BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
The Changing Dynamics of Ransomware as Law Enforcement Strikes
/in General NewsDespite law enforcement actions disrupting major ransomware operations, the long-term impact remains uncertain as groups adapt and evolve. Ransomware-as-a-Service (RaaS) collectives are facing growing competition to attract affiliates.
Cyware News – Latest Cyber News – Read More
Cisco to Acquire AI Security Firm Robust Intelligence
/in General NewsCisco intends to acquire Robust Intelligence, a California-based company that specializes in securing AI applications.
The post Cisco to Acquire AI Security Firm Robust Intelligence appeared first on SecurityWeek.
SecurityWeek – Read More
Zimbabwe Government Places Priority on Cybersecurity Training for Public Servants
/in General NewsOver 100 government officials recently completed a comprehensive cybersecurity training program, focusing on global cybersecurity trends, security standards, and data protection governance.
Cyware News – Latest Cyber News – Read More
TDECU Data Breach: 500,000+ Members Affected by MOVEit Exploit
/in General NewsTDECU reports a data breach affecting over 500,000 members due to a MOVEit vulnerability. Compromised data includes Social…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
McDonald’s Instagram Hacked by Crypto Scammers to Steal $700,000
/in General NewsThe scammers targeted both McDonald’s Instagram and a senior marketing director’s Twitter account, leveraging the association between Grimace, McDonald’s iconic purple mascot, and the brand to add credibility to their scam.
Cyware News – Latest Cyber News – Read More
Update: Researcher Publishes PoC Exploit for Zero-Click Windows RCE Threat
/in General NewsA security researcher has published a proof-of-concept exploit for a critical zero-click vulnerability, CVE-2024-38063, in Windows TCP/IP. This flaw allows remote code execution on Windows systems with IPv6 enabled, affecting millions of devices.
Cyware News – Latest Cyber News – Read More
PythonAnywhere Cloud Platform Abused for Hosting Ransomware
/in General NewsRazr ransomware is exploiting PythonAnywhere to distribute and encrypt files with AES-256. ANY.RUN’s analysis reveals its behaviour, C2…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Pidgin Users Beware! Malicious Plugin Discovered with Keylogger
/in General NewsThe plugin, which was added to Pidgin’s third-party plugins list on July 6th, was flagged by a user, 0xFFFC0000, on August 16th, who reported suspicious behavior, including the unauthorized capture and sharing of screenshots.
Cyware News – Latest Cyber News – Read More
Researchers Discover Over 20 Supply Chain Vulnerabilities in MLOps Platforms
/in General NewsInherent vulnerabilities stem from the underlying formats and processes of the technology, allowing attackers to exploit features like automatic code execution in ML models and certain dataset formats.
Cyware News – Latest Cyber News – Read More
Tech Support Scam Found Hijacking Microsoft Search Queries Through Google Ads
/in General NewsTwo deceptive campaigns were identified recently using Google ads and Microsoft’s infrastructure. The first scam involves a fake helpdesk page on Microsoft Learn whereas the second one hijacks Microsoft search queries through a Google ad.
Cyware News – Latest Cyber News – Read More