BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
New Latrodectus Malware Attacks Use Microsoft, Cloudflare Themes
/in General NewsLatrodectus malware is now being distributed in phishing campaigns using Microsoft Azure and Cloudflare lures to appear legitimate while making it harder for email security platforms to detect the emails as malicious.
Cyware News – Latest Cyber News – Read More
Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia
/in General NewsA former employee of the U.S. National Security Agency (NSA) has been sentenced to nearly 22 years (262 months) in prison for attempting to transfer classified documents to Russia.
“This sentence should serve as a stark warning to all those entrusted with protecting national defense information that there are consequences to betraying that trust,” said FBI Director Christopher Wray.
The Hacker News – Read More
Belarus Secret Service Website Still Down After Hackers Claim the Breach
/in General NewsThe hackers, known as the Belarusian Cyber-Partisans, announced their operation against the KGB late last week. The agency has not commented on the attack, but on Monday its website says that it is “in the process of development.”
Cyware News – Latest Cyber News – Read More
Verizon DBIR: Basic Security Gaffes Underpin Bumper Crop of Breaches
/in General NewsMOVEit drove a big chunk of the increase, but human vulnerability to social engineering and failure to patch known bugs led to a doubling of breaches since 2023, said Verizon Business.
darkreading – Read More
UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike
/in General NewsUnitedHealth Group’s CEO Andrew Witty shares details on the damaging cyberattack in testimony before a US Congress committee set for May 1, 2024.
The post UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike appeared first on SecurityWeek.
SecurityWeek – Read More
Canadian Drug Chain in Temporary Lockdown Mode After Cyber Incident
/in General NewsLondon Drugs offered no details about the nature of the incident, nor when its pharmacies would be functioning normally again.
darkreading – Read More
Attackers Planted Millions of Imageless Repositories on Docker Hub
/in General NewsThe purported metadata for each these containers had embedded links to malicious files.
darkreading – Read More
China Has a Controversial Plan for Brain-Computer Interfaces
/in General NewsChina’s brain-computer interface technology is catching up to the US. But it envisions a very different use case: cognitive enhancement.
Security Latest – Read More
Finnish Hacker Gets Prison for Accessing Thousands of Psychotherapy Records and Demanding Ransoms
/in General NewsIn February 2023, French police arrested well-known Finnish hacker Aleksanteri Kivimäki, who was living under a false identity near Paris. He was deported to Finland. His trial ended last month.
The post Finnish Hacker Gets Prison for Accessing Thousands of Psychotherapy Records and Demanding Ransoms appeared first on SecurityWeek.
SecurityWeek – Read More
Docker Hub Users Targeted With Imageless, Malicious Repositories
/in General NewsJFrog raises an alarm after finding three large-scale malware campaigns targeting Docker Hub with imageless repositories.
The post Docker Hub Users Targeted With Imageless, Malicious Repositories appeared first on SecurityWeek.
SecurityWeek – Read More