BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Bluetti is offering fantastic deals on its power stations – but not for long
/in General NewsThere’s never been a better time to invest in a Bluetti power station. Save hundreds on select models at Amazon, but hurry – these deals will end soon!
Latest news – Read More
AT&T Data Breach: ‘Nearly All’ Wireless Customers Exposed in Massive Hack
/in General NewsData breach exposed records of call and text interactions for nearly all AT&T’s wireless customers and has been linked to the recent attacks targeting Snowflake customers.
The post AT&T Data Breach: ‘Nearly All’ Wireless Customers Exposed in Massive Hack appeared first on SecurityWeek.
SecurityWeek – Read More
Year-Old Veeam Vulnerability Exploited in Fresh Ransomware Attacks
/in General NewsAkira and EstateRansomware cybercrime gangs have been exploiting a year-old Veeam Backup & Replication vulnerability in recent attacks.
The post Year-Old Veeam Vulnerability Exploited in Fresh Ransomware Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
Critical Exim Mail Server Vulnerability Exposes Millions to Malicious Attachments
/in General NewsA critical security issue has been disclosed in the Exim mail transfer agent that could enable threat actors to deliver malicious attachments to target users’ inboxes.
The vulnerability, tracked as CVE-2024-39929, has a CVSS score of 9.1 out of 10.0. It has been addressed in version 4.98.
“Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass
The Hacker News – Read More
The Jackery Explorer 1000 is one of the best portable power stations you can buy, and it’s now $840
/in General NewsThis Jackery portable power station is a fantastic model for camping and RV trips, or for emergencies and power outages, and you can get it with or without a solar panel. And now it’s 30% off!
Latest news – Read More
Macau Government Websites Hit with Cyberattack by Suspected Foreign Hackers
/in General NewsThe attack, identified as a distributed denial-of-service attack (DDoS), affected websites of security services, police, fire and rescue services, and the academy for public security forces.
Cyware News – Latest Cyber News – Read More
Japan Warns of Attacks Linked to North Korean Kimsuky Hackers
/in General NewsThe attacks were detected earlier this year, with indicators of compromise shared by AhnLab Security Intelligence Center. The attackers initiate their attacks with phishing emails containing malicious attachments disguised as documents.
Cyware News – Latest Cyber News – Read More
Ever Wonder How Hackers Really Steal Passwords? Discover Their Tactics in This Webinar
/in General NewsIn today’s digital age, passwords serve as the keys to our most sensitive information, from social media accounts to banking and business systems. This immense power brings with it significant responsibility—and vulnerability.
Most people don’t realize their credentials have been compromised until the damage is done.
Imagine waking up to drained bank accounts, stolen identities, or a company’s
The Hacker News – Read More
Multiple Threat Actors Exploit PHP Flaw CVE-2024-4577 to Deliver Malware
/in General NewsThe PHP vulnerability, tracked as CVE-2024-4577, with a CVSS score of 9.8, allows attackers to execute commands on Windows systems using Chinese and Japanese language settings.
Cyware News – Latest Cyber News – Read More
How to log in to the Bitwarden password manager with a passkey
/in General NewsPasskeys are the next-gen authentication method for apps, accounts, and services. They’re easy to use and more secure than the traditional username and password combination.
Latest news – Read More