BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Magnet Goblin Delivers Linux Malware Using One-Day Vulnerabilities
/in General NewsThe financially motivated threat actor Magnet Goblin is targeting one-day vulnerabilities to deploy Nerbian malware on Linux systems.
The post Magnet Goblin Delivers Linux Malware Using One-Day Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
New Golang-based Planet Stealer Emerges in Underground Forums
/in General NewsPlanet Stealer is a Go-based information-stealing trojan that targets sensitive information from victim hosts. The trojan’s capabilities include browser information theft, cryptocurrency wallet theft, and sandbox evasion.
Cyware News – Latest Cyber News – Read More
Zama’s Homomorphic Encryption Tech Lands it $73M on a Valuation of Nearly $400M
/in General NewsZama, a Paris-based startup, has raised $73 million in a Series A funding round to develop and commercialize homomorphic encryption technology for blockchain transactions and AI data exchange.
Cyware News – Latest Cyber News – Read More
Critical Fortinet Flaw May Impact 150,000 Exposed Devices
/in General NewsApproximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows code execution without authentication.
Cyware News – Latest Cyber News – Read More
Lithuania Warns China Has Ramped up Espionage Campaigns
/in General NewsThe opening of Taiwan’s Representative Office in Lithuania has prompted China to increase its focus on gathering information about the country’s internal affairs and political landscape.
Cyware News – Latest Cyber News – Read More
Japan Blames North Korea for PyPI Supply Chain Cyberattack
/in General NewsOpen-source software ecosystem compromise leaves developers in Asia and around the globe at risk.
darkreading – Read More
Google Is Getting Thousands of Deepfake Porn Complaints
/in General NewsContent creators are using copyright laws to get nonconsensual deepfakes removed from the web. With the complaints covering nearly 30,000 URLs, experts say Google should do more to help.
Security Latest – Read More
Proof-of-Concept Exploit Released for Progress Software OpenEdge Vulnerability
/in General NewsTechnical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge Authentication Gateway and AdminServer, which could be potentially exploited to bypass authentication protections.
Tracked as CVE-2024-1403, the vulnerability has a maximum severity rating of 10.0 on the CVSS scoring system. It
The Hacker News – Read More
Magnet Goblin Hacker Group Leveraging 1-Day Exploits to Deploy Nerbian RAT
/in General NewsA financially motivated threat actor called Magnet Goblin is swiftly adopting one-day security vulnerabilities into its arsenal in order to opportunistically breach edge devices and public-facing services and deploy malware on compromised hosts.
“Threat actor group Magnet Goblin’s hallmark is its ability to swiftly leverage newly disclosed vulnerabilities, particularly targeting
The Hacker News – Read More
Hacker Claims Breaching US Federal Contractor Acuity, Selling ICE, USCIS Data
/in General NewsBy Waqas
The teasure trove of highly sentisive data is being sold for just $3,000 in Monero (XMR) cryptocurrency on Breach Forums.
This is a post from HackRead.com Read the original post: Hacker Claims Breaching US Federal Contractor Acuity, Selling ICE, USCIS Data
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More