BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Human Error Still Perceived as the Achilles’ Heel of Cybersecurity
/in General NewsWhile fears of cyberattacks continue to rise, CISOs demonstrate increasing confidence in their ability to defend against these threats, reflecting a significant shift in the cybersecurity landscape, according to Proofpoint.
Cyware News – Latest Cyber News – Read More
Phishing with Cloudflare Workers: Transparent Phishing and HTML Smuggling
/in General NewsOne campaign uses HTML smuggling to hide the phishing content from network inspection. The other uses a method called transparent phishing, where the attacker uses Cloudflare Workers to act as a reverse proxy server for a legitimate login page.
Cyware News – Latest Cyber News – Read More
WordPress Plugin Exploited to Steal Credit Card Data from E-commerce Sites
/in General NewsUnknown threat actors are abusing lesser-known code snippet plugins for WordPress to insert malicious PHP code in victim sites that are capable of harvesting credit card data.
The campaign, observed by Sucuri on May 11, 2024, entails the abuse of a WordPress plugin called Dessky Snippets, which allows users to add custom PHP code. It has over 200 active installations.
The Hacker News – Read More
TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks
/in General NewsA maximum-severity security flaw has been disclosed in the TP-Link Archer C5400X gaming router that could lead to remote code execution on susceptible devices by sending specially crafted requests.
The vulnerability, tracked as CVE-2024-5035, carries a CVSS score of 10.0. It impacts all versions of the router firmware including and prior to 1_1.1.6. It has 
The Hacker News – Read More
Best Practices for Cloud Computing Security
/in General NewsBy Owais Sultan
Cloud security is crucial for businesses. Here are vital tips to safeguard your data, including choosing a secure…
This is a post from HackRead.com Read the original post: Best Practices for Cloud Computing Security
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Get 9 Courses on Ethical Hacking for Just $50
/in General NewsKickstart a lucrative career in pentesting and ethical hacking with this nine-course bundle from IDUNOVA, now on sale for just $49.99 for a limited time.
Security | TechRepublic – Read More
Australian Telecom Watchdog Sues Optus Over 2022 Data Breach
/in General NewsThe Australian Communications and Media Authority said it has filed proceedings against Optus in a federal court as the company failed to protect sensitive customer data during a data breach in September 2022 that affected close to 10 million people.
Cyware News – Latest Cyber News – Read More
Hajj Pilgrimage Hit by Extensive Phishing and Data Theft Scams
/in General NewsBy Waqas
Planning to perform Hajj this year? Ensure your journey to Saudi Arabia is secure and avoid online scams that could jeopardize your life savings and personal data.
This is a post from HackRead.com Read the original post: Hajj Pilgrimage Hit by Extensive Phishing and Data Theft Scams
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
SentinelOne vs Palo Alto: Compare EDR software
/in General NewsCompare the key features of two EDR tools: SentinelOne’s Singularity XDR and Palo Alto’s Cortex XDR.
Security | TechRepublic – Read More
Moroccan Cybercrime Group Steals Up to $100K Daily Through Gift Card Fraud
/in General NewsMicrosoft is calling attention to a Morocco-based cybercrime group dubbed Storm-0539 that’s behind gift card fraud and theft through highly sophisticated email and SMS phishing attacks.
“Their primary motivation is to steal gift cards and profit by selling them online at a discounted rate,” the company said in its latest Cyber Signals report. “We’ve seen some examples where
The Hacker News – Read More