BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
New Linux Malware ‘sedexp’ Hides Credit Card Skimmers Using Udev Rules
/in General NewsCybersecurity researchers have uncovered a new stealthy piece of Linux malware that leverages an unconventional technique to achieve persistence on infected systems and hide credit card skimmer code.
The malware, attributed to a financially motivated threat actor, has been codenamed sedexp by Aon’s Stroz Friedberg incident response services team.
“This advanced threat, active since 2022, hides
The Hacker News – Read More
Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures
/in General NewsPavel Durov, founder and chief executive of the popular messaging app Telegram, was arrested in France on Saturday, according to French television network TF1.
Durov is believed to have been apprehended pursuant to a warrant issued in connection with a preliminary police investigation.
TF1 said the probe was focused on a lack of content moderation on the instant messaging service, which the
The Hacker News – Read More
Telegram Founder Pavel Durov Reportedly Arrested in France
/in General NewsReports indicate Telegram founder Pavel Durov has been arrested in France. Allegations include inadequate moderation and aiding criminal…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Living with trust issues: The human side of zero trust architecture
/in General NewsZero trust looks at every user, device and app with a bit of suspicion. But how does this impact psychological safety?Read More
Security News | VentureBeat – Read More
Qilin Ransomware Upgrades and Now Steals Google Chrome Credentials
/in General NewsQilin ransomware is evolving, now targeting Google Chrome credentials. Learn how this new tactic expands their attack arsenal…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
NSA Issues Guidance for Better Logging, Threat Detection to Prevent LotL Incidents
/in General NewsThe NSA has released guidelines to improve logging and threat detection for Living-off-the-Land (LotL) attacks in cloud services, enterprise networks, mobile devices, and OT networks as part of a global effort for critical infrastructure security.
Cyware News – Latest Cyber News – Read More
The US Navy Has Run Out of Pants
/in General NewsPlus: The US intelligence community formally blames Iran for Trump campaign hack, aircraft-tracking platform FlightAware says a “configuration error” exposed sensitive user data, and more.
Security Latest – Read More
Liverpool Fans Lose Big in Premier League Ticket Scams
/in General NewsLiverpool fans have suffered the most in Premier League ticket scams for the 2023/24 season, losing over £17,000 (~$22,460) to criminals, as revealed by a report from NatWest Bank. Arsenal supporters were also hit hard, losing £12,000 (~$15,855).
Cyware News – Latest Cyber News – Read More
CISA Adds Dahua IP Camera, Linux Kernel, and Microsoft Exchange Server Bugs to its KEV Catalog
/in General NewsThe CISA has added new vulnerabilities to its Known Exploited Vulnerabilities catalog, including Dahua IP Camera authentication bypass flaws, a Linux Kernel buffer overflow issue, and a Microsoft Exchange Server vulnerability.
Cyware News – Latest Cyber News – Read More
Greasy Opal’s CAPTCHA Solver Still Serving Cybercrime After 16 Years
/in General NewsGreasy Opal, a well-known developer, has been aiding cybercriminals for 16 years by offering a tool that can solve CAPTCHAs automatically on a large scale, bypassing security measures.
Cyware News – Latest Cyber News – Read More