BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Hackers Targeting Human Rights Activists in Morocco and Western Sahara
/in General NewsHuman rights activists in Morocco and the Western Sahara region are the targets of a new threat actor that leverages phishing attacks to trick victims into installing bogus Android apps and serve credential harvesting pages for Windows users.
Cisco Talos is tracking the activity cluster under the name Starry Addax, describing it as primarily singling out activists associated with
The Hacker News – Read More
Phishing Deception – Suspended Domains Reveal Malicious Payload for Latin American Region
/in General NewsThe phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious file download posing as an invoice. The email header has an email address format that uses the domain ‘temporary[.]link’.
Cyware News – Latest Cyber News – Read More
US Health Deptarment Warns Hospitals of Hackers Targeting IT Help Desks
/in General NewsThe U.S. Department of Health and Human Services (HHS) warns that hackers are now using social engineering tactics to target IT help desks across the Healthcare and Public Health (HPH) sector.
Cyware News – Latest Cyber News – Read More
SAP’s April 2024 Updates Patch High-Severity Vulnerabilities
/in General NewsSAP has released 12 new and updated security notes on April 2024 Security Patch Day, including three notes dealing with high-severity vulnerabilities.
The post SAP’s April 2024 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
91,000 Smart LG TV Devices Vulnerable to Remote Takeover
/in General NewsBy Waqas
LG TVs vulnerable! Update now to block hackers from taking control & stealing data (webOS 4-7). Millions at risk!
This is a post from HackRead.com Read the original post: 91,000 Smart LG TV Devices Vulnerable to Remote Takeover
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
ICS Patch Tuesday: Siemens Addresses Palo Alto Networks Product Vulnerabilities
/in General NewsSiemens and Schneider Electric release their ICS Patch Tuesday advisories for April 2024, informing customers about dozens of vulnerabilities.
The post ICS Patch Tuesday: Siemens Addresses Palo Alto Networks Product Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Researchers Discover LG Smart TV Vulnerabilities Allowing Root Access
/in General NewsMultiple security vulnerabilities have been disclosed in LG webOS running on its smart televisions that could be exploited to bypass authorization and gain root access on the devices.
The findings come from Romanian cybersecurity firm Bitdefender, which discovered and reported the flaws in November 2023. The issues were fixed by LG as part of updates released on March 22, 2024.
The
The Hacker News – Read More
Raindex Launches On Flare To Power Decentralized CEX-Style Trading
/in General NewsBy Owais Sultan
Flare, the blockchain for data, has announced the launch of the Raindex desktop app: a new intents-like DEX…
This is a post from HackRead.com Read the original post: Raindex Launches On Flare To Power Decentralized CEX-Style Trading
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Frameworks, Guidelines & Bounties Alone Won’t Defeat Ransomware
/in General NewsWe need more than “do-it-yourself” approaches to threats that clearly rise to the level of national security issues.
darkreading – Read More
Microsoft Two-Step Phishing Campaign Targets LinkedIn Users
/in General NewsA new LinkedIn threat combines breached users’ accounts and an evasive 2-step phishing attack. A recent Python-based infostealer called Snake targets Facebook users with malicious messages.
Cyware News – Latest Cyber News – Read More