BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
New Supply Chain Attack “Revival Hijack” Risks Massive PyPI Takeovers
/in General NewsJFrog’s cybersecurity researchers have identified a new PyPI attack technique called “Revival Hijack,” which exploits package deletion policies. Over 22,000 packages are at risk, potentially impacting thousands of users. Stay informed!
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
‘Revival Hijack’ on PyPI Disguises Malware with Legitimate File Names
/in General NewsAdversaries reusing abandoned package names sneak malware into organizations in a sort of software shell game.
darkreading – Read More
US Government Isn’t Ready for Cyber Chaos in the Food and Agriculture Sector
/in General NewsThe industry remains largely unscathed by cyber threats, but recent events like the JBS ransomware attack highlight vulnerabilities. The sector’s increased automation makes it a target for hackers, posing risks to the US food supply.
Cyware News – Latest Cyber News – Read More
Travelers Targeted in New Booking.com Phishing Scam
/in General NewsThe attack involves compromising hotel managers’ accounts to access customer reservation systems, ultimately tricking hotel guests via the Booking.com app. The scheme utilizes a fake domain to deceive users and harvest sensitive data.
Cyware News – Latest Cyber News – Read More
Microsoft Tackling Windows Logfile Flaws With New HMAC-Based Security Mitigation
/in General NewsMicrosoft is experimenting with a major new security mitigation to block attacks targeting flaws in the Windows Common Log File System (CLFS).
The post Microsoft Tackling Windows Logfile Flaws With New HMAC-Based Security Mitigation appeared first on SecurityWeek.
SecurityWeek – Read More
DDoS Attacks Hit France Over Telegram’s Pavel Durov Arrest
/in General NewsHacktivists unite for the #FreeDurov campaign to launch a massive cyber campaign against France in response to Telegram…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
That massive Pixel security flaw has been patched
/in General NewsGoogle’s new update removes software intended only for cell phone store employees that could have been exploited by bad actors.
Latest stories for ZDNET in Security – Read More
Ransomware Crisis Deepens as Attacks and Payouts Rise
/in General NewsThe ransomware crisis is escalating, with a surge in attacks and payouts. New ransomware groups like PLAY and Medusa have led a wave of attacks in the second quarter, following the takedown of LockBit and BlackCat.
Cyware News – Latest Cyber News – Read More
Initial Access Brokers Target $2bn Revenue Companies
/in General NewsInitial Access Brokers (IABs) are now targeting companies with revenues reaching $2 billion, particularly in the US and business services sector, according to new research from Cyberint.
Cyware News – Latest Cyber News – Read More
Dutch Privacy Watchdog Fines Clearview AI $34 Million for ‘Illegal’ Database of Faces
/in General NewsThe Dutch Data Protection Authority (Dutch DPA) fined Clearview AI $34 million for the illegal creation of a facial image database. If Clearview AI does not comply, an additional fine of up to $5.5 million will be imposed.
Cyware News – Latest Cyber News – Read More