BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Hackers Use Rare Stealth Techniques to Down Asian Military, Gov’t Orgs
/in General NewsA threat actor resembling APT41 performed “AppDomainManager Injection,” which is like DLL sideloading, but arguably easier and stealthier.
darkreading – Read More
Telegram CEO Pavel Durov’s Arrest Linked to Sweeping Criminal Investigation
/in General NewsFrench authorities detained Durov to question him as part of a probe into a wide range of alleged violations—including money laundering and CSAM—but it remains unclear if he will face charges.
Security Latest – Read More
Audit Finds Notable Security Gaps in FBI’s Storage Media Management
/in General NewsThe FBI lacks proper policies and controls for tracking and disposing of storage media, leading to risks of loss or theft. The audit also identified physical security gaps in the media destruction process at FBI facilities.
Cyware News – Latest Cyber News – Read More
Cybercriminals Tap Greasy Opal to Create 750M Fake Microsoft Accounts
/in General NewsSuch cyberattack enablement services let attackers breach security measures, establish new fake accounts, and brute-force servers.
darkreading – Read More
Vulnerability Prioritization is Only the Beginning
/in General NewsVulnerability prioritization is crucial in managing security threats but is only the beginning. Knowing which vulnerabilities to address is not enough; the focus should be on quickly addressing and mitigating them.
Cyware News – Latest Cyber News – Read More
Chinese APT Volt Typhoon Caught Exploiting Versa Networks SD-WAN Zero-Day
/in General NewsMalware hunters catch Chinese APT Volt Typhoon exploiting a zero-day in Versa Director servers used by ISPs and MSPs.
The post Chinese APT Volt Typhoon Caught Exploiting Versa Networks SD-WAN Zero-Day appeared first on SecurityWeek.
SecurityWeek – Read More
Fraud Tactics and the Growing Prevalence of AI Scams
/in General NewsHiya, a call-blocking service, identified nearly 20 billion spam calls in the first half of 2024, with over 107 million spam calls daily. Of the 42 countries analyzed, 25 had spam flag rates exceeding 20%, some even surpassing 50%.
Cyware News – Latest Cyber News – Read More
Marketing Data Security Threats Are Rising: Where CMOs See Gaps
/in General NewsA new report from the CMO Council and KPMG shows that building strong relationships between marketing and data security teams is crucial, but one-third of partnerships struggle with collaboration.
Cyware News – Latest Cyber News – Read More
2 TB of Sensitive “ServiceBridge” Records Exposed in Cloud Misconfiguration
/in General NewsA major database misconfiguration exposed millions of sensitive records belonging to ServiceBridge customers. Learn about the risks and…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Seattle-Tacoma Airport Suffers System Outages Due to Possible Cyberattack
/in General NewsAs the entire Port of Seattle struggles to become fully operational once more, the airport recommends that those who are traveling take extra precautions.
darkreading – Read More