queuing (MSMQ) instance and the use of the insecure BinaryFormatter.
darkreading – Read More
Bitdefender vs. Malwarebytes: Which antivirus is best?
/in General NewsBitwarden offers feature-rich antivirus at a competitive price, while Malwarebytes focuses on protection against malware. Here’s how to decide between the two.
Latest stories for ZDNET in Security – Read More
The Power of the Purse: How to Ensure Security by Design
/in General NewsCISA should make its recommended goals mandatory and perform audits to ensure compliance.
darkreading – Read More
GitLoker Strikes Again: New “Goissue” Tool Targets GitHub Developers and Corporate Supply Chains
/in General NewsGoIssue is a new tool for cybercriminals that allows attackers to extract email addresses from GitHub profiles and send bulk emails to users.
The post GitLoker Strikes Again: New “Goissue” Tool Targets GitHub Developers and Corporate Supply Chains appeared first on SecurityWeek.
SecurityWeek – Read More
Ahold Delhaize Cybersecurity Incident Impacts Giant Food, Hannaford
/in General NewsCybersecurity incident impacts Giant Food, Hannaford, and other Ahold Delhaize USA brands, including pharmacies and e-commerce services.
The post Ahold Delhaize Cybersecurity Incident Impacts Giant Food, Hannaford appeared first on SecurityWeek.
SecurityWeek – Read More
New GitLoker-Linked GoIssue Tool Targets GitHub Users for Phishing
/in General NewsSlashNext researchers have discovered a new, sophisticated phishing tool GoIssue targeting GitHub developers. Learn about its capabilities, the…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More