BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Researchers Dissect Infostealer Malware Targeting macOS Users
/in General NewsThe ongoing infostealer attacks targeting macOS users may have adopted different methods to compromise victims’ Macs, but operate with the end goal of stealing sensitive data, Jamf Threat Labs said in a report published Friday.
Cyware News – Latest Cyber News – Read More
Update: AT&T Confirms Data for 73 Million Customers Leaked on Hacker Forum
/in General NewsWhile the company continues to say there is no indication their systems were breached, it has now confirmed that the leaked data belongs to 73 million current and former customers.
Cyware News – Latest Cyber News – Read More
Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities
/in General NewsThe Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data.
“Vultur has also started masquerading more of its malicious activity by encrypting its C2 communication, using multiple encrypted payloads that are decrypted
The Hacker News – Read More
A Ghost Ship’s Doomed Journey Through the Gate of Tears
/in General NewsMillions lost internet service after three cables in the Red Sea were damaged. Houthi rebels deny targeting the cables, but their missile attack on a cargo ship, left adrift for months, is likely to blame.
Security Latest – Read More
You Should Update Apple iOS and Google Chrome ASAP
/in General NewsPlus: Microsoft patches over 60 vulnerabilities, Mozilla fixes two Firefox zero-day bugs, Google patches 40 issues in Android, and more.
Security Latest – Read More
AT&T Says Data on 73 Million Customers Leaked on Dark Web
/in General NewsAT&T used the Easter holiday weekend to quietly share details on data that surfaced on the dark web roughly two weeks ago.
The post AT&T Says Data on 73 Million Customers Leaked on Dark Web appeared first on SecurityWeek.
SecurityWeek – Read More
Israeli LGBTQ App Atraf Faces Data Leak, 700,000 Users Affected
/in General NewsBy Waqas
Another day, another alleged data breach putting hundred of thousands of unsuspecting users at risk.
This is a post from HackRead.com Read the original post: Israeli LGBTQ App Atraf Faces Data Leak, 700,000 Users Affected
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Can generative AI help address the cybersecurity resource gap?
/in General NewsFive ways generative AI can help with the cybersecurity skills shortage — from lowering the bar to entry to improving collaboration.Read More
Security News | VentureBeat – Read More
CISO Corner: Cyber-Pro Swindle; New Faces of Risk; Cyber Boosts Valuation
/in General NewsOur collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Australia gets its cyber-groove back, and 2023’s zero-day field day.
darkreading – Read More
Are You Affected by the Backdoor in XZ Utils?
/in General NewsIn this Tech Tip, we outline how to check if a system is impacted by the newly discovered backdoor in the open source xz compression utility.
darkreading – Read More