BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Mastodon Delays Firm Fix to Solve Link Preview DDoS Issue
/in General NewsMastodon delayed a firm fix for link preview DDoS issues, pushing it back to version 4.4.0 from the expected 4.3.0 release. The issue arises from the decentralized nature of Mastodon, where link previews generate excessive traffic on host servers.
Cyware News – Latest Cyber News – Read More
Citrix Addresses High-Severity NetScaler Servers Flaw
/in General NewsCitrix appears to have quietly addressed a vulnerability in its NetScaler ADC and Gateway appliances that gave remote, unauthenticated attackers a way to obtain potentially sensitive information from the memory of affected systems.
Cyware News – Latest Cyber News – Read More
MITRE Hack: China-Linked Group Breached Systems in December 2023
/in General NewsMITRE has shared more details on the recent hack, including the new malware involved in the attack and a timeline of the attacker’s activities.
The post MITRE Hack: China-Linked Group Breached Systems in December 2023 appeared first on SecurityWeek.
SecurityWeek – Read More
NATO and the EU Formally Condemned APT28 Cyber Espionage
/in General NewsThe nation-state actor APT28 exploited the zero-day flaw CVE-2023-23397 in attacks against European entities since April 2022. The Russia-linked APT also targeted NATO entities and Ukrainian government agencies.
Cyware News – Latest Cyber News – Read More
Anetac Raises $16M in Funding
/in General NewsAnetac, a startup protecting companies from blind spots of service accounts in hybrid environments, raised $16M in funding. The round was led by Liberty Global with participation from Shield Capital, GP Ventures, Anetac CEO Tim Eades and Jason Witty.
Cyware News – Latest Cyber News – Read More
Citrix Addresses High-Severity Flaw in NetScaler ADC and Gateway
/in General NewsThe flaw was nearly identical to last year’s CitrixBleed flaw, though not as severe.
darkreading – Read More
Supply Chain Breaches Up 68% Year Over Year, According to DBIR
/in General NewsAs Verizon Business redefines “supply chain breach,” it could either help organizations address third-party risk holistically or just conflate and confuse.
darkreading – Read More
Cuckoo Mac Malware Mimics Music Converter to Steals Passwords and Crypto
/in General NewsBy Deeba Ahmed
Cuckoo malware targets macOS users, stealing passwords, browsing history, crypto wallet details & more. Disguised as a music converter, it poses a major security risk. Learn how to protect yourself from this sophisticated infostealer.
This is a post from HackRead.com Read the original post: Cuckoo Mac Malware Mimics Music Converter to Steals Passwords and Crypto
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
LLMs & Malicious Code Injections: ‘We Have to Assume It’s Coming’
/in General NewsLarge language models promise to enhance secure software development life cycles, but there are unintended risks as well, CISO warns at RSAC.
darkreading – Read More
BigID Launches Industry-First Hybrid Scanning for Cloud Native Workloads
/in General NewsPost Content
darkreading – Read More