BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Cybersecurity New Year’s resolutions every enterprise leader (and user) should make
/in General NewsMuch like day-to-day life, good cybersecurity hygiene is critical. Here are five resolutions enterprises must make for the year ahead.Read More
Security News | VentureBeat – Read More
States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water Utilities
/in General NewsThe hacking of a municipal water plant is prompting new warnings from U.S. security officials at a time when governments are wrestling with how to harden water utilities against cyberattacks.
The post States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water Utilities appeared first on SecurityWeek.
SecurityWeek – Read More
Cyberattackers Target Nuclear Waste Company via LinkedIn
/in General NewsThe hackers were unsuccessful in their attempt, but this is not the first time the company has experienced this kind of attack.
darkreading – Read More
Defunct Ambulance Service Data Breach Impacts Nearly 1 Million People
/in General NewsBy Waqas
The targeted victim of this data breach is Fallon Ambulance Services, which is a subsidiary of Transformative Healthcare.
This is a post from HackRead.com Read the original post: Defunct Ambulance Service Data Breach Impacts Nearly 1 Million People
Hackread – Latest Cybersecurity News, Press Releases & Technology Today – Read More
Australian Court Service Hacked, Hearing Recordings at Risk
/in General NewsThe Court Services Victoria (CSV) took immediate action to isolate and disable the affected network, but recordings from November 1 to December 21, 2023, may have been accessed.
Cyware News – Latest Cyber News – Read More
CISO Planning for 2024 May Struggle When It Comes to AI
/in General NewsArtificial intelligence (AI) is constantly evolving. How can security executives plan for something so unpredictable?
darkreading – Read More
Localization Mandates, AI Regs to Pose Major Data Challenges in 2024
/in General NewsWith more than three-quarters of countries adopting some form of data localization and, soon, three-quarters of people worldwide protected by privacy rules, companies need to take care.
darkreading – Read More
Free Decryptor Released for Black Basta Ransomware
/in General NewsA vulnerability in Black Basta ransomware’s encryption algorithm allows researchers to create a free decryptor.
The post Free Decryptor Released for Black Basta Ransomware appeared first on SecurityWeek.
SecurityWeek – Read More
Startups Scramble to Build Immediate AI Security
/in General NewsAI may be inherently insecure, but only a handful of startups have put forward real visions to mitigate AI’s threats and keep data private.
darkreading – Read More
New DLL Search Order Hijacking Technique Targets WinSxS folder
/in General NewsAttackers can abuse a new DLL search order hijacking technique to execute code in applications within the WinSxS folder.
The post New DLL Search Order Hijacking Technique Targets WinSxS folder appeared first on SecurityWeek.
SecurityWeek – Read More