BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Hackers Could Exploit Microsoft Teams on macOS to Steal Data
/in General NewsCisco Talos reveals 8 vulnerabilities in Microsoft’s macOS apps, exploiting TCC framework weaknesses. Hackers can bypass security, inject…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Xeon Sender Enables Large-Scale SMS Spam Attacks Using Legitimate SaaS Providers
/in General NewsXeon Senderallows attackers to conduct large-scale SMS spam and phishing campaigns using legitimate SaaS providers. Distributed through Telegram and hacking forums, it requires API credentials from popular providers like Amazon SNS and Twilio.
Cyware News – Latest Cyber News – Read More
Three-Quarters of Companies Retain An Increasing Amount of Sensitive Data, Report Finds
/in General NewsPerforce reveals that companies are struggling with increased sensitive data in non-production environments, leading to higher breach risks and compliance challenges.
Security | TechRepublic – Read More
Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds
/in General NewsThreatDown 2024 Report: Malwarebytes reveals ransomware trends, showing most attacks occur at night when security staff are off duty.
Security | TechRepublic – Read More
US Bipartisan Committee Urges Investigation Into Chinese Wi-Fi Routers
/in General NewsHouse members John Moolenaar and Raja Krishnamoorthi expressed worries about TP-Link Technologies, the world’s top Wi-Fi product provider, being vulnerable to compromised by state-sponsored hackers from China.
Cyware News – Latest Cyber News – Read More
Fabric Cryptography Raises $33 Million for VPU Chip
/in General NewsFabric Cryptography has raised $33 million in Series A funding to create the Verifiable Processing Unit (VPU), a new chip for cryptography.
The post Fabric Cryptography Raises $33 Million for VPU Chip appeared first on SecurityWeek.
SecurityWeek – Read More
Ransomware Victims Paid $460 Million in First Half of 2024
/in General NewsRansomware payments in H1 2024 totaled nearly $460 million and $1.58 billion have been stolen in cryptocurrency heists.
The post Ransomware Victims Paid $460 Million in First Half of 2024 appeared first on SecurityWeek.
SecurityWeek – Read More
Cisco, Microsoft Disagree on Severity of macOS App Vulnerabilities
/in General NewsMultiple vulnerabilities in Microsoft applications for macOS could be exploited to send emails, leak sensitive information, and escalate privileges.
The post Cisco, Microsoft Disagree on Severity of macOS App Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Chrome Will Redact Credit Cards, Passwords When You Share Android Screen
/in General NewsGoogle is testing a feature in Chrome on Android to redact credit card details, passwords, and sensitive information when sharing your screen. Google aims to prevent leaks of sensitive data while recording or sharing screens.
Cyware News – Latest Cyber News – Read More
Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters
/in General NewsCybersecurity researchers have disclosed a security flaw impacting Microsoft Azure Kubernetes Services that, if successfully exploited, could allow an attacker to escalate their privileges and access credentials for services used by the cluster.
“An attacker with command execution in a Pod running within an affected Azure Kubernetes Services cluster could download the configuration used to
The Hacker News – Read More