BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Police Bust Multimillion-Dollar Holiday Fraud Gang
/in General NewsPolice in Romania and Spain have struck a blow against a sophisticated cyber-fraud gang that tricked victims out of millions of dollars through fake ads and business email compromise (BEC) scams.
Cyware News – Latest Cyber News – Read More
Mitigating Third-Party Risk Requires a Collaborative, Thorough Approach
/in General NewsThe issue can seem daunting, but most organizations have more agency and flexibility to deal with third-party risk than they think.
darkreading – Read More
New GEOBOX Tool Hijacks Raspberry Pi, Lets Hackers Fake Location
/in General NewsBy Deeba Ahmed
New Dark Web Tool GEOBOX, sold for $700 on Telegram and underground forums, hijacks Raspberry Pi, allowing cybercriminals to fake locations and evade detection.
This is a post from HackRead.com Read the original post: New GEOBOX Tool Hijacks Raspberry Pi, Lets Hackers Fake Location
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Top Python Developers Hacked in Sophisticated Supply Chain Attack
/in General NewsMultiple Python developers get infected after downloading malware-packed clone of the popular tool Colorama.
The post Top Python Developers Hacked in Sophisticated Supply Chain Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Russian Hackers Target German Political Parties With WineLoader Malware
/in General NewsThe campaign has been active since late February and mainly uses phishing emails that appear to come from the German Christian Democratic Union, according to a report by Mandiant.
Cyware News – Latest Cyber News – Read More
Biden Nominates First Assistant Defense Secretary for Cyber Policy
/in General NewsPresident Joe Biden on Thursday nominated Michael Sulmeyer to be assistant secretary of defense for cyber policy at the Pentagon, the first individual to hold the position.
Cyware News – Latest Cyber News – Read More
CISA Issues Advisory on WebAccess/SCADA Vulnerability
/in General NewsThe latest CISA Industrial Control Systems (ICS) advisory, marked by a flaw with a CVSS v4 score of 7.1, highlights concerns regarding the WebAccess/SCADA system manufactured by Advantech.
Cyware News – Latest Cyber News – Read More
BlueFlag Security Emerges from Stealth with $11.5M Seed Funding to Address Critical Gaps in SDLC Security
/in General NewsLed by Maverick Ventures and Ten Eleven Ventures with participation from Pier 88 Investment Partners, the investment will fund the development of BlueFlag’s SDLC security and governance platform.
Cyware News – Latest Cyber News – Read More
Apple Chip Flaw Leaks Secret Encryption Keys
/in General NewsPlus: The Biden administration warns of nationwide attacks on US water systems, a new Russian wiper malware emerges, and China-linked hackers wage a global attack spree.
Security Latest – Read More
N. Korea-linked Kimsuky Shifts to Compiled HTML Help Files in Ongoing Cyberattacks
/in General NewsThe North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leveraging Compiled HTML Help (CHM) files as vectors to deliver malware for harvesting sensitive data.
Kimsuky, active since at least 2012, is known to target entities located in South Korea as well as North America, Asia, and Europe.
According
The Hacker News – Read More