BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Pro-Ukrainian Hackers Strike Russian State TV on Putin’s Birthday
/in General NewsUkraine has claimed responsibility for a cyber attack that targeted Russia state media company VGTRK and disrupted its operations, according to reports from Bloomberg and Reuters.
The incident took place on the night of October 7, VGTRK confirmed, describing it as an “unprecedented hacker attack.” However, it said “no significant damage” was caused and that everything was working normally
The Hacker News – Read More
Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits
/in General NewsQualcomm has rolled out security updates to address nearly two dozen flaws spanning proprietary and open-source components, including one that has come under active exploitation in the wild.
The high-severity vulnerability, tracked as CVE-2024-43047 (CVSS score: 7.8), has been described as a user-after-free bug in the Digital Signal Processor (DSP) Service that could lead to “memory corruption
The Hacker News – Read More
Southeast Asian cyber-fraud industry ‘outpacing’ law enforcement with new tools: UN
/in General NewsTransnational criminal groups in Southeast Asia are incorporating new tools like artificial intelligence and deepfake technology to expand their cyber fraud capabilities, the United Nations Office on Drugs and Crime said Monday.
The Record from Recorded Future News – Read More
Cyberattack on American Water Shuts Down Customer Portal, Halts Billing
/in General NewsAmerican Water faces a cyberattack, disrupting its customer portal and billing operations. The company assures that water services…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
MoneyGram says hackers stole customers’ personal information and transaction data
/in General NewsThe money transfer giant said hackers also stole some customer Social Security numbers during the September cyberattack.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
GorillaBot Goes Ape With 300K Cyberattacks Worldwide
/in General NewsAmong those affected by all this monkeying around with DDoS in September were some 4,000 organizations in the US.
darkreading – Read More
American Water Confirms Hack: Customer Portal and Billing Services Suspended
/in General NewsThe largest U.S. water utility disconnects customer portal and suspends billing services following a cyberattack.
The post American Water Confirms Hack: Customer Portal and Billing Services Suspended appeared first on SecurityWeek.
SecurityWeek – Read More
Recently spotted Trinity ransomware spurs federal warning to healthcare industry
/in General NewsTrinity ransomware, which bears similarities to previously spotted strains known as 2023Lock and Venus, appears to be an immediate threat to healthcare entities, according to the Department of Health and Human Services’ cyber coordination office.
The Record from Recorded Future News – Read More
Timeline: Top 15 Notable Cyberattacks and Data Breaches
/in General NewsThese 15 cyber attacks or data breaches impacted large swaths of users across the United States and changed what was possible in cybersecurity.
Security | TechRepublic – Read More
Salt Typhoon APT Subverts Law Enforcement Wiretapping: Report
/in General NewsThe Chinese state-sponsored cyberattack threat managed to infiltrate the “lawful intercept” network connections that police use in criminal investigations.
darkreading – Read More