BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Styx Stealer Creator’s OPSEC Fail Leaks Client List and Profit Details
/in General NewsIn what’s a case of an operational security (OPSEC) lapse, the operator behind a new information stealer called Styx Stealer leaked data from their own computer, including details related to the clients, profit information, nicknames, phone numbers, and email addresses.
Styx Stealer, a derivative of the Phemedrone Stealer, is capable of stealing browser data, instant messenger sessions from
The Hacker News – Read More
McAfee unleashes AI deepfake audio detector – but how reliable can it be?
/in General NewsAltered audio can signal a scam, and Deepfake Detector promises to find them. Here are the PCs it works on and what it will cost you.
Latest stories for ZDNET in Security – Read More
Critical Heap Overflow Vulnerability Discovered in FFmpeg, PoC Published
/in General NewsCVE-2024-7272 is a critical heap overflow vulnerability found in FFmpeg, the popular multimedia framework. The vulnerability affects versions up to 5.1.5 and has a CVSS score of 8.8.
Cyware News – Latest Cyber News – Read More
Google Cloud Unveils New Security Services and Capabilities
/in General NewsSeveral security-related enhancements have been announced at the 2024 Google Cloud Security Summit.
The post Google Cloud Unveils New Security Services and Capabilities appeared first on SecurityWeek.
SecurityWeek – Read More
TLS Bootstrap Attack on Azure Kubernetes Services can Leak Sensitive Credentials
/in General NewsA new threat known as “WireServing” has been identified in Azure Kubernetes Services (AKS) by Mandiant. This vulnerability could have allowed attackers to escalate privileges and access sensitive credentials within compromised clusters.
Cyware News – Latest Cyber News – Read More
Azure Kubernetes Services Vulnerability Exposed Sensitive Information
/in General NewsA vulnerability in Azure Kubernetes Services could have allowed attackers to escalate privileges and access sensitive information on the clusters.
The post Azure Kubernetes Services Vulnerability Exposed Sensitive Information appeared first on SecurityWeek.
SecurityWeek – Read More
RCE Vulnerability in Atlassian Bamboo Data Center and Server
/in General NewsThis flaw, present in versions 9.1.0 through 9.6.0, allows authenticated attackers to execute arbitrary code within the Bamboo environment, posing risks to confidentiality, integrity, and availability.
Cyware News – Latest Cyber News – Read More
The 6 Best Malware Removal Software Providers for 2024
/in General NewsCompare the top six malware removal software for 2024. Bitdefender leads, with Norton and Malwarebytes as strong contenders.
Security | TechRepublic – Read More
New Msupedge Backdoor Targeting Taiwan Employs Stealthy Communications
/in General NewsHackers have been using a PHP vulnerability to deploy a stealthy backdoor called Msupedge. This backdoor was recently used in a cyberattack against an unnamed university in Taiwan.
Cyware News – Latest Cyber News – Read More
Unlocking the Power of AI in Cybersecurity
/in General NewsAs adversaries increasingly exploit AI, security practitioners must not fall behind. What does it take to unlock the full potential of AI in cybersecurity?
The post Unlocking the Power of AI in Cybersecurity appeared first on SecurityWeek.
SecurityWeek – Read More