BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Vermont Passes Data Privacy Law Allowing Consumers to Sue Companies
/in General NewsVermont has passed one of the strongest comprehensive data privacy laws in the country, which includes a provision allowing individuals to sue companies for violating their privacy rights.
Cyware News – Latest Cyber News – Read More
Apple Backports Fix for Zero-Day Exploited in Attacks to Older iPhones
/in General NewsThe flaw is a memory corruption issue in Apple’s RTKit real-time operating system that enables attackers with arbitrary kernel read and write capability to bypass kernel memory protections.
Cyware News – Latest Cyber News – Read More
Secrecy Concerns Mount Over Spy Powers Targeting US Data Centers
/in General NewsA coalition of digital rights groups is demanding the US declassify records that would clarify just how expansive a major surveillance program really is.
Security Latest – Read More
VMware Patches Severe Security Flaws in Workstation and Fusion Products
/in General NewsMultiple security flaws have been disclosed in VMware Workstation and Fusion products that could be exploited by threat actors to access sensitive information, trigger a denial-of-service (DoS) condition, and execute code under certain circumstances.
The four vulnerabilities impact Workstation versions 17.x and Fusion versions 13.x, with fixes available in version 17.5.2 and
The Hacker News – Read More
Leveraging DNS Tunneling for Tracking and Scanning
/in General NewsThreat actors are using DNS tunneling as a means to scan for network vulnerabilities and check the success of phishing campaigns, according to new research from Palo Alto Networks.
Cyware News – Latest Cyber News – Read More
INC Ransomware Source Code Selling on Hacking Forums for $300,000
/in General NewsThe source code of the INC ransomware-as-a-service (RaaS) operation, which has targeted organizations like Xerox Business Solutions, Yamaha Motor Philippines, and Scotland’s National Health Service (NHS), is being sold on hacking forums for $300,000.
Cyware News – Latest Cyber News – Read More
Dangerous Google Chrome Zero-Day Allows Sandbox Escape
/in General NewsExploit code is circulating for CVE-2024-4761, disclosed less than a week after a similar security vulnerability was disclosed as being used in the wild.
darkreading – Read More
Android Malware Poses as WhatsApp, Instagram, Snapchat to Steal Data
/in General NewsBy Deeba Ahmed
Android Security Alert- Hackers are disguising malware as popular apps like Instagram and Snapchat to steal your login details. Learn how to identify fake apps and protect yourself from this sneaky cyberattack.
This is a post from HackRead.com Read the original post: Android Malware Poses as WhatsApp, Instagram, Snapchat to Steal Data
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Adobe Patches Critical Flaws in Reader, Acrobat
/in General NewsAdobe documents multiple code execution flaws in a wide range of products, including the widely deployed Adobe Acrobat and Reader software.
The post Adobe Patches Critical Flaws in Reader, Acrobat appeared first on SecurityWeek.
SecurityWeek – Read More
Insider Threats Maintain a Rising Trend
/in General NewsInsider threats, including dishonest actions to obtain benefits through theft or deception, have seen a significant rise in the past year, driven by factors like rising cost of living, remote work, and the increasing sophistication of fraud tactics.
Cyware News – Latest Cyber News – Read More