BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Another Critical SolarWinds Web Help Desk Bug Fixed (CVE-2024-28987)
/in General NewsSolarWinds has fixed another critical bug in Web Help Desk, known as CVE-2024-28987. This flaw involves hardcoded credentials that can be exploited by remote unauthenticated users to access internal functions and alter data.
Cyware News – Latest Cyber News – Read More
Patelco Credit Union Says Breach Impacts 726k After Ransomware Gang Auctions Data
/in General NewsPatelco Credit Union has confirmed a data breach impacting many individuals after the RansomHub ransomware group stole some databases.
The post Patelco Credit Union Says Breach Impacts 726k After Ransomware Gang Auctions Data appeared first on SecurityWeek.
SecurityWeek – Read More
Critical Flaws in Traccar GPS System Expose Users to Remote Attacks
/in General NewsTwo security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances.
Both the vulnerabilities are path traversal flaws and could be weaponized if guest registration is enabled, which is the default configuration for Traccar 5, Horizon3.ai
The Hacker News – Read More
Most Ransomware Attacks Occur Between 1 AM and 5 AM
/in General NewsCybercriminals are continuously evolving their tactics, emphasizing the need for organizations to have continuous monitoring to detect suspicious activities, according to a report by Malwarebytes.
Cyware News – Latest Cyber News – Read More
FAA Proposes New Cybersecurity Rules for Airplanes
/in General NewsThe increasing connectivity of airplanes to data networks has prompted regulators to consider cybersecurity threats from various sources, including maintenance laptops, airport networks, wireless sensors, and satellite communications.
Cyware News – Latest Cyber News – Read More
Gartner Spotlights AI, Security in 2024 Hype Cycle for Emerging Tech
/in General NewsGartner’s 2024 Hype Cycle for Emerging Technologies highlights autonomous AI, developer productivity, total experience, and human-centric security and privacy programs as the key technology trends to look out for.
Cyware News – Latest Cyber News – Read More
New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards
/in General NewsCybersecurity researchers have uncovered new Android malware that can relay victims’ contactless payment data from physical credit and debit cards to an attacker-controlled device with the goal of conducting fraudulent operations.
The Slovak cybersecurity company is tracking the novel malware as NGate, stating it observed the crimeware campaign targeting three banks in Czechia.
The malware “has
The Hacker News – Read More
India’s Critical Infrastructure Suffers Spike in Cyberattacks
/in General NewsThe financial and government sectors have come under increasing attacks in India, with the Reserve Bank of India (RBI) warning banks to double down on cybersecurity.
darkreading – Read More
Pavel Durov’s Arrest Leaves Telegram Hanging in the Balance
/in General NewsDurov has reportedly been detained in France over Telegram’s alleged failure to adequately moderate illegal content on the messaging app. His arrest sparked backlash and left some associates asking, what now?
Security Latest – Read More
Iranian Hackers Targeted WhatsApp Accounts of Staffers in Biden, Trump Administrations, Meta Says
/in General NewsMeta said it discovered a network of Iranian hackers, who posed as tech support agents for companies including AOL, Microsoft, Yahoo and Google.
The post Iranian Hackers Targeted WhatsApp Accounts of Staffers in Biden, Trump Administrations, Meta Says appeared first on SecurityWeek.
SecurityWeek – Read More