BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
NVD Leaves Exploited Vulnerabilities Unchecked
/in General NewsIn the report published on May 23, VulnCheck showed that 30 out of 59 known exploited vulnerabilities (KEVs) registered since February 12 have not yet been analyzed by the NVD team.
Cyware News – Latest Cyber News – Read More
Essential Features of Cybersecurity Management Software for MSPs
/in General NewsBy Uzair Amir
Protect your clients’ businesses from cyber threats with Cybersecurity Management Software. Explore the unified control panel, real-time threat…
This is a post from HackRead.com Read the original post: Essential Features of Cybersecurity Management Software for MSPs
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Malicious PyPI Packages Targeting Highly Specific MacOS Machines
/in General NewsCybersecurity researchers at Datadog Security Labs discovered malicious software packages targeting MacOS users through the Python Package Index (PyPI) and NPM repository.
Cyware News – Latest Cyber News – Read More
Worried About Job Security, Cyber Teams Hide Security Incidents
/in General NewsThe frequency and severity of attacks are increasing—yet most businesses remain unprepared, according to VikingCloud. Between a growing talent shortage, alert fatigue, and new sophisticated attack methods, companies are more susceptible than ever.
Cyware News – Latest Cyber News – Read More
Report: The Dark Side of Phishing Protection
/in General NewsThe transition to the cloud, poor password hygiene and the evolution in webpage technologies have all enabled the rise in phishing attacks. But despite sincere efforts by security stakeholders to mitigate them – through email protection, firewall rules and employee education – phishing attacks are still a very risky attack vector.
A new report by LayerX explores the state of
The Hacker News – Read More
Hackers Phish Finance Organizations in the US and Europe Using Trojanized Minesweeper Clone
/in General NewsCERT-UA reports that research following the initial discovery of this attack revealed at least five potential breaches by the same files in financial and insurance institutions across Europe and the United States.
Cyware News – Latest Cyber News – Read More
Fake Antivirus Websites Used to Distribute Info-Stealer Malware
/in General NewsResearchers at Trellix Advanced Research Center spotted fake AV sites used to distribute info-stealers. The malicious websites hosted sophisticated malicious files such as APK, EXE, and Inno setup installer, including spying and stealer capabilities.
Cyware News – Latest Cyber News – Read More
EU Wants Universities to Work with Intelligence Agencies to Protect Their Research
/in General NewsEurope’s leading research universities should work more closely with the continent’s intelligence agencies to help secure their research from being stolen by hostile states, EU member states recommended this week.
Cyware News – Latest Cyber News – Read More
Arc Browser’s Windows Launch Targeted by Google Ads Malvertising
/in General NewsAccording to a report by Malwarebytes, cybercriminals prepared for the product launch, setting up malicious advertisements on Google Search to lure users looking to download the new web browser.
Cyware News – Latest Cyber News – Read More
New Tricks in the Phishing Playbook: Cloudflare Workers, HTML Smuggling, GenAI
/in General NewsCybersecurity researchers are alerting of phishing campaigns that abuse Cloudflare Workers to serve phishing sites that are used to harvest users’ credentials associated with Microsoft, Gmail, Yahoo!, and cPanel Webmail.
The attack method, called transparent phishing or adversary-in-the-middle (AitM) phishing, “uses Cloudflare Workers to act as a reverse proxy server for a
The Hacker News – Read More