BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
New Attack Lets Hackers Downgrade Windows to Exploit Patched Flaws
/in General NewsSafeBreach Labs unveils ‘Windows Downdate,’ a new attack method which compromises Windows 11 by downgrading system components, and…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Four REvil Ransomware Members Sentenced in Rare Russian Cybercrime Convictions
/in General NewsFour members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances where cybercriminals from the country have been convicted of hacking and money laundering charges.
Russian news publication Kommersant reported that a court in St. Petersburg found Artem Zaets, Alexei Malozemov, Daniil Puzyrevsky, and Ruslan
The Hacker News – Read More
Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining
/in General NewsThe infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached servers to third-parties.
“The group is currently targeting exposed Docker daemons to deploy Sliver malware, a cyber worm, and cryptominers, using compromised servers and Docker Hub as the infrastructure
The Hacker News – Read More
CERT-UA Identifies Malicious RDP Files in Latest Attack on Ukrainian Entities
/in General NewsThe Computer Emergency Response Team of Ukraine (CERT-UA) has detailed a new malicious email campaign targeting government agencies, enterprises, and military entities.
“The messages exploit the appeal of integrating popular services like Amazon or Microsoft and implementing a zero-trust architecture,” CERT-UA said. “These emails contain attachments in the form of Remote Desktop Protocol (‘.rdp’
The Hacker News – Read More
FBI, CISA investigating China-linked telecom hacks following reports of intrusions on Trump, Harris phones
/in General NewsThe agencies said they are “investigating the unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People’s Republic of China.”
The Record from Recorded Future News – Read More
LinkedIn founder Reid Hoffman unveils ‘super agency’ vision at TED AI conference, takes subtle shot at Elon Musk
/in General NewsLinkedIn co-founder Reid Hoffman introduces ‘super agency’ framework for AI development, dismissing near-term election risks while advocating for balanced regulation and human-AI collaboration in emerging cognitive technologies.Read More
Security News | VentureBeat – Read More
Chinese Hackers Target Trump Campaign via Verizon Breach
/in General NewsPlus: Apple offers $1 million to hack its AI cloud infrastructure, Iranian hackers successfully peddle stolen Trump campaign docs, Russia hacks the nation of Georgia, and a “cyberattack” that wasn’t.
Security Latest – Read More
LinkedIn Hit With $335M Fine for Data Privacy Violations
/in General NewsThe networking company found liable for illegally gathering user data for targeted advertising by the Irish Data Protection Commission.
darkreading – Read More
Russia’s APT29 Mimics AWS to Steal Windows Credentials
/in General NewsKremlin intelligence carried out a wide-scale phishing campaign in contrast to its usual, more targeted operations.
darkreading – Read More
SEC Fines Companies Millions for Downplaying SolarWinds Breach
/in General NewsFour companies — Avaya, Check Point, Mimecast, and Unisys — have been charged by the SEC for misleading disclosures in the aftermath of the 2020 SolarWinds compromise.
darkreading – Read More