BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
FBCS Collection Agency Data Breach Impacts 2.7 Million
/in General NewsFinancial Business and Consumer Solutions (FBCS) says the personal information of 2.7 million was impacted in the recent data breach.
The post FBCS Collection Agency Data Breach Impacts 2.7 Million appeared first on SecurityWeek.
SecurityWeek – Read More
$2.5 Million Offered at Upcoming ‘Matrix Cup’ Chinese Hacking Contest
/in General NewsThe Chinese hacking contest Matrix Cup is offering big rewards for exploits targeting OSs, smartphones, enterprise software, browsers, and security products.
The post $2.5 Million Offered at Upcoming ‘Matrix Cup’ Chinese Hacking Contest appeared first on SecurityWeek.
SecurityWeek – Read More
AI-Powered Russian Network Pushes Fake Political News
/in General NewsSecurity researchers have discovered a major new Russian disinformation campaign using generative AI (GenAI) to “plagiarize and weaponize” content from major news organizations, in a bid to influence Western voters.
Cyware News – Latest Cyber News – Read More
FIN7 Uses Trusted Brands and Sponsored Google Ads to Distribute MSIX Payloads
/in General NewsThe financially motivated group FIN7 has been observed leveraging malicious Google ads that impersonate legitimate brands to deliver NetSupport RAT, highlighting the ongoing threat of malvertising and the abuse of signed MSIX files by cybercriminals.
Cyware News – Latest Cyber News – Read More
Feds, Military Personnel Compete in President’s Cyber Cup Challenge
/in General NewsArtificially Intelligent — a team of four Army servicemembers and one from the Air Force — won the 2024 President’s Cyber Cup Challenge, a five-year-old competition open to federal government and U.S. military personnel.
Cyware News – Latest Cyber News – Read More
Selfie Spoofing Becomes Popular Identity Document Fraud Technique
/in General NewsSelfie spoofing and document image-of-image fraud have become the most prevalent identity document fraud techniques, with older demographics being targeted at nearly four times the rate, according to Socure.
Cyware News – Latest Cyber News – Read More
Malicious Go Binary Delivered via Steganography in PyPI
/in General NewsThe malicious package, called “requests-darwin-lite”, was a fork of the popular “requests” Python package. The attacker used the cmdclass feature in the setup.py file to customize the package installation process.
Cyware News – Latest Cyber News – Read More
Welcome to the Laser Wars
/in General NewsAmid a rising tide of adversary drones and missile attacks, laser weapons are finally poised to enter the battlefield.
Security Latest – Read More
Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo
/in General NewsCybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been found concealing a Golang-version of the Sliver command-and-control (C2) framework within a PNG image of the project’s logo.
The package employing this steganographic trickery is requests-darwin-lite, which has been
The Hacker News – Read More
Latvian TV Channels Hacked to Broadcast Russian Victory Day Parade
/in General NewsBy Deeba Ahmed
Confused Latvians woke up to the Russian Victory Day parade on their TVs! Hackers targeted a content delivery network to manipulate broadcasts exposing media supply chain vulnerabilities.
This is a post from HackRead.com Read the original post: Latvian TV Channels Hacked to Broadcast Russian Victory Day Parade
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More