BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Apple’s iPhone Hack Attack Warnings Spark Political Firestorm in India
/in General NewsBy Waqas
Big Tech vs. Big Brother: Apple Defies India Pressure over iPhone Hacking Alerts.
This is a post from HackRead.com Read the original post: Apple’s iPhone Hack Attack Warnings Spark Political Firestorm in India
Hackread – Latest Cybersecurity News, Press Releases & Technology Today – Read More
Google Cloud Resolves Privilege Escalation Flaw Impacting Kubernetes Service
/in General NewsGoogle Cloud has addressed a medium-severity security flaw in its platform that could be abused by an attacker who already has access to a Kubernetes cluster to escalate their privileges.
“An attacker who has compromised the Fluent Bit logging container could combine that access with high privileges required by Anthos Service Mesh (on clusters that have enabled it) to
The Hacker News – Read More
Trinidad and Tobago Social Security Agency Discloses Post-Christmas Ransomware Attack
/in General NewsThe National Insurance Board in Trinidad and Tobago has been hit by a ransomware attack, leading to the closure of its offices and limiting its operations for an extended period.
Cyware News – Latest Cyber News – Read More
Skynet Ahoy? What to Expect for Next-Gen AI Security Risks
/in General NewsThe innovation that ChatGPT and other LLMs demonstrate is a good thing, but safeguards and other security frameworks must keep pace.
darkreading – Read More
The Emerging Landscape of AI-Driven Cybersecurity Threats: A Look Ahead
/in General NewsWhile AI can significantly bolster defense mechanisms, it also equips adversaries with powerful tools to launch sophisticated cyberattacks.
The post The Emerging Landscape of AI-Driven Cybersecurity Threats: A Look Ahead appeared first on SecurityWeek.
SecurityWeek – Read More
Ohio Lottery Suffers Cyberattack Claimed by DragonForce Ransomware Group
/in General NewsThe newly surfaced DragonForce ransomware gang has claimed responsibility for the attack, stating that they have encrypted devices and stolen data, including personal information of Ohio Lottery customers and employees.
Cyware News – Latest Cyber News – Read More
Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ
/in General NewsThe new Barracuda ESG zero-day CVE-2023-7102 has been used by Chinese hackers to target organizations in the US and APJ region.
The post Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ appeared first on SecurityWeek.
SecurityWeek – Read More
Three Main Tactics Attackers Use to Bypass MFA
/in General NewsSE Labs has warned that multi-factor authentication (MFA) is not foolproof and can be bypassed by attackers using old-school methods such as social engineering, malware, and phishing.
Cyware News – Latest Cyber News – Read More
Essential DDoS Statistics for Understanding Attack Impact
/in General NewsDDoS attacks have significant consequences, including financial losses, compromised data, and erosion of customer trust. Global events like the Russia-Ukraine war and NATO bids have fueled recent DDoS attack growth.
Cyware News – Latest Cyber News – Read More
Troves of Iranian Hacked Insurance Customer Data on Sale
/in General NewsThe breach was confirmed by the Iranian Leakage Tracking System, and the targeted company, Fanavaran, has since blocked access to its website in the aftermath of the incident.
Cyware News – Latest Cyber News – Read More