BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Signal Downplays Encryption Key Flaw, Fixes it After X Drama
/in General NewsSignal has now taken steps to address the issue by integrating Electron’s SafeStorage API to secure the data store from offline attacks. The new implementation is currently being tested and will soon be available in a Beta version.
Cyware News – Latest Cyber News – Read More
Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations
/in General NewsVyacheslav Igorevich Penchukov was sentenced to nine years in prison for his role in the Zeus and IcedID malware operations.
The post Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations appeared first on SecurityWeek.
SecurityWeek – Read More
NATO Set to Build New Cyber Defense Center
/in General NewsThe new cyber-defense facility, dubbed NATO Integrated Cyber Defence Centre (NICC), will be located in Belgium at SHAPE and will consist of civilian and military experts from member states.
Cyware News – Latest Cyber News – Read More
Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months
/in General NewsRetail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication purposes when signing into online accounts to mitigate the risk of phishing attacks.
The decision was announced by the Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS) on July 9, 2024.
“Customers who have activated their digital
The Hacker News – Read More
Rabbit r1 AI assistant has secretly been storing user chats that can’t be deleted
/in General NewsA new software update will fix an issue that could let someone see r1 chat logs, photos, and more.
Latest news – Read More
Several DOD IT Programs Still Don’t Have a Cyber Strategy, Watchdog Finds
/in General NewsThe U.S. Government Accountability Office’s annual assessment of the Defense Department’s IT spending revealed that several programs lack approved cybersecurity strategies, leaving them vulnerable to potential cyberattacks.
Cyware News – Latest Cyber News – Read More
White House Calls for Defending Critical Infrastructure
/in General NewsThe Office of Management and Budget has issued a memorandum outlining the administration’s cybersecurity priorities for fiscal year 2026, aligning with the national cybersecurity strategy.
Cyware News – Latest Cyber News – Read More
CISA Urges Software Makers to Eliminate OS Command Injection Flaws
/in General NewsThe US government is pressuring software manufacturers to address operating system command injection vulnerabilities following high-profile threat actor campaigns exploiting these flaws in 2024.
Cyware News – Latest Cyber News – Read More
ClickFix Deception: A Social Engineering Tactic to Deploy Malware
/in General NewsMcAfee Labs has uncovered a unique malware delivery method called the “Clickfix” infection chain, which starts with users being directed to compromised websites and instructed to paste a script into a PowerShell terminal.
Cyware News – Latest Cyber News – Read More
4 ways to use AI to shop on Amazon Prime Day
/in General NewsAI tools can help you generate text, images, and code, but they can also work as a great shopping assistant this Prime Day. Here’s how.
Latest news – Read More