BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Two Chinese APT Groups Ramp Up Cyber Espionage Against ASEAN Countries
/in General NewsTwo China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a cyber espionage campaign over the past three months.
This includes the threat actor known as Mustang Panda, which has been recently linked to cyber attacks against Myanmar as well as
The Hacker News – Read More
AI Generated Fake Obituary Websites Target Grieving Users
/in General NewsBy Waqas
Tributes turned toxic as crooks abuse AI.
This is a post from HackRead.com Read the original post: AI Generated Fake Obituary Websites Target Grieving Users
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Worldwide Agenda Ransomware Wave Targets VMware ESXi Servers
/in General NewsA new, improved variant on the group’s malware combines fileless infection, BYOVD, and more to cause havoc in virtual environments.
darkreading – Read More
Apple Security Bug Opens iPhone, iPad to RCE
/in General NewsCVE-2024-1580 allows remote attackers to execute arbitrary code on affected devices.
darkreading – Read More
Binarly Attracts $10.5M to Tackle Software Supply Chain Security
/in General NewsLos Angeles firmware and software supply chain firm banks $10.5 million in seed-stage funding led by Two Bear Capital.
The post Binarly Attracts $10.5M to Tackle Software Supply Chain Security appeared first on SecurityWeek.
SecurityWeek – Read More
New ShadowRay Campaign Targets Ray AI Framework in Global Attack
/in General NewsBy Waqas
An unpatched vulnerability is exposing the Ray AI framework to the “ShadowRay” attack!
This is a post from HackRead.com Read the original post: New ShadowRay Campaign Targets Ray AI Framework in Global Attack
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Researchers Discover 40,000-Strong EOL Router, IoT Botnet
/in General NewsMalware hunters sound an alarm after discovering a 40,000-strong botnet packed with end-of-life routers and IoT devices being used in cybercriminal activities.
The post Researchers Discover 40,000-Strong EOL Router, IoT Botnet appeared first on SecurityWeek.
SecurityWeek – Read More
Agent Tesla’s New Ride: The Rise of a Novel Loader
/in General NewsRecently, SpiderLabs identified a phishing email with an attached archive that included a Windows executable disguised as a fraudulent bank payment. This action initiated an infection chain culminating in the deployment of Agent Tesla.
Cyware News – Latest Cyber News – Read More
Exclusive: Standard AI shifts focus to computer vision analytics for retailers, now valued at $1.5 billion
/in General NewsStandard AI shifts focus from autonomous checkout to AI-powered vision analytics, aiming to help retailers gain actionable insights into shopper behavior, optimize store performance, and drive immediate ROI while protecting customer privacy.Read More
Security News | VentureBeat – Read More
UK Court Says Assange Can’t be Extradited on Espionage Charges Until US Rules Out Death Penalty
/in General NewsUK Judges said the U.S. must guarantee that Assange, who is Australian, “is afforded the same First Amendment protections as a United States citizen, and that the death penalty is not imposed.”
The post UK Court Says Assange Can’t be Extradited on Espionage Charges Until US Rules Out Death Penalty appeared first on SecurityWeek.
SecurityWeek – Read More