BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Apache Cordova App Harness Targeted in Dependency Confusion Attack
/in General NewsResearchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness.
Dependency confusion attacks take place owing to the fact that package managers check the public repositories before private registries, thus allowing a threat actor to publish a malicious package with the same name to a public package repository.
This&
The Hacker News – Read More
0G and OnePiece Labs Collaborate to Create Crypto x AI Incubator
/in General NewsBy Owais Sultan
0G Labs and One Piece Labs have announced the launch of the first incubator for startups working at…
This is a post from HackRead.com Read the original post: 0G and OnePiece Labs Collaborate to Create Crypto x AI Incubator
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
The best free VPNs of 2024: Expert tested
/in General NewsFree VPNs can come with security risks. But there are solid limited-service free VPNs provided by reputable companies that may fit your needs — here’s what to know.
Latest stories for ZDNET in Security – Read More
Fraudsters Exploit Telegram’s Popularity for Toncoin Scam
/in General NewsThe perpetrators attract unsuspecting Telegram users through a referral system, enticing them with promises of an “exclusive earning program” shared via contacts in their network.
Cyware News – Latest Cyber News – Read More
The Battle Continues: Mandiant Report Shows Improved Detection But Persistent Adversarial Success
/in General NewsMandiant’s M-Trends 2024 report shows that defenses are improving – and that may be true. But the reality remains that these same statistics demonstrate that if anything, the attackers still retain the upper hand.
The post The Battle Continues: Mandiant Report Shows Improved Detection But Persistent Adversarial Success appeared first on SecurityWeek.
SecurityWeek – Read More
US Gov Slaps Visa Restrictions on Spyware Honchos
/in General NewsThe State Department can now deny entrance to the US for individuals accused of profiting from spyware-related human rights abuses, and their immediate family members.
darkreading – Read More
GitHub Comments Abused to Spread Malware in Fake Microsoft Repositories
/in General NewsBy Deeba Ahmed
Hackers are exploiting GitHub comments to spread malware disguised as Microsoft software downloads tricking users into downloading malware.
This is a post from HackRead.com Read the original post: GitHub Comments Abused to Spread Malware in Fake Microsoft Repositories
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Russia’s Fancy Bear Pummels Windows Print Spooler Bug
/in General NewsThe infamous Russian threat actor has created a custom tool called GooseEgg to exploit CVE-2022-38028 in cyber-espionage attacks against targets in Ukraine, Western Europe, and North America.
darkreading – Read More
Lessons for CISOs From OWASP’s LLM Top 10
/in General NewsIt’s time to start regulating LLMs to ensure they’re accurately trained and ready to handle business deals that could affect the bottom line.
darkreading – Read More
UnitedHealth Says Patient Data Exposed in Change Healthcare Cyberattack
/in General NewsUnitedHealth confirms that personal and health information was stolen in a ransomware attack that could cost the company up to $1.6 billion.
The post UnitedHealth Says Patient Data Exposed in Change Healthcare Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More