BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Android 15 Rolls Out Advanced Features to Protect Users from Scams and Malicious Apps
/in General NewsGoogle is unveiling a set of new features in Android 15 to prevent malicious apps installed on the device from capturing sensitive data.
This constitutes an update to the Play Integrity API that third-party app developers can take advantage of to secure their applications against malware.
“Developers can check if there are other apps running that could be capturing the screen, creating
The Hacker News – Read More
Thoma Bravo-owned LogRhythm Announces Merger with Rival Exabeam
/in General NewsFinancial terms were not released but the price tag is expected to be hefty with Exabeam’s most recent valuation pegged at $2.5 billion.
The post Thoma Bravo-owned LogRhythm Announces Merger with Rival Exabeam appeared first on SecurityWeek.
SecurityWeek – Read More
Android 15 Theft Detection Lock Knows When Your Phone Is Stolen
/in General NewsGoogle is introducing new AI-powered safety tools in Android 15 that can lock down your phone if thieves nab it.
Security Latest – Read More
Popular Cyber Crime Forum Breach Forums Seized by Police
/in General NewsBy Waqas
In a major blow to cybercrime, Breach Forums, a notorious online marketplace for stolen data, has been seized by the FBI and Department of Justice (DoJ). This unprecedented takedown includes not just the clear web domain, but also the dark web, escrow sections and Telegram accounts.
This is a post from HackRead.com Read the original post: Popular Cyber Crime Forum Breach Forums Seized by Police
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Russian Actors Weaponize Legitimate Services in Multi-Malware Attack
/in General NewsThe threat actor, likely located in the Commonwealth of Independent States (CIS), strategically targeted a spectrum of operating systems and computer architectures in the credential harvesting campaign, including Windows and macOS.
Cyware News – Latest Cyber News – Read More
FTC Fires ‘Shot Across the Bow’ at Automakers Over Connected-Car Data Privacy
/in General NewsThe FTC issued a strong warning to automakers about their data collection and sharing practices, particularly regarding the sale of sensitive geolocation data, and emphasized that it will take enforcement action to protect consumer privacy.
Cyware News – Latest Cyber News – Read More
D-Link Routers Vulnerable to Takeover Via Exploit for Zero-Day
/in General NewsA vulnerability in the HNAP login request protocol that affects a family of devices gives unauthenticated users root access for command execution.
darkreading – Read More
Report: Data Breaches in US Schools Exposed 37.6M Records
/in General NewsAccording to Comparitech, data breaches in US schools have exposed over 37.6 million records since 2005, with a significant surge in 2023 due to vulnerabilities in the MOVEit file transfer software affecting over 800 institutions.
Cyware News – Latest Cyber News – Read More
Threat Actors Abuse GitHub to Distribute Multiple Information Stealers
/in General NewsRussian-speaking threat actors are caught abusing a GitHub profile to distribute information stealers posing as legitimate software.
The post Threat Actors Abuse GitHub to Distribute Multiple Information Stealers appeared first on SecurityWeek.
SecurityWeek – Read More
SideCopy APT Campaign Found Targeting Indian Universities
/in General NewsActive since May 2023, the SideCopy APT campaign targets university students through sophisticated infection chains involving malicious LNK files, HTAs, and loader DLLs disguised as legitimate documents.
Cyware News – Latest Cyber News – Read More