BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Update: Yacht Retailer MarineMax Discloses Data Breach After Cyberattack
/in General NewsMarineMax filed an updated report to regulators at the Securities and Exchange Commission on Monday warning that customer and employee information was stolen during the incident. The Rhysida ransomware gang took credit for the attack on March 21.
Cyware News – Latest Cyber News – Read More
StealthMole raises $7M Series A for its AI-Powered Dark Web Intelligence Platform
/in General NewsStealthMole, an AI-powered dark web intelligence startup that specializes in monitoring cyber threats and detecting cybercrime, announced Thursday that it has raised a $7 million Series A funding round.
Cyware News – Latest Cyber News – Read More
Massive Phishing Campaign Strikes Latin America: Venom RAT Targeting Multiple Sectors
/in General NewsThe threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of deploying Venom RAT.
The attacks primarily singled out hotel, travel, trading, financial, manufacturing, industrial, and government verticals in Spain, Mexico, United States, Colombia, Portugal, Brazil, Dominican Republic, and
The Hacker News – Read More
Cybersecurity Threats Intensify in the Middle East During Ramadan
/in General NewsHow security teams in the region fortify their defenses amid short-staffing — and increased DDoS, phishing, and ransomware campaigns — during the Muslim holy month.
darkreading – Read More
Funding the Organizations Securing the Internet
/in General NewsCommon Good Cyber is a global consortium connecting nonprofit, private sector, and government organizations to fund organizations focused on securing Internet infrastructure.
darkreading – Read More
Google to Purge Billions of Files Containing Personal Data in Settlement of Chrome Privacy Case
/in General NewsGoogle agreed to purge billions of records containing personal information collected from more than 136 million people using its Chrome web browser as part of settlement in a lawsuit accusing it of illegal surveillance.
The post Google to Purge Billions of Files Containing Personal Data in Settlement of Chrome Privacy Case appeared first on SecurityWeek.
SecurityWeek – Read More
Backdoor Discovered in XZ Utils: Patch Your Systems Now (CVE-2024-3094)
/in General NewsBy Waqas
Critical Backdoor Alert! Patch XZ Utils Now (CVE-2024-3094) & Secure Your Linux System. Learn how a hidden backdoor…
This is a post from HackRead.com Read the original post: Backdoor Discovered in XZ Utils: Patch Your Systems Now (CVE-2024-3094)
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Microsoft Beefs Up Defenses in Azure AI
/in General NewsMicrosoft adds tools to protect Azure AI from threats such as prompt injection, as well as give developers the capabilities to ensure generative AI apps are more resilient to model and content manipulation attacks.
darkreading – Read More
The Incognito Mode Myth Has Fully Unraveled
/in General NewsTo settle a years-long lawsuit, Google has agreed to delete “billions of data records” collected from users of “Incognito mode,” illuminating the pitfalls of relying on Chrome to protect your privacy.
Security Latest – Read More
XZ Utils Backdoor Implanted in Carefully Executed, Multiyear Supply Chain Attack
/in General NewsHad a Microsoft developer not spotted the malware when he did, the outcome could have been much worse.
darkreading – Read More