BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
Free Decryptor Released for Black Basta Ransomware
/in General NewsA vulnerability in Black Basta ransomware’s encryption algorithm allows researchers to create a free decryptor.
The post Free Decryptor Released for Black Basta Ransomware appeared first on SecurityWeek.
SecurityWeek – Read More
Startups Scramble to Build Immediate AI Security
/in General NewsAI may be inherently insecure, but only a handful of startups have put forward real visions to mitigate AI’s threats and keep data private.
darkreading – Read More
New DLL Search Order Hijacking Technique Targets WinSxS folder
/in General NewsAttackers can abuse a new DLL search order hijacking technique to execute code in applications within the WinSxS folder.
The post New DLL Search Order Hijacking Technique Targets WinSxS folder appeared first on SecurityWeek.
SecurityWeek – Read More
Iranian Food Delivery Giant Snappfood Cyber Attack: 3TB of Data Stolen
/in General NewsBy Waqas
Snappfood has acknowledged the cyber attack, leading to a massive data breach.
This is a post from HackRead.com Read the original post: Iranian Food Delivery Giant Snappfood Cyber Attack: 3TB of Data Stolen
Hackread – Latest Cybersecurity News, Press Releases & Technology Today – Read More
Hackers Attack UK’s Nuclear Waste Services Through LinkedIn
/in General NewsThe United Kingdom’s Radioactive Waste Management (RWM) company recently experienced a cyberattack attempt through LinkedIn. Although the attack was unsuccessful, concerns have been raised about the security of critical nuclear infrastructure.
Cyware News – Latest Cyber News – Read More
What It’s Like to Use Apple’s Lockdown Mode
/in General NewsIf you’re at high risk of being targeted by mercenary spyware, or just don’t mind losing iOS features for extra security, the company’s restricted mode is surprisingly usable.
Security Latest – Read More
Pro-Palestinian Operation Claims Dozens of Data Breaches Against Israeli Firms
/in General NewsPro-Palestinian hackers belonging to the group Cyber Toufan have successfully breached and leaked data from numerous Israeli entities, including foreign companies doing business with Israel.
Cyware News – Latest Cyber News – Read More
Spotify Music Converter TuneFab Puts Users at Risk Due to Misconfigured MongoDB Instance
/in General NewsTuneFab converter, a tool used to convert copyrighted music from streaming platforms, exposed over 151 million records of users’ private data due to a misconfiguration on MongoDB.
Cyware News – Latest Cyber News – Read More
Hospitals Ask Courts to Force Cloud Storage Firm to Return Stolen Data
/in General NewsTwo New York hospitals are seeking a court order to retrieve stolen data stored on a cloud storage company’s servers after a ransomware attack. The stolen data includes sensitive information such as patients’ personal and health information.
Cyware News – Latest Cyber News – Read More
Researchers Crack Tesla Autopilot with ‘Elon Mode,’ Access Critical Data
/in General NewsBy Deeba Ahmed
German cybersecurity researchers from Technische Universität Berlin employed a €600 (£520 – $660) tool to gain root access to the ARM64-based circuit board of Tesla’s autopilot.
This is a post from HackRead.com Read the original post: Researchers Crack Tesla Autopilot with ‘Elon Mode,’ Access Critical Data
Hackread – Latest Cybersecurity News, Press Releases & Technology Today – Read More