BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
MuddyWater Hijacks RMM Software for Espionage
/in General NewsMuddyWater, an Iranian hacker group since 2017, has been using legitimate RMM software to target organizations globally, focusing on government, military, telecom, and oil sectors.
Cyware News – Latest Cyber News – Read More
Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild
/in General NewsSonicWall is warning customers that the recently patched critical vulnerability CVE-2024-40766 may be exploited in the wild.
The post Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild appeared first on SecurityWeek.
SecurityWeek – Read More
OpenStack Ironic Users Urged to Patch Critical Vulnerability
/in General NewsThe flaw, discovered by security researchers at Red Hat and G-Research, could lead to unauthorized access to sensitive data through mishandled images processed by qemu-img.
Cyware News – Latest Cyber News – Read More
Using Transparency & Sharing to Defend Critical Infrastructure
/in General NewsNo organization can single-handedly defend against sophisticated attacks. Governments and private sector entities need to collaborate, share information, and develop defenses against cyber threats
darkreading – Read More
Sami Khoury, Head of Canada’s Cyber Agency, Starts New Role in Government
/in General NewsSami Khoury, the head of Canada’s cyber agency, is moving to a new role as the government’s senior official for cybersecurity after leading the Canadian Centre for Cyber Security (CCCS) since August 2021.
Cyware News – Latest Cyber News – Read More
New Android SpyAgent Campaign Steals Crypto Credentials via Image Recognition
/in General NewsA new mobile malware called SpyAgent has been uncovered by McAfee’s Mobile Research Team. This malware targets mnemonic keys used for cryptocurrency wallets by scanning for images containing them on your device.
Cyware News – Latest Cyber News – Read More
US Posts Indictments, Rewards in Russia’s WhisperGate Hacks Against Ukraine
/in General NewsThe US has indicted members of Russian military intelligence unit 29155 for cyber-operations including WhisperGate hacks against Ukraine, offering up to $10 million for information.
Cyware News – Latest Cyber News – Read More
Malvertising Campaign Phishes Lowe’s Employees
/in General NewsThe fake landing pages closely mimicked the real Lowe’s portal, prompting employees to enter their sales numbers, passwords, and security question answers, which then were sent to attackers.
Cyware News – Latest Cyber News – Read More
White House Launches Cybersecurity Hiring Sprint To Help Fill 500,000 Job Openings
/in General NewsThe White House has launched a cybersecurity hiring sprint to fill 500,000 job openings, part of a program to address the ongoing shortage in cyber, technology, and AI positions.
Cyware News – Latest Cyber News – Read More
Hackers Linked to Russia and Belarus Increasingly Target Latvian Websites, Officials Say
/in General NewsHackers from Russia and Belarus are increasingly targeting Latvian government and critical infrastructure websites in politically motivated cyberattacks, according to Latvian cybersecurity officials.
Cyware News – Latest Cyber News – Read More