BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
HP Exposes Low-Effort, High-Impact Cat-Phishing Targeting Users
/in General NewsBy Waqas
New HP report reveals cybercriminals are increasingly leveraging “cat-phishing” techniques, exploiting open redirects in legitimate websites to deceive users and deliver malware.
This is a post from HackRead.com Read the original post: HP Exposes Low-Effort, High-Impact Cat-Phishing Targeting Users
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
US AI Experts Targeted in SugarGh0st RAT Campaign
/in General NewsResearchers believe the attacker is likely China-affiliated, since a previous version of the malware was used by a China nation-state attack group.
darkreading – Read More
GE Ultrasound Gear Riddled With Bugs, Open to Ransomware & Data Theft
/in General NewsThankfully, GE ultrasounds aren’t Internet-facing. Exploiting most of the bugs to cause serious damage to patients would require physical device access.
darkreading – Read More
Asian Threat Actors Use New Techniques to Attack Familiar Targets
/in General NewsGenerative AI and software supply chain attacks are being exploited to disrupt, manipulate, and steal.
darkreading – Read More
MIT Graduate Brothers Arrested for $25 Million Ethereum Heist
/in General NewsBy Deeba Ahmed
Two MIT graduates arrested for allegedly stealing $25 million in Ethereum through a sophisticated blockchain manipulation scheme. The DOJ cracks down on cryptocurrency theft, highlighting its focus on emerging financial crimes.
This is a post from HackRead.com Read the original post: MIT Graduate Brothers Arrested for $25 Million Ethereum Heist
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Brothers Arrested for $25 Million Theft in Ethereum Blockchain Attack
/in General NewsTwo brothers, Anton Peraire-Bueno and James Pepaire-Bueno, were arrested for allegedly manipulating the Ethereum blockchain and stealing $25 million worth of cryptocurrency within approximately 12 seconds in a “first-of-its-kind” scheme.
Cyware News – Latest Cyber News – Read More
New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks
/in General NewsResearchers have discovered a new security vulnerability stemming from a design flaw in the IEEE 802.11 Wi-Fi standard that tricks victims into connecting to a less secure wireless network and eavesdrop on their network traffic.
The SSID Confusion attack, tracked as CVE-2023-52424, impacts all operating systems and Wi-Fi clients, including home and mesh networks that are based on
The Hacker News – Read More
Shadow IT: Personal GitHub Repos Expose Employee Cloud Secrets
/in General NewsBy Deeba Ahmed
Alerted by a recent discovery of employee personal GitHub repos exposing internal Azure and Red Hat secrets, this article dives into the dangers of Shadow IT and offers solutions to prevent cloud credential leaks and secure your cloud environment.
This is a post from HackRead.com Read the original post: Shadow IT: Personal GitHub Repos Expose Employee Cloud Secrets
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Google patches another zero-day exploit in Chrome – and this one affects Edge too
/in General NewsHere’s what Chrome and Edge users need to know – and do – now.
Latest stories for ZDNET in Security – Read More
UK: NCSC to Defend ‘High-Risk’ Political Candidates from Cyberattacks
/in General NewsThe Personal Internet Protection (PIP) service aims to provide an additional layer of security to individuals at “high-risk” of cyberattacks like spear-phishing, malware and other threats, ahead of the upcoming election year.
Cyware News – Latest Cyber News – Read More