BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
US DoJ Charged Two Men With Stealing and Laundering $230 Million Worth of Cryptocurrency
/in General NewsTwo suspects, Malone Lam and Jeandiel Serrano, were arrested by the US Department of Justice for stealing and laundering over $230 million worth of cryptocurrency in Miami.
Cyware News – Latest Cyber News – Read More
Picus Security Raises $45M in Funding
/in General NewsPicus Security, a San Francisco, CA-based security validation company, raised $45M in funding. The round, which brought total funds raised to $80M, was led by Riverwood Capital, with participation from existing investor Earlybird Digital East Fund.
Cyware News – Latest Cyber News – Read More
Cybersecurity Products Conking Out After macOS Sequoia Update
/in General NewsmacOS Sequoia updates are causing cybersecurity software failures and breaking network connectivity for many.
The post Cybersecurity Products Conking Out After macOS Sequoia Update appeared first on SecurityWeek.
SecurityWeek – Read More
Lumma Stealer Malware Campaign Exploits Fake CAPTCHA Pages
/in General NewsThe Lumma Stealer malware is being distributed through deceptive human verification pages that trick Windows users into running malicious PowerShell commands, leading to sensitive information theft.
Cyware News – Latest Cyber News – Read More
SambaSpy RAT Targets Italian Users in a Unique Malware Campaign
/in General NewsThis unique malware campaign stood out for its precise targeting of Italian victims, with checks implemented to ensure the system language was set to Italian before infecting the device.
Cyware News – Latest Cyber News – Read More
New PondRAT Malware Hidden in Python Packages Targets Software Developers
/in General NewsThreat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called PondRAT as part of an ongoing campaign.
PondRAT, according to new findings from Palo Alto Networks Unit 42, is assessed to be a lighter version of POOLRAT (aka SIMPLESEA), a known macOS backdoor that has been previously attributed to the Lazarus Group and deployed in
The Hacker News – Read More
Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware
/in General NewsA suspected advanced persistent threat (APT) originating from China targeted a government organization in Taiwan, and possibly other countries in the Asia-Pacific (APAC) region, by exploiting a recently patched critical security flaw impacting OSGeo GeoServer GeoTools.
The intrusion activity, which was detected by Trend Micro in July 2024, has been attributed to a threat actor dubbed Earth Baxia
The Hacker News – Read More
China’s ‘Earth Baxia’ Spies Exploit Geoserver to Target APAC Orgs
/in General NewsThe APT group uses spear-phishing and a vulnerability in a geospatial data-sharing server to compromise organizations in Taiwan, Japan, the Philippines, and South Korea.
darkreading – Read More
Hackers Claim Second Dell Data Breach in One Week
/in General NewsAnother day, another claim of Dell data breach!
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
The TechCrunch Cyber Glossary
/in General NewsThis glossary includes some of the most common terms and expressions we use in our articles, and explanations of how — and why — we use them.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More