BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Android’s September 2024 Update Patches Exploited Vulnerability
/in General NewsGoogle has released Android security updates to patch an exploited local privilege escalation vulnerability.
The post Android’s September 2024 Update Patches Exploited Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
D-Link Warns of Code Execution Flaws in Discontinued Router Model
/in General NewsD-Link warns of multiple remote code execution vulnerabilities impacting its discontinued DIR-846 router model.
The post D-Link Warns of Code Execution Flaws in Discontinued Router Model appeared first on SecurityWeek.
SecurityWeek – Read More
Fake GlobalProtect VPN Downloads Used to Spread WikiLoader Malware
/in General NewsBeware of fake GlobalProtect VPN downloads! A new malware campaign uses SEO poisoning and spoofed websites to deliver…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
White House Outlines Plan for Addressing BGP Vulnerabilities
/in General NewsThe White House has released a roadmap for addressing internet routing (BGP) security issues, mainly through RPKI adoption.
The post White House Outlines Plan for Addressing BGP Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Spoofed GlobalProtect Used to Deliver Unique WikiLoader Variant
/in General NewsA new malware campaign is spoofing Palo Alto Networks’ GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO) campaign.
Cyware News – Latest Cyber News – Read More
Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack
/in General NewsA new malware campaign is spoofing Palo Alto Networks’ GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO) campaign.
The malvertising activity, observed in June 2024, is a departure from previously observed tactics wherein the malware has been propagated via traditional phishing emails, Unit 42 researchers
The Hacker News – Read More
The Japanese Robot Controversy Lurking in Israel’s Military Supply Chain
/in General NewsActivists claim Japanese industrial robots are being used to build military equipment for Israel. The robot maker denies the claims, but the episode reveals the complex ethics of global manufacturing.
Security Latest – Read More
Blackwired Launches ThirdWatch℠, A Paradigm Shift in Cybersecurity
/in General NewsSingapore, Singapore, 4th September 2024, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Top five strategies from Meta’s CyberSecEval 3 to combat weaponized LLMs
/in General NewsMeta has created CYBERSECEVAL 3, a new suite of security benchmarks for LLMs that benchmark AI models’ security risks and capabilities.Read More
Security News | VentureBeat – Read More
North Korean APT Exploits Novel Chromium, Windows Bugs to Steal Crypto
/in General NewsDPRK’s innovative tack chains together previously unknown browser issues, then adds a rootkit to the mix to gain deep system access.
darkreading – Read More