BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
New Linux Malware “Hadooken’ Targets Oracle WebLogic Applications
/in General NewsA new Linux malware named Hadooken is targeting Oracle WebLogic servers, dropping Tsunami malware and deploying a cryptominer. WebLogic servers are vulnerable to cyberattacks due to flaws like deserialization and weak access controls.
Cyware News – Latest Cyber News – Read More
Apple Patches Vision Pro Vulnerability to Prevent GAZEploit Attacks
/in General NewsApple has released a patch for Vision Pro after researchers showed how an attacker can obtain passwords typed by looking at keys.
The post Apple Patches Vision Pro Vulnerability to Prevent GAZEploit Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
UK Teen Arrested Over Transport for London Hack
/in General NewsA 17-year-old from England has been arrested by the NCA over the recent cyberattack on Transport for London.
The post UK Teen Arrested Over Transport for London Hack appeared first on SecurityWeek.
SecurityWeek – Read More
UK Data Centers Gain Critical Infrastructure Status, Raising Green Belt Controversy
/in General NewsThe designation of UK data centers as Critical National Infrastructure strengthens cyber defenses, but a proposed £3.75B data center on protected Green Belt land sparks debate.
The post UK Data Centers Gain Critical Infrastructure Status, Raising Green Belt Controversy appeared first on SecurityWeek.
SecurityWeek – Read More
1.3 Million Android TV Boxes Infected by Vo1d Malware
/in General NewsDoctor Web warns of the new Vo1d Android malware infecting roughly 1.3 million TV boxes running older OS versions.
The post 1.3 Million Android TV Boxes Infected by Vo1d Malware appeared first on SecurityWeek.
SecurityWeek – Read More
Fortinet Data Breach Impacts Customer Information
/in General NewsFortinet has confirmed suffering a data breach impacting customers after a hacker leaked files allegedly stolen from the company.
The post Fortinet Data Breach Impacts Customer Information appeared first on SecurityWeek.
SecurityWeek RSS Feed – Read More
GitLab Updates Resolve Critical Pipeline Execution Vulnerability
/in General NewsGitLab has released security updates to resolve multiple vulnerabilities in GitLab CE/EE, including a critical-severity pipeline execution flaw.
The post GitLab Updates Resolve Critical Pipeline Execution Vulnerability appeared first on SecurityWeek.
SecurityWeek RSS Feed – Read More
New Linux Malware Campaign Exploits Oracle Weblogic to Mine Cryptocurrency
/in General NewsCybersecurity researchers have uncovered a new malware campaign targeting Linux environments to conduct illicit cryptocurrency mining.
The activity, which specifically singles out the Oracle Weblogic server, is designed to deliver malware dubbed Hadooken, according to cloud security firm Aqua.
“When Hadooken is executed, it drops a Tsunami malware and deploys a crypto miner,” security researcher
The Hacker News – Read More
SquareX, Awarded Rising Star Category in CybersecAsia Readers’ Choice Awards 2024
/in General NewsSingapore, Singapore, 13th September 2024, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Microsoft VS Code Undermined in Asian Spy Attack
/in General NewsA technique to abuse Microsoft’s built-in source code editor has finally made it into the wild, thanks to China’s Mustang Panda APT.
darkreading – Read More