BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Addressing the Cybersecurity Vendor Ecosystem Disconnect
/in General NewsHow security teams can bridge the gap between short-term profits and long-term business needs.
darkreading – Read More
CrowdStrike launches advanced SIEM to power the AI-native SOC at RSAC 2024
/in General NewsWith attackers setting speed records for breakouts and tool download times, every security operations center (SOC) team needs to consider how AI can help bend time in their favor. It takes just two minutes and seven seconds to move laterally within a system after gaining access, and just 31 seconds for an attacker to download a toolkit and st…Read More
Security News | VentureBeat – Read More
Santander Falls Victim to Data Breach Involving Third-Party Provider
/in General NewsThe company reports that customers based in Chile, Spain, and Uruguay were the primary victims of the breach, alongside some former employees of the global bank.
darkreading – Read More
HP Exposes Low-Effort, High-Impact Cat-Phishing Targeting Users
/in General NewsBy Waqas
New HP report reveals cybercriminals are increasingly leveraging “cat-phishing” techniques, exploiting open redirects in legitimate websites to deceive users and deliver malware.
This is a post from HackRead.com Read the original post: HP Exposes Low-Effort, High-Impact Cat-Phishing Targeting Users
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
US AI Experts Targeted in SugarGh0st RAT Campaign
/in General NewsResearchers believe the attacker is likely China-affiliated, since a previous version of the malware was used by a China nation-state attack group.
darkreading – Read More
GE Ultrasound Gear Riddled With Bugs, Open to Ransomware & Data Theft
/in General NewsThankfully, GE ultrasounds aren’t Internet-facing. Exploiting most of the bugs to cause serious damage to patients would require physical device access.
darkreading – Read More
Asian Threat Actors Use New Techniques to Attack Familiar Targets
/in General NewsGenerative AI and software supply chain attacks are being exploited to disrupt, manipulate, and steal.
darkreading – Read More
MIT Graduate Brothers Arrested for $25 Million Ethereum Heist
/in General NewsBy Deeba Ahmed
Two MIT graduates arrested for allegedly stealing $25 million in Ethereum through a sophisticated blockchain manipulation scheme. The DOJ cracks down on cryptocurrency theft, highlighting its focus on emerging financial crimes.
This is a post from HackRead.com Read the original post: MIT Graduate Brothers Arrested for $25 Million Ethereum Heist
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Brothers Arrested for $25 Million Theft in Ethereum Blockchain Attack
/in General NewsTwo brothers, Anton Peraire-Bueno and James Pepaire-Bueno, were arrested for allegedly manipulating the Ethereum blockchain and stealing $25 million worth of cryptocurrency within approximately 12 seconds in a “first-of-its-kind” scheme.
Cyware News – Latest Cyber News – Read More
New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks
/in General NewsResearchers have discovered a new security vulnerability stemming from a design flaw in the IEEE 802.11 Wi-Fi standard that tricks victims into connecting to a less secure wireless network and eavesdrop on their network traffic.
The SSID Confusion attack, tracked as CVE-2023-52424, impacts all operating systems and Wi-Fi clients, including home and mesh networks that are based on
The Hacker News – Read More