BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Hundreds of Online Stores Hacked in New Campaign
/in General NewsA new malware campaign has targeted numerous online stores, compromising their security by injecting digital skimmers that can steal credit card information during the checkout process.
Cyware News – Latest Cyber News – Read More
Georgia Tech Sued Over Cybersecurity Violations
/in General NewsThe US government has filed a lawsuit against the Georgia Institute of Technology (Georgia Tech) and its affiliate Georgia Tech Research Corporation (GTRC) for alleged cybersecurity violations.
Cyware News – Latest Cyber News – Read More
Two Remote Code Execution Vulnerabilities Discovered in Traccar GPS Tracking System
/in General NewsThe two vulnerabilities are path traversal flaws, with CVE-2024-24809 allowing unrestricted file upload with dangerous types and CVE-2024-31214 enabling remote code execution through device image uploads.
Cyware News – Latest Cyber News – Read More
CyberGhost vs NordVPN (2024): Which VPN Should You Choose?
/in General NewsWhile CyberGhost VPN’s optimized servers bring a lot of value, NordVPN’s more consistent speed performance and extensive feature inclusions give it the slight edge.
Security | TechRepublic – Read More
500k Impacted by Texas Dow Employees Credit Union Data Breach
/in General NewsThe personal information of 500,000 Texas Dow Employees Credit Union members was compromised in the MOVEit hack last year.
The post 500k Impacted by Texas Dow Employees Credit Union Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
GenAI Models are Easily Compromised
/in General NewsGenAI security measures are easily compromised, with 95% of experts expressing low confidence in their security. Attack methods specific to GenAI make it easy for anyone to manipulate applications, gain unauthorized access, and steal data.
Cyware News – Latest Cyber News – Read More
American Radio Relay League Paid $1 Million to Ransomware Gang
/in General NewsThe American Radio Relay League (ARRL) says it paid out a $1 million ransom after falling victim to ransomware in May 2024.
The post American Radio Relay League Paid $1 Million to Ransomware Gang appeared first on SecurityWeek.
SecurityWeek – Read More
French Authorities Arrest Telegram CEO Pavel Durov at a Paris Airport, French Media Report
/in General NewsFrench media reported that the warrant for Durov was issued by France at the request of the special unit at the country’s interior ministry in charge of investigating crimes against minors.
The post French Authorities Arrest Telegram CEO Pavel Durov at a Paris Airport, French Media Report appeared first on SecurityWeek.
SecurityWeek – Read More
SonicWall Patches Critical SonicOS Vulnerability
/in General NewsSonicWall has patched CVE-2024-40766, a critical SonicOS vulnerability that can lead to unauthorized access or a firewall crash.
The post SonicWall Patches Critical SonicOS Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
NTLM Credential Theft Risk in Python Apps Threaten Windows Security
/in General NewsNew research reveals critical vulnerabilities in Python applications for Windows including Snowflake, Gradio, Jupyter, and Streamlit that could…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More