BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
MoneyGram Says Personal Information Stolen in Recent Cyberattack
/in General NewsHackers stole personal information from MoneyGram’s systems during a three-day attack in September 2024.
The post MoneyGram Says Personal Information Stolen in Recent Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More
Qualcomm Alerted to Possible Zero-Day Exploited in Targeted Attacks
/in General NewsGoogle and Amnesty have seen evidence that a Qualcomm chipset vulnerability tracked as CVE-2024-43047 may be exploited in the wild.
The post Qualcomm Alerted to Possible Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
Android’s October 2024 Update Patches 26 Vulnerabilities
/in General NewsGoogle ships patches for 26 high-severity vulnerabilities as part of Android’s October 2024 security update.
The post Android’s October 2024 Update Patches 26 Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Telegram Already Shares Data of Over 100 U.S. Users with Law Enforcement
/in General NewsTelegram, the messaging platform known for its strong stance on user privacy, has shared data of more than 100 U.S. users with law enforcement agencies. This shouldn’t come as a surprise since reporting on it’s shift in privacy, to help law enforcement. The Numbers According to a recent report from independent investigative website 404 Media, Telegram has responded to multiple law…
Source
TechSplicer – Read More
Mideast, Turkey Cyber Threats Spike, Prompting Defense Changes
/in General NewsThe vast majority of organizations in the region saw more attacks in the past year, but most don’t feel prepared for future incidents.
darkreading – Read More
Pro-Ukrainian Hackers Strike Russian State TV on Putin’s Birthday
/in General NewsUkraine has claimed responsibility for a cyber attack that targeted Russia state media company VGTRK and disrupted its operations, according to reports from Bloomberg and Reuters.
The incident took place on the night of October 7, VGTRK confirmed, describing it as an “unprecedented hacker attack.” However, it said “no significant damage” was caused and that everything was working normally
The Hacker News – Read More
Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits
/in General NewsQualcomm has rolled out security updates to address nearly two dozen flaws spanning proprietary and open-source components, including one that has come under active exploitation in the wild.
The high-severity vulnerability, tracked as CVE-2024-43047 (CVSS score: 7.8), has been described as a user-after-free bug in the Digital Signal Processor (DSP) Service that could lead to “memory corruption
The Hacker News – Read More
Southeast Asian cyber-fraud industry ‘outpacing’ law enforcement with new tools: UN
/in General NewsTransnational criminal groups in Southeast Asia are incorporating new tools like artificial intelligence and deepfake technology to expand their cyber fraud capabilities, the United Nations Office on Drugs and Crime said Monday.
The Record from Recorded Future News – Read More
Cyberattack on American Water Shuts Down Customer Portal, Halts Billing
/in General NewsAmerican Water faces a cyberattack, disrupting its customer portal and billing operations. The company assures that water services…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
MoneyGram says hackers stole customers’ personal information and transaction data
/in General NewsThe money transfer giant said hackers also stole some customer Social Security numbers during the September cyberattack.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More