BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
UK Defence Secretary Jet Hit by Electronic Warfare Attack in Poland
/in General NewsRussian hackers launched an electronic warfare attack that disabled the GPS and communications systems of UK Defence Secretary Grant Shapps’ RAF Dassault Falcon 900 jet while flying near Kaliningrad.
Cyware News – Latest Cyber News – Read More
E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials
/in General NewsA 31-year-old Moldovan national has been sentenced to 42 months in prison in the U.S. for operating an illicit marketplace called E-Root Marketplace that offered for sale hundreds of thousands of compromised credentials, the Department of Justice (DoJ) announced.
Sandu Boris Diaconu was charged with conspiracy to commit access device and computer fraud and possession of 15 or more unauthorized
The Hacker News – Read More
New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT
/in General NewsA new phishing campaign is targeting U.S. organizations with the intent to deploy a remote access trojan called NetSupport RAT.
Israeli cybersecurity company Perception Point is tracking the activity under the moniker Operation PhantomBlu.
“The PhantomBlu operation introduces a nuanced exploitation method, diverging from NetSupport RAT’s typical delivery mechanism by leveraging OLE (Object
The Hacker News – Read More
UnitedHealth Says It Has Made Progress on Recovering From Massive Cyberattack
/in General NewsUnitedHealth is testing the last major system it must restore from last month’s Change Healthcare cyberattack, but it has no date yet for finishing the recovery.
The post UnitedHealth Says It Has Made Progress on Recovering From Massive Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More
NVIDIA GTC Keynote: Blackwell Architecture Will Accelerate AI Products in Late 2024
/in General NewsDevelopers can now take advantage of NVIDIA NIM packages to deploy enterprise generative AI, said NVIDIA CEO Jensen Huang.
Security | TechRepublic – Read More
Chinese APT ‘Earth Krahang’ Compromises 48 Gov’t Orgs on 5 Continents
/in General NewsThe group uses pretty standard open source tooling and social engineering to burrow into high-level government agencies across the globe.
darkreading – Read More
North Korea-Linked Group Levels Multistage Cyberattack on South Korea
/in General NewsKimsuky-attributed campaign uses eight steps to compromise systems — from initial execution to downloading additional code from Dropbox, and executing code to establish stealth and persistence.
darkreading – Read More
ML Model Repositories: The Next Big Supply Chain Attack Target
/in General NewsMachine-learning model platforms like Hugging Face are suspectible to the same kind of attacks that threat actors have executed successfully for years via npm, PyPI, and other open source repos.
darkreading – Read More
Fujitsu Scrambles After Malware Attack: Customer Data Potentially Breached
/in General NewsBy Deeba Ahmed
While Fujitsu did not disclose in-depth details, the company confirmed investigating a cyberattack that may have led to a data breach.
This is a post from HackRead.com Read the original post: Fujitsu Scrambles After Malware Attack: Customer Data Potentially Breached
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
New AcidRain Linux Malware Variant “AcidPour” Found Targeting Ukraine
/in General NewsBy Waqas
Another day, another malware threat emerges in a country already at war.
This is a post from HackRead.com Read the original post: New AcidRain Linux Malware Variant “AcidPour” Found Targeting Ukraine
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More