BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Python Libraries Exploited for Malicious Intent
/in General NewsA recent report by Xavier Mertens, a Senior ISC Handler and cybersecurity consultant, highlights a concerning trend where cybercriminals are increasingly using legitimate Python libraries for malicious activities.
Cyware News – Latest Cyber News – Read More
WordPress to Require Two-Factor Authentication for Plugin Developers
/in General NewsWordPress will require two-factor authentication for plugin developers starting October 1, 2024. This mandate will also apply to theme authors. The organization aims to enhance security by preventing hijacked accounts from spreading malicious code.
Cyware News – Latest Cyber News – Read More
Irish Data Protection Regulator to Investigate Google AI
/in General NewsIreland’s data protection authorities are investigating Google’s AI model to ensure compliance with GDPR. The Irish Data Protection Commission (DPC) is leading the inquiry into Google Ireland under Section 110 of the Data Protection Act 2018.
Cyware News – Latest Cyber News – Read More
Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks
/in General NewsCybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver spoofed email login pages that are designed to harvest users’ credentials.
“Unlike other phishing webpage distribution behavior through HTML content, these attacks use the response header sent by a server, which occurs before the processing of the HTML content,” Palo Alto
The Hacker News – Read More
Port of Seattle shares ransomware attack details
/in General NewsThe Port of Seattle released a statement Friday confirming that it was targeted by a ransomware attack. The attack occurred on August 24, with the Port (which also operates the Seattle-Tacoma International Airport) saying it had “experienced certain system outages indicating a possible cyberattack.” The Port is now describing this as “a ‘ransomware’ attack by […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Cybersecurity Community Celebrates Documentary Premiere at Tampa Theatre
/in General NewsPost Content
darkreading – Read More
South Korea Digital Forensics Market to Hit US $3.52B by 2031
/in General NewsPost Content
darkreading – Read More
Security News This Week: A Creative Trick Makes ChatGPT Spit Out Bomb-Making Instructions
/in General NewsPlus: New evidence emerges about who may have helped 9/11 hijackers, UK police arrest a teen in connection with an attack on London’s transit system, and Poland’s spyware scandal enters a new phase.
Security Latest – Read More
GitLab Warns of Critical Pipeline Execution Vulnerability
/in General NewsGitLab released updates covering versions 17.1.7, 17.2.5, and 17.3.2 for GitLab Community Edition (CE) and Enterprise Edition (EE), addressing a total of 18 security issues.
Cyware News – Latest Cyber News – Read More
TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud
/in General NewsCybersecurity researchers at Cleafy discovered a new variant of the TrickMo Android banking trojan that evades analysis and displays fake login screens to steal banking credentials.
Cyware News – Latest Cyber News – Read More