BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
U.S. Offers $10 Million for Info on Russian Cadet Blizzard Hackers Behind Major Attacks
/in General NewsThe U.S. government and a coalition of international partners have officially attributed a Russian hacking group tracked as Cadet Blizzard to the General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155).
“These cyber actors are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm
The Hacker News – Read More
‘TIDrone’ Cyberattackers Target Taiwan’s Drone Manufacturers
/in General NewsThe Chinese-speaking group is launching sophisticated malware towards military and satellite targets globally.
darkreading – Read More
Lazarus Group Targets Blockchain Pros with Fake Video Conferencing, Job Scam
/in General NewsA new Group-IB report highlights an ongoing campaign by the North Korean Lazarus Group, known as the “Eager…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
New RAMBO attack steals data using RAM in air-gapped computers
/in General NewsA novel side-channel attack dubbed “RAMBO” (Radiation of Air-gapped Memory Bus for Offense) generates electromagnetic radiation from a device’s RAM to send data from air-gapped computers. […]
BleepingComputer – Read More
For security, we have to stop picking up the phone
/in General NewsToday’s scams can be as simple as picking up a phone call. To avoid the next fraud, there are good reasons to let your calls run to voicemail.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Sextortion scam now use your “cheating” spouse’s name as a lure
/in General NewsA new variant of the ongoing sextortion email scams is now targeting spouses, saying that their husband or wife is cheating on them, with links to the alleged proof. […]
BleepingComputer – Read More
Hackers Threaten to Leak Planned Parenthood Data
/in General NewsPlus: Kaspersky’s US business sold, Nigerian sextortion scammers jailed, and Europe’s controversial encryption plans return.
Security Latest – Read More
BlindEagle Targets Colombian Insurance Sector with BlotchyQuasar
/in General NewsThe BlindEagle APT group has recently targeted the Colombian insurance sector. The attack chain starts with a phishing email impersonating DIAN, the Colombian tax authority.
Cyware News – Latest Cyber News – Read More
Veeam Backup & Replication Faces RCE Flaw Allows Full System Takeover
/in General NewsA critical Remote Code Execution (RCE) flaw, CVE-2024-40711, with a CVSS score of 9. 8 has been discovered in Veeam Backup & Replication, allowing unauthorized attackers to take full control over systems.
Cyware News – Latest Cyber News – Read More
Apache fixes critical OFBiz remote code execution vulnerability
/in General NewsApache has addressed a critical remote code execution vulnerability in its OFBiz software, which could allow attackers to run malicious code on Linux and Windows servers. OFBiz is a CRM and ERP suite that serves as a Java-based web framework.
Cyware News – Latest Cyber News – Read More