BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Hackers Exploit Legitimate Packer Software to Spread Malware Undetected
/in General NewsThreat actors are increasingly abusing legitimate and commercially available packer software such as BoxedApp to evade detection and distribute malware such as remote access trojans and information stealers.
“The majority of the attributed malicious samples targeted financial institutions and government industries,” Check Point security researcher Jiri Vinopal said in an analysis.
The volume of
The Hacker News – Read More
1Password Review: Features, Pricing & Security
/in General News1Password’s top-tier security and sleek user interface make it a solid password manager to try this year. Read our hands-on 1Password review to learn more.
Security | TechRepublic – Read More
The Lords of Silicon Valley Are Thrilled to Present a ‘Handheld Iron Dome’
/in General NewsZeroMark wants to build a system that will let soldiers easily shoot a drone out of the sky with the weapons they’re already carrying—and venture capital firm a16z is betting the startup can pull it off.
Security Latest – Read More
Google Maps Timeline Data to be Stored Locally on Your Device for Privacy
/in General NewsGoogle has announced plans to store Maps Timeline data locally on users’ devices instead of their Google account effective December 1, 2024.
The changes were originally announced by the tech giant in December 2023, alongside changes to the auto-delete control when enabling Location History by setting it to three months by default, down from the previous limit of 18 months.
Google Maps Timeline,
The Hacker News – Read More
FBI Says It Has 7,000 LockBit Ransomware Decryption Keys
/in General NewsThe FBI has obtained more than 7,000 LockBit ransomware decryption keys and is urging victims to get in touch with its IC3.
The post FBI Says It Has 7,000 LockBit Ransomware Decryption Keys appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers Target Python Developers with Fake “Crytic-Compilers” Package on PyPI
/in General NewsCybersecurity researchers have discovered a malicious Python package uploaded to the Python Package Index (PyPI) repository that’s designed to deliver an information stealer called Lumma (aka LummaC2).
The package in question is crytic-compilers, a typosquatted version of a legitimate library named crytic-compile. The rogue package was downloaded 441 times before it was taken down by PyPI
The Hacker News – Read More
How to Lead an Army of Digital Sleuths in the Age of AI
/in General NewsEliot Higgins and his 28,000 forensic foot soldiers at Bellingcat have kept a miraculous nose for truth—and a sharp sense of its limits—in Gaza, Ukraine, and everywhere else atrocities hide online.
Security Latest – Read More
RansomHub Actors Exploit ZeroLogon Vuln in Recent Ransomware Attacks
/in General NewsCVE-2020-1472 is a privilege escalation flaw that allows an attacker to take over an organization’s domain controllers.
darkreading – Read More
Hijacking Scheme Takes Over High-Profile TikTok Accounts
/in General NewsHijacking malware gets spread through TikTok’s direct messaging and doesn’t require the victim to click links or download anything.
darkreading – Read More
Database Mess Up: Aussie Food Giant Patties Foods Leaks Trove of Data
/in General NewsData breach at Australian fast food giant Patties Foods exposes critical customer data! Learn what information may be…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More