BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
No feed items found.
Exploit DB
- [webapps] XWiki Standard 14.10 - Remote Code Execution (RCE)
- [local] Solstice Pod 6.2 - API Session Key Extraction via API Endpoint
- [webapps] CodeCanyon RISE CRM 3.7.0 - SQL Injection
- [webapps] Litespeed Cache 6.5.0.1 - Authentication Bypass
- [webapps] Sonatype Nexus Repository 3.53.0-01 - Path Traversal
- [webapps] Rejetto HTTP File Server 2.3m - Remote Code Execution (RCE)
- [webapps] Progress Telerik Report Server 2024 Q1 (10.0.24.305) - Authentication Bypass
- [webapps] MoziloCMS 3.0 - Remote Code Execution (RCE)
- [webapps] KubeSphere 3.4.0 - Insecure Direct Object Reference (IDOR)
- [webapps] X2CRM 8.5 - Stored Cross-Site Scripting (XSS)
US Court Docs Expose Fake Antivirus Renewal Phishing Tactics
/in General NewsThe U.S. Secret Service executed a seizure warrant to recover $34,000 stolen through a fake Norton antivirus renewal email scam. The scam tricked victims into granting remote access to their computers, and then transferring money from their accounts.
Cyware News – Latest Cyber News – Read More
Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation
/in General NewsQuarkslab finds serious, remotely exploitable vulnerabilities in EDK II, the de-facto open source reference implementation of the UEFI spec.
The post Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation appeared first on SecurityWeek.
SecurityWeek – Read More
180k Internet-Exposed SonicWall Firewalls Vulnerable to DoS Attacks, Possibly RCE
/in General NewsTwo DoS vulnerabilities patched in 2022 and 2023 haunt nearly 180,000 internet-exposed SonicWall firewalls.
The post 180k Internet-Exposed SonicWall Firewalls Vulnerable to DoS Attacks, Possibly RCE appeared first on SecurityWeek.
SecurityWeek – Read More
Hacker Conversations: HD Moore and the Line Between Black and White
/in General NewsSecurityWeek talked to HD Moore, best known as the founder and original developer of Metasploit.
The post Hacker Conversations: HD Moore and the Line Between Black and White appeared first on SecurityWeek.
SecurityWeek – Read More
Over 178K SonicWall Firewalls Vulnerable to DoS, Potential RCE Attacks
/in General NewsAttackers can exploit these vulnerabilities to force affected firewalls into maintenance mode, impacting their standard functionality and VPN access to corporate networks.
Cyware News – Latest Cyber News – Read More
Tsurugi Linux Tailors User Experience for Digital Forensics and OSINT Investigations
/in General NewsTsurugi Linux offers a user-friendly interface with a logical sequence of forensic analysis tools, including support for live forensics, post-mortem analysis, digital evidence acquisition, malware analysis, OSINT, and computer vision activities.
Cyware News – Latest Cyber News – Read More
Researchers Uncover Major Surge in Global Botnet Activity
/in General NewsThe surge in activity was attributed to the use of cheap or free cloud and hosting servers by attackers to create botnet launch pads. These new botnets focused on scanning global internet ports and showed signs of potential email server exploits.
Cyware News – Latest Cyber News – Read More
Tura Scandinavia AB Encounters Another Cyberattack Following Intrusion in December
/in General NewsTura Scandinavia AB has allegedly been targeted by the LockBit ransomware group, with claims of unauthorized access to the company’s network and the sale of login credentials on the dark web.
Cyware News – Latest Cyber News – Read More
Anonymous Sudan Claims London Internet Exchange Attack Over Yemen Strikes
/in General NewsBy Deeba Ahmed
Anonymous Sudan is a pro-Russia hacktivist group, and their emergence aligns with the rise of other pro-Russian cyber actors since the beginning of the Ukraine war.
This is a post from HackRead.com Read the original post: Anonymous Sudan Claims London Internet Exchange Attack Over Yemen Strikes
Hackread – Latest Cybersecurity News, Press Releases & Technology Today – Read More
Windows Defender SmartScreen Vulnerability Exploited with Phemedrone Stealer
/in General NewsBy Deeba Ahmed
Attackers Leveraging Windows Vulnerability in Phemedrone Malware Campaign for Enhanced Stealth.
This is a post from HackRead.com Read the original post: Windows Defender SmartScreen Vulnerability Exploited with Phemedrone Stealer
Hackread – Latest Cybersecurity News, Press Releases & Technology Today – Read More