BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
North Korean Hackers Update BeaverTail Malware to Target MacOS Users
/in General NewsNorth Korean hackers have updated their BeaverTail malware to target MacOS users. The malware is disguised as a legitimate video call service named “MiroTalk.dmg” in an Apple macOS disk image file.
Cyware News – Latest Cyber News – Read More
This Anker power bank has a genius feature that makes it irreplaceable for me, and it’s still 20% less!
/in General NewsThe fast USB-C charging is great, but the cable’s layout makes the Anker Nano power bank a mainstay in my everyday carry. And in this post-Amazon Prime day deal you can get it for $36.
Latest news – Read More
Ctera Raises $80 Million From PSG Equity
/in General NewsCtera has received $80 million in primary and secondary funding from private equity firm PSG Equity.
The post Ctera Raises $80 Million From PSG Equity appeared first on SecurityWeek.
SecurityWeek – Read More
SubSnipe: Open-Source Tool for Finding Subdomains Vulnerable to Takeover
/in General NewsSubSnipe is an open-source tool designed to identify vulnerable subdomains at risk of takeover. Created by Florian Walter, the tool offers improved accuracy and efficiency compared to other similar tools by conducting additional verification steps.
Cyware News – Latest Cyber News – Read More
MarineMax Notifying 123,000 of Data Breach Following Ransomware Attack
/in General NewsBoat dealer MarineMax said the data breach caused by a recent ransomware attack impacts over 123,000 individuals.
The post MarineMax Notifying 123,000 of Data Breach Following Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Mysterious Chinese Hacking Group ‘GhostEmperor’ Spotted for First Time in Two Years
/in General NewsSecurity firm Sygnia revealed that GhostEmperor recently compromised a network, using it as a launchpad to access another victim’s systems. This marks the first public report on the group since it was identified by Kaspersky Lab in 2021.
Cyware News – Latest Cyber News – Read More
Ransomware Costs at Critical Infrastructure Organizations Soar
/in General NewsAccording to Sophos, ransomware attacks on critical national infrastructure (CNI) organizations have seen a significant increase in costs over the past year, with the median ransom payments reaching $2.54 million.
Cyware News – Latest Cyber News – Read More
Pentagon Leaker Jack Teixeira to Face Military Court-Martial, Air Force Says
/in General NewsTeixeira, who was part of the 102nd Intelligence Wing at Otis Air National Guard Base in Massachusetts, worked as a cyber transport systems specialist.
The post Pentagon Leaker Jack Teixeira to Face Military Court-Martial, Air Force Says appeared first on SecurityWeek.
SecurityWeek – Read More
Port Shadow Attack Allows VPN Traffic Interception, Redirection
/in General NewsResearchers show how the Port Shadow technique against VPNs can allow MitM attacks, enabling threat actors to intercept and redirect traffic.
The post Port Shadow Attack Allows VPN Traffic Interception, Redirection appeared first on SecurityWeek.
SecurityWeek – Read More
Cisco SSM On-Prem Bug Lets Hackers Change Any User’s Password
/in General NewsTracked as CVE-2024-20419, the flaw enables remote attackers to set new passwords without authentication. Admins are advised to upgrade to the fixed release to protect vulnerable servers, as there are no workarounds available.
Cyware News – Latest Cyber News – Read More