BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Thought GDPR Compliance Was Hard? Buckle Up
/in General NewsThe days of a one-size-fits-all consent strategy are gone. Consider a two-pronged approach and use smart consent management technology to adapt to differing regulations.
darkreading – Read More
Cybercriminals Exploit ActiveMQ Flaw to Spread GoTitan Botnet, PrCtrl Rat
/in General NewsBy Deeba Ahmed
The ActiveMQ flaw has been patched, but despite this, numerous threat actors continue to exploit it.
This is a post from HackRead.com Read the original post: Cybercriminals Exploit ActiveMQ Flaw to Spread GoTitan Botnet, PrCtrl Rat
Hackread – Latest Cybersecurity News, Press Releases & Technology Today – Read More
Qilin Ransomware Claims Attack on Automotive Giant Yanfeng
/in General NewsThe threat actors published multiple samples to prove their alleged access to Yanfeng systems and files, including financial documents, non-disclosure agreements, quotation files, technical data sheets, and internal reports.
Cyware News – Latest Cyber News – Read More
Why Ransomware Could Surge in the Middle East & Africa
/in General NewsOrganizations from the Middle East and Africa have typically escaped public ransoms, but that’s changing amid heightened geopolitical conflicts and digitalization initiatives.
darkreading – Read More
Ringleader of Prolific Ransomware Gang Arrested in Ukraine
/in General NewsIn a rare instance of an overseas arrest of ransomware perpetrators, four other high-profile gang members were also seized.
darkreading – Read More
SecurityWeek to Host Cyber AI & Automation Summit on December 6th
/in General NewsVirtual conference will explore cybersecurity use-cases for AI technology and the race to protect LLM algorithms from adversarial use.
The post SecurityWeek to Host Cyber AI & Automation Summit on December 6th appeared first on SecurityWeek.
SecurityWeek – Read More
Okta Breach Impacted All Customer Support Users—Not 1 Percent
/in General NewsOkta upped its original estimate of customer support users affected by a recent breach from 1 percent to 100 percent, citing a “discrepancy.”
Security Latest – Read More
PoCs for Critical Arcserve UDP Vulnerabilities Released
/in General NewsArcserve UDP is a popular enterprise data protection, backup and disaster recovery solution. The flaws were unearthed by Tenable researchers and privately disclosed to Arcserve in late August 2023.
Cyware News – Latest Cyber News – Read More
Egyptian E-Payment Vendor Recovering From LockBit Ransomware Attack
/in General NewsFawry remains confident that this data will not impact financial transactions on its platform, but the company believes it may have included the personal details of some customers whose information had been on the testing platform.
Cyware News – Latest Cyber News – Read More
US seizes Sinbad Crypto Mixer Used by North Korean Lazarus Group
/in General NewsSinbad has processed millions of dollars’ worth of virtual currency from Lazarus Group heists, including the Horizon Bridge and Axie Infinity heists,” reads a Department of Treasury press statement.
Cyware News – Latest Cyber News – Read More