BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
SIEM Stalwart LogRhythm to Merge With Exabeam
/in General NewsLogRhythm, a leading SIEM (Security Information and Event Management) company, is merging with Exabeam, another prominent SIEM player, in a move that aims to create a stronger, AI-driven security operations leader in the market.
Cyware News – Latest Cyber News – Read More
PDF Exploitation Targets Foxit Reader Users
/in General NewsCybersecurity researchers have discovered a concerning trend of PDF exploitation targeting users of Foxit Reader, a popular PDF software, with sophisticated attack chains and malware families being utilized in real-world scenarios.
Cyware News – Latest Cyber News – Read More
Third Chrome Zero-Day Patched by Google Within One Week
/in General NewsGoogle releases Chrome 125 to the stable channel with patches for nine vulnerabilities, including a zero-day.
The post Third Chrome Zero-Day Patched by Google Within One Week appeared first on SecurityWeek.
SecurityWeek – Read More
FBI Seizes Criminal Site BreachForums
/in General NewsThe FBI and the DOJ have seized control of the BreachForums hacking forum, which was a marketplace for cybercriminals to buy, sell, and trade stolen data and other illegal services, and are now investigating the forum and its admins.
Cyware News – Latest Cyber News – Read More
How Scammers Hijack Your Instagram
/in General NewsScammers exploit Instagram’s influencer program to hijack users’ accounts by hacking into them, posting about cryptocurrencies, and then tricking victims into providing their login credentials to “vote” for the scammer’s fake influencer contest.
Cyware News – Latest Cyber News – Read More
Nigeria Halts Cybersecurity Tax After Public Outrage
/in General NewsIn the midst of an economy struggling with soaring inflation, the Nigerian government paused plans to place a levy on domestic transactions that was aimed at enhancing cybersecurity.
darkreading – Read More
BreachForums Shut Down in Apparent Law Enforcement Operation
/in General NewsThe hacking forum BreachForums is displaying a notice claiming that the website is under the control of the FBI.
The post BreachForums Shut Down in Apparent Law Enforcement Operation appeared first on SecurityWeek.
SecurityWeek – Read More
Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks
/in General NewsThe Microsoft Threat Intelligence team said it has observed a threat it tracks under the name Storm-1811 abusing the client management tool Quick Assist to target users in social engineering attacks.
“Storm-1811 is a financially motivated cybercriminal group known to deploy Black Basta ransomware,” the company said in a report published on May 15, 2024.
The
The Hacker News – Read More
Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability
/in General NewsGoogle has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been exploited in the wild.
Assigned the CVE identifier CVE-2024-4947, the vulnerability relates to a type confusion bug in the V8 JavaScript and WebAssembly engine. It was reported by Kaspersky researchers Vasily Berdnikov and Boris
The Hacker News – Read More
In First AI Dialogue, US Cites ‘Misuse’ of AI by China, Beijing Protests Washington’s Restrictions
/in General NewsChina advocates for the United Nations to take a leading role in the global governance of AI, a move that could sideline the U.S.
The post In First AI Dialogue, US Cites ‘Misuse’ of AI by China, Beijing Protests Washington’s Restrictions appeared first on SecurityWeek.
SecurityWeek – Read More