BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Ransomware Attackers Introduce New EDR Killer to Disable Protection on Compromised Hosts
/in General NewsA cybercrime group linked to RansomHub ransomware has been seen using a new EDR-killing tool, named EDRKillShifter, to disable endpoint detection and response software on compromised hosts.
Cyware News – Latest Cyber News – Read More
The Hidden Security Gaps in Your SaaS Apps: Are You Doing Due Diligence?
/in General NewsSaaS applications have become indispensable for organizations aiming to enhance productivity and streamline operations. However, the convenience and efficiency these applications offer come with inherent security risks, often leaving hidden gaps that can be exploited. Conducting thorough due diligence on SaaS apps is essential to identify and mitigate these risks, ensuring the protection of your
The Hacker News – Read More
DDoS Attack Volume Rises, Peak Power Reaches 1.7 Tbps
/in General NewsAccording to Gcore, the number of DDoS attacks in the first half of 2024 increased by 46% compared to the same period in 2023, reaching a total of 830,000 attacks. The peak attack power also rose to 1.7 terabits per second.
Cyware News – Latest Cyber News – Read More
ArtiPACKED Flaw Exposed GitHub Actions to Token Leaks
/in General NewsDiscover how GitHub Actions artifacts leak sensitive authentication tokens, exposing popular open-source projects to security risks. Learn about…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Meta Warns of Troll Networks From Russia, Iran Ahead of US Elections
/in General NewsMeta has warned of troll networks originating from Russia and Iran ahead of the US elections. According to a report by Meta, Russia remains the top source of disrupted troll networks on Facebook and Instagram, followed closely by Iran.
Cyware News – Latest Cyber News – Read More
Western, Russian Civil Society Targeted in Sophisticated Phishing Attacks
/in General NewsMultiple Russian, Belarusian, and Western entities perceived as Russia’s enemies have been targeted in two recent spear-phishing campaigns.
The post Western, Russian Civil Society Targeted in Sophisticated Phishing Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
How to use the Passwords app on your iPhone with iOS 18
/in General NewsApple’s Passwords app will help you create, manage, save, and sync passwords on your iPhone and other devices. Here’s how to get started.
Latest stories for ZDNET in Security – Read More
Google Warns of Iranian Hackers Targeting Affiliates of Both US Presidential Campaigns
/in General NewsIranian hackers linked to the government of Iran have increased their phishing attacks on high-profile individuals in the U.S. and Israel, including those affiliated with U.S. presidential campaigns, according to Google.
Cyware News – Latest Cyber News – Read More
IBM to set up ‘full stack’ AI facility at university
/in General NewsLocated at the National University of Singapore, the AI research and development center will focus on sustainability and safety.
Latest stories for ZDNET in Security – Read More
New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems
/in General NewsCybersecurity researchers have uncovered new stealer malware that’s designed to specifically target Apple macOS systems.
Dubbed Banshee Stealer, it’s offered for sale in the cybercrime underground for a steep price of $3,000 a month and works across both x86_64 and ARM64 architectures.
“Banshee Stealer targets a wide range of browsers, cryptocurrency wallets, and around 100 browser
The Hacker News – Read More