BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Cuttlefish Malware Targets Routers, Harvests Cloud Authentication Data
/in General NewsCuttlefish malware platform roaming around enterprise SOHO routers capable of covertly harvesting public cloud authentication data from internet traffic.
The post Cuttlefish Malware Targets Routers, Harvests Cloud Authentication Data appeared first on SecurityWeek.
SecurityWeek – Read More
New Wpeeper Android Malware Hides Behind Hacked WordPress Sites
/in General NewsA new Android backdoor malware named ‘Wpeeper’ has been spotted in at least two unofficial app stores mimicking the Uptodown App Store, a popular third-party app store for Android devices with over 220 million downloads.
Cyware News – Latest Cyber News – Read More
Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds
/in General NewsA forensic analysis of a graph dataset containing transactions on the Bitcoin blockchain has revealed clusters associated with illicit activity and money laundering, including detecting criminal proceeds sent to a crypto exchange and previously unknown wallets belonging to a Russian darknet market.
The findings come from Elliptic in collaboration with researchers from the&
The Hacker News – Read More
Learn Cybersecurity Skills From Scratch for Just $40
/in General NewsSave on tech services or switch to a lucrative new tech career by training at your own pace to develop high-demand cybersecurity skills.
Security | TechRepublic – Read More
Google Boosts Bug Bounty Payouts Tenfold in Mobile App Security Push
/in General NewsResearchers can earn as much as $450,000 for a single vulnerability report as Google boosts its mobile vulnerability rewards program.
The post Google Boosts Bug Bounty Payouts Tenfold in Mobile App Security Push appeared first on SecurityWeek.
SecurityWeek – Read More
Adobe Adds Content Credentials and Firefly to Bug Bounty Program
/in General NewsAdobe is providing incentives for bug bounty hackers to report security flaws in its implementation of Content Credentials and Adobe Firefly.
The post Adobe Adds Content Credentials and Firefly to Bug Bounty Program appeared first on SecurityWeek.
SecurityWeek – Read More
CISA Unveils Guidelines for AI and Critical Infrastructure
/in General NewsThe CISA on Monday released safety and security guidelines for critical infrastructure, a move that comes just days after the Department of Homeland Security announced the formation of a safety and security board focused on the same topic.
Cyware News – Latest Cyber News – Read More
DeepKeep Launches AI-Native Security Platform With $10 Million in Seed Funding
/in General NewsAI-Native Trust, Risk, and Security Management (TRiSM) startup DeepKeep raises $10 million in seed funding.
The post DeepKeep Launches AI-Native Security Platform With $10 Million in Seed Funding appeared first on SecurityWeek.
SecurityWeek – Read More
Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers
/in General NewsCybersecurity researchers have discovered a previously undocumented malware targeting Android devices that uses compromised WordPress sites as relays for its actual command-and-control (C2) servers for detection evasion.
The malware, codenamed Wpeeper, is an ELF binary that leverages the HTTPS protocol to secure its C2 communications.
“Wpeeper is a typical backdoor Trojan for Android
The Hacker News – Read More
Adobe Adds Firefly and AI Watermarking to Bug Bounty Program
/in General NewsResearchers can earn up to $10,000 for critical vulnerabilities in the generative AI products.
Security | TechRepublic – Read More