BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
YubiKeys Are a Security Gold Standard—but They Can Be Cloned
/in General NewsSecurity researchers have discovered a cryptographic flaw that leaves the YubiKey 5 vulnerable to attack.
Security Latest – Read More
Biden Admin Files Charges Against Election Meddlers From Russia
/in General NewsWorking with the Treasury and Justice departments, the president has sanctioned anti-democratic Russian adversaries.
darkreading – Read More
Ransomware Gang Claims Cyberattack on Planned Parenthood
/in General NewsPlanned Parenthood confirms “cybersecurity incident” as RansomHub ransomware gang threatens to leak 93 Gb of data stolen from the nonprofit last week.
The post Ransomware Gang Claims Cyberattack on Planned Parenthood appeared first on SecurityWeek.
SecurityWeek – Read More
Russian GRU Unit Tied to Assassinations Now Linked to Global Cyber Sabotage and Espionage
/in General NewsA secretive Russian military unit, previously linked to assassinations and destabilization in Europe, is blamed for destructive wiper malware attacks in Ukraine.
The post Russian GRU Unit Tied to Assassinations Now Linked to Global Cyber Sabotage and Espionage appeared first on SecurityWeek.
SecurityWeek – Read More
IBM Executive on Future Cybersecurity: Passkeys, Deepfakes & Quantum Computing
/in General NewsIBM’s Chris Hockings predicts a safer internet with advances in passkey tech, digital identity, deepfake defenses, and post-quantum cryptography.
Security | TechRepublic – Read More
Russian GRU Unit Tied to Assassinations Linked to Global Cyber Sabotage and Espionage
/in General NewsA secretive Russian military unit, previously linked to assassinations and destabilization in Europe, is blamed for destructive wiper malware attacks in Ukraine.
The post Russian GRU Unit Tied to Assassinations Linked to Global Cyber Sabotage and Espionage appeared first on SecurityWeek.
SecurityWeek – Read More
Litespeed Cache Flaw Exposes Millions of WordPress Sites to Takeover Attacks
/in General NewsDiscovered by security researcher Rafie Muhammad, the flaw allows unauthorized users to take control of logged-in accounts, potentially gaining administrator privileges on WordPress sites.
Cyware News – Latest Cyber News – Read More
Chinese-Speaking Hacker Group Targets Human Rights Studies in Middle East
/in General NewsUnnamed government entities in the Middle East and Malaysia are the target of a persistent cyber campaign orchestrated by a threat actor known as Tropic Trooper since June 2023.
“Sighting this group’s [Tactics, Techniques, and Procedures] in critical governmental entities in the Middle East, particularly those related to human rights studies, marks a new strategic move for them,” Kaspersky
The Hacker News – Read More
Veeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues
/in General NewsVeeam has shipped security updates to address a total of 18 security flaws impacting its software products, including five critical vulnerabilities that could result in remote code execution.
The list of shortcomings is below –
CVE-2024-40711 (CVSS score: 9.8) – A vulnerability in Veeam Backup & Replication that allows unauthenticated remote code execution.
CVE-2024-42024 (CVSS score: 9.1
The Hacker News – Read More
WordPress Mandates 2FA, SVN Passwords for Plugin, Theme Authors
/in General NewsStarting October 2024, WordPress requires plugin and theme authors to enable two-factor authentication (2FA) and use SVN-specific passwords…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More