BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Meet the Chinese ‘Typhoon’ hackers preparing for war
/in General NewsOf the cybersecurity risks facing the United States today, few loom larger than the potential sabotage capabilities posed by China-backed hackers, which top U.S. officials have described as an “epoch-defining threat.” In recent months, U.S. intelligence officials said Chinese government-backed hackers have been burrowing deep into the networks of U.S. critical infrastructure, including water, energy […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf
/in General NewsThe Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region.
“The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilities
The Hacker News – Read More
‘Chat control’: The EU’s controversial CSAM-scanning legal proposal explained
/in General NewsThe European Union has a longstanding reputation for strong privacy laws. But a legislative plan to combat child abuse — which the bloc formally presented back in May 2022 — is threatening to downgrade the privacy and security of hundreds of millions of regional messaging app users. The European Commission, the EU legislative body that […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
The FBI Made a Crypto Coin Just to Catch Fraudsters
/in General NewsPlus: New details emerge in the National Public Data breach, Discord gets blocked in Russia and Turkey over alleged illegal activity on the platform, and more.
Security Latest – Read More
A Mysterious Hacking Group Has 2 New Tools to Steal Data From Air-Gapped Machines
/in General NewsIt’s hard enough creating one air-gap-jumping tool. Researchers say the group GoldenJackal did it twice in five years.
Security Latest – Read More
Pig Butchering Scams Are Going High Tech
/in General NewsScammers in Southeast Asia are increasingly turning to AI, deepfakes, and dangerous malware in a way that makes their pig butchering operations even more convincing.
Security Latest – Read More
FBI Creates Fake Cryptocurrency to Expose Widespread Crypto Market Manipulation
/in General NewsThe U.S. Department of Justice (DoJ) has announced arrests and charges against several individuals and entities in connection with allegedly manipulating digital asset markets as part of a widespread fraud operation.
The law enforcement action – codenamed Operation Token Mirrors – is the result of the U.S. Federal Bureau of Investigation (FBI) taking the “unprecedented step” of creating its own
The Hacker News – Read More
AI Hype Drives Demand For ML SecOps Skills
/in General NewsCompanies are putting “AI” in just about all of their products, which opens up new security holes. LLM SecOps and ML SecOps are becoming must-have skills.
darkreading – Read More
SOC Teams: Threat Detection Tools Are Stifling Us
/in General NewsThreat detection tools yield too many false positives, security pros say, leading to burnout and resentment.
darkreading – Read More
Certificate Authority Market Size to Surpass $485M by 2033
/in General NewsPost Content
darkreading – Read More