BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
How Cloud-Based Solutions Are Transforming Software Quality Assurance
/in General NewsCloud-based solutions are transforming the software quality assurance (QA) industry. As organizations increasingly migrate their development and verification…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
So far, cybercriminals appear to be just shopping around for a Telegram alternative
/in General NewsThe recent scrutiny of the Telegram app has rattled the cybercriminals who use it, say researchers at Intel 471, but it appears that they don’t have enough reasons yet to step away in large numbers.
The Record from Recorded Future News – Read More
Ransomware Hits Critical Infrastructure Hard, Costs Adding Up
/in General NewsReport finds most organizations have suffered financial impact of $500,000 or more from cyberattacks on cyber-physical systems over past year.
The post Ransomware Hits Critical Infrastructure Hard, Costs Adding Up appeared first on SecurityWeek.
SecurityWeek – Read More
Cybersecurity Is Serious — but It Doesn’t Have to Be Boring
/in General NewsThoughtfully applied, humor breaks through security fatigue, increases engagement, and fosters a culture of security awareness.
darkreading – Read More
Criminals Are Testing Their Ransomware Campaigns in Africa
/in General NewsThe booming economies of Africa, rich in natural resources and brimming with potential, are attracting not just investors, but also cybercriminals. Here’s why.
darkreading – Read More
White House official says insurance companies must stop funding ransomware payments
/in General NewsSome insurance policies incentivize holders to make ransomware payments that ultimately “fuel cyber crime ecosystems,” White House cyber adviser Anne Neuberger wrote in an op-ed. “This is a troubling practice that must end.”
The Record from Recorded Future News – Read More
In Other News: Doxing With Meta Ray-Ban Glasses, OT Hunting, NVD Backlog
/in General NewsNoteworthy stories that might have slipped under the radar: students dox people with Meta’s Ray-Ban smart glasses, OT hunting guide for water systems, NVD backlog still significant.
The post In Other News: Doxing With Meta Ray-Ban Glasses, OT Hunting, NVD Backlog appeared first on SecurityWeek.
SecurityWeek – Read More
Google Cloud Announces General Availability of New Confidential Computing Options
/in General NewsGoogle Cloud makes new confidential computing options generally available and expands attestation support.
The post Google Cloud Announces General Availability of New Confidential Computing Options appeared first on SecurityWeek.
SecurityWeek – Read More
Collapse of National Security Elites’ Cyber Firm Leaves Bitter Wake
/in General NewsInside the collapse of IronNet: Some say the firm collapsed, in part, because it engaged in questionable business practices, produced subpar offerings, and could have been vulnerable to meddling by the Kremlin.
The post Collapse of National Security Elites’ Cyber Firm Leaves Bitter Wake appeared first on SecurityWeek.
SecurityWeek – Read More
How This Video Game Controller Became the US Military’s Weapon of Choice
/in General NewsAfter decades of relying on buttons, switches, and toggles, the Pentagon has embraced simple, ergonomic video-game-style controllers already familiar to millions of potential recruits.
Security Latest – Read More