BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Private Internet Access (PIA) vs ExpressVPN (2024): Which VPN Is Better?
/in General NewsExpressVPN’s overall polish, fast performance and wider server network give it a slight edge over PIA VPN’s feature-rich and affordable package.
Security | TechRepublic – Read More
Ongoing Social Engineering Campaign Refreshes Payloads
/in General NewsRapid7 identified multiple intrusion attempts by threat actors utilizing social engineering tactics on June 20, 2024. The threat actors use email bombs followed by calls to offer fake solutions, with recent incidents involving Microsoft Teams calls.
Cyware News – Latest Cyber News – Read More
Russian Sentenced to Prison in US for Selling Stolen Information
/in General NewsGeorgy Kavzharadze was sentenced to prison in the US for selling stolen financial, login, and personal information on an online cybercriminal marketplace.
The post Russian Sentenced to Prison in US for Selling Stolen Information appeared first on SecurityWeek.
SecurityWeek – Read More
Google Confirms an Iranian Group Is Trying to Access Emails Linked to Both US Presidential Campaigns
/in General NewsGoogle said an Iranian hacking group has tried to infiltrate the personal email accounts of roughly a dozen people linked to President Joe Biden and former President Donald Trump since May.
The post Google Confirms an Iranian Group Is Trying to Access Emails Linked to Both US Presidential Campaigns appeared first on SecurityWeek.
SecurityWeek – Read More
FBI Says it is Investigating Purported Trump Campaign Hack
/in General NewsThe FBI is investigating a suspected hack of the Trump campaign, following accusations of Iranian involvement. The Trump campaign blames foreign sources and cited a Microsoft report linking Iranian hackers to covert efforts to influence the election.
Cyware News – Latest Cyber News – Read More
CryptoCore: Unmasking the Sophisticated Cryptocurrency Scam Operations
/in General NewsThe CryptoCore group’s scam operation leverages deepfake technology, hijacked YouTube accounts, and professionally designed websites to trick users into sending cryptocurrencies to scammer wallets.
Cyware News – Latest Cyber News – Read More
AutoCanada Hit by Cyberattack
/in General NewsAutoCanada has disclosed a disruptive cybersecurity incident after also being impacted by the recent CDK Global ransomware attack.
The post AutoCanada Hit by Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More
Was your Social Security number leaked to the dark web? Here’s how to know and what to do
/in General NewsA recent breach involving nearly 3 billion personal records included many SSNs. Was yours one of them? Here’s how to find out and what to do next.
Latest stories for ZDNET in Security – Read More
GitHub Makes Copilot Autofix Generally Available
/in General NewsGitHub has made AI-powered Copilot Autofix generally available to help developers fix code vulnerabilities faster.
The post GitHub Makes Copilot Autofix Generally Available appeared first on SecurityWeek.
SecurityWeek – Read More
Mayor of Columbus, Ohio, Says Ransomware Attackers Stole Corrupted, Unusable Data
/in General NewsHackers recently stole data from Ohio’s largest city, but what they got was not usable and no personal information about city workers was made available online, the mayor said.
The post Mayor of Columbus, Ohio, Says Ransomware Attackers Stole Corrupted, Unusable Data appeared first on SecurityWeek.
SecurityWeek – Read More