BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines
/in General NewsSecurity researchers have disclosed almost a dozen security flaws impacting the GE HealthCare Vivid Ultrasound product family that could be exploited by malicious actors to tamper with patient data and even install ransomware under certain circumstances.
“The impacts enabled by these flaws are manifold: from the implant of ransomware on the ultrasound machine to the access and manipulation of
The Hacker News – Read More
Adobe Fixed Multiple Critical Flaws in Acrobat and Reader
/in General NewsAdobe patched 35 security vulnerabilities across a range of its products, including Acrobat, Reader, Illustrator, Substance 3D Painter, Aero, Animate, FrameMaker, and Dreamweaver.
Cyware News – Latest Cyber News – Read More
Personal Information Stolen in City of Wichita Ransomware Attack
/in General NewsThe City of Wichita says files containing personal information were exfiltrated in a recent ransomware attack.
The post Personal Information Stolen in City of Wichita Ransomware Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Cyber Pros Weigh an Intel-Sharing Quandary: What To Share When Attacks Hit Close to Home
/in General NewsCybersecurity professionals face a dilemma: sharing information after an attack can prevent future incidents, but businesses often hesitate due to fears of litigation, customer inquiries, and reputational harm.
Cyware News – Latest Cyber News – Read More
SIEM Stalwart LogRhythm to Merge With Exabeam
/in General NewsLogRhythm, a leading SIEM (Security Information and Event Management) company, is merging with Exabeam, another prominent SIEM player, in a move that aims to create a stronger, AI-driven security operations leader in the market.
Cyware News – Latest Cyber News – Read More
PDF Exploitation Targets Foxit Reader Users
/in General NewsCybersecurity researchers have discovered a concerning trend of PDF exploitation targeting users of Foxit Reader, a popular PDF software, with sophisticated attack chains and malware families being utilized in real-world scenarios.
Cyware News – Latest Cyber News – Read More
Third Chrome Zero-Day Patched by Google Within One Week
/in General NewsGoogle releases Chrome 125 to the stable channel with patches for nine vulnerabilities, including a zero-day.
The post Third Chrome Zero-Day Patched by Google Within One Week appeared first on SecurityWeek.
SecurityWeek – Read More
FBI Seizes Criminal Site BreachForums
/in General NewsThe FBI and the DOJ have seized control of the BreachForums hacking forum, which was a marketplace for cybercriminals to buy, sell, and trade stolen data and other illegal services, and are now investigating the forum and its admins.
Cyware News – Latest Cyber News – Read More
How Scammers Hijack Your Instagram
/in General NewsScammers exploit Instagram’s influencer program to hijack users’ accounts by hacking into them, posting about cryptocurrencies, and then tricking victims into providing their login credentials to “vote” for the scammer’s fake influencer contest.
Cyware News – Latest Cyber News – Read More
Nigeria Halts Cybersecurity Tax After Public Outrage
/in General NewsIn the midst of an economy struggling with soaring inflation, the Nigerian government paused plans to place a levy on domestic transactions that was aimed at enhancing cybersecurity.
darkreading – Read More