BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
‘Terrorgram’ Charges Show US Has Had Tools to Crack Down on Far-Right Terrorism All Along
/in General NewsThe federal indictment of two alleged members of the Terrorgram Collective, a far-right cell accused of inspiring “lone wolf” attacks, reveals the US is now using a “forgotten” legal strategy.
Security Latest – Read More
Critical Severity Flaw Exposes Siemens Industrial Systems
/in General NewsThis flaw, tracked as CVE-2024-35783 and with a CVSS score of 9.4, affects SIMATIC Process Historian, PCS 7, and WinCC, allowing attackers to gain elevated privileges and execute arbitrary commands.
Cyware News – Latest Cyber News – Read More
New Android Malware Ajina.Banker Steals 2FA Codes, Spreads via Telegram
/in General NewsA new Android malware called Trojan Ajina.Banker is targeting Central Asia – Discover how this malicious malware disguises…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
SolarWinds Reveals RCE Flaw in Access Rights Manager
/in General NewsSolarWinds has disclosed two vulnerabilities in their Access Rights Manager (ARM) software: CVE-2024-28990 (CVSS 6. 3) allows for a hardcoded credential authentication bypass, while CVE-2024-28991 (CVSS 9. 0) enables remote code execution.
Cyware News – Latest Cyber News – Read More
New Android malware targets bank customers in Central Asia
/in General NewsPost Content
The Record from Recorded Future News – Read More
Fortinet confirms customer data breach
/in General NewsOn Thursday, cybersecurity giant Fortinet disclosed a breach involving customer data. In a statement posted online, Fortinet said an individual intruder accessed “a limited number of files” stored on a third-party shared cloud drive belonging to Fortinet, which included data belonging to “less than 0.3%” of its customers. The company said that the incident “did […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Fake Recruiter Coding Tests Target Developers With Malicious Python Packages
/in General NewsThe Lazarus Group has been targeting developers in a new VMConnect campaign, using fake job interviews to trick them into downloading malicious software packages from open-source repositories.
Cyware News – Latest Cyber News – Read More
Hardware Supply Chain Threats Can Undermine Endpoint Infrastructure
/in General NewsTo prevent this, organizations should focus on developing secure hardware and firmware foundations, enabling them to manage, monitor, and remediate hardware and firmware security.
darkreading – Read More
Update: Hackers Target Apache OFBiz RCE Flaw CVE-2024-45195 After PoC Exploit Released
/in General NewsHackers are targeting an RCE vulnerability (CVE-2024-45195) in Apache OFBiz after the release of a Proof of Concept (PoC) exploit. Malicious requests have been detected, with attacks focusing on the financial services industry and business sectors.
Cyware News – Latest Cyber News – Read More
Largest crypto exchange in Indonesia pledges to reimburse users after $22 million theft
/in General NewsPost Content
The Record from Recorded Future News – Read More