BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
GPS Jamming Is Screwing With Norwegian Planes
/in General NewsSo much jamming is taking place in northeastern Norway, regulators no longer want to know.
Security Latest – Read More
Anonymous Sudan DDoS Service Disrupted, Members Charged by US
/in General NewsThe DoJ has announced charges against Anonymous Sudan members and the disruption of their DDoS attack service.
The post Anonymous Sudan DDoS Service Disrupted, Members Charged by US appeared first on SecurityWeek.
SecurityWeek – Read More
U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks
/in General NewsFederal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire that conducted a record 35,000 DDoS attacks in a single year, including those that targeted Microsoft’s services in June 2023.
The attacks, which were facilitated by Anonymous Sudan’s “powerful DDoS tool,” singled out critical infrastructure, corporate networks,
The Hacker News – Read More
The Myth of Dark Web Anonymity & Invincibility: How Law Enforcement is Catching Up to Cybercriminals
/in General NewsDark web markets such as Silk Road and Sipulitie have relied on Tor’s anonymity features for years. Despite the robust technology, human errors frequently leave traces. These traces can range from cryptocurrency transactions and communication metadata to actual data seized from servers. Recent takedowns of these markets have exposed vulnerabilities in the dark web’s perceived anonymity.
Source
TechSplicer – Read More
Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk
/in General NewsA critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances.
The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addressed in version 0.1.38. The project maintainers acknowledged Nicolai Rybnikar for discovering and reporting the vulnerability.
“A security issue
The Hacker News – Read More
Iran’s APT34 Abuses MS Exchange to Spy on Gulf Gov’ts
/in General NewsA MOIS-aligned threat group has been using Microsoft Exchange servers to exfiltrate sensitive data from Gulf-state government agencies.
darkreading – Read More
Nvidia just dropped a new AI model that crushes OpenAI’s GPT-4—no big launch, just big results
/in General NewsNvidia quietly launched a groundbreaking AI model that surpasses OpenAI’s GPT-4 and Anthropic’s Claude 3.5, signaling a major shift in the competitive landscape of artificial intelligence.Read More
Security News | VentureBeat – Read More
Anthropic flags AI’s potential to ‘automate sophisticated destructive cyber attacks’
/in General NewsThe maker of Claude LLMs revises its safety guidelines to manage escalating risks.
Latest stories for ZDNET in Security – Read More
Hacker allegedly behind attacks on FBI, Airbus, National Public Data arrested in Brazil
/in General NewsPolice did not name the suspect, but a threat actor known as USDoD has long boasted of being behind the attacks that were highlighted by Brazilian law enforcement following the arrest.
The Record from Recorded Future News – Read More
Brazil arrests USDoD hacker tied to FBI, National Public Data breaches
/in General NewsBrazilian police have arrested the hacker known as USDoD, responsible for high-profile breaches including the FBI’s InfraGard and…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More