BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
LockBit Gang Claims to Have Breached Accountancy Firm Xeinadin
/in General NewsThe LockBit ransomware group has targeted Xeinadin, an accountancy firm with over 60,000 clients, and threatens to leak 1.5 terabytes of stolen customer data if not contacted by the company.
Cyware News – Latest Cyber News – Read More
AI moves from theory to practice, zero trust gets real, and other 2024 predictions from Dell CTO
/in General NewsWhat does 2024 have in store? Improved gen AI ecosystems, next-level security, ‘common edge’ — plus, how quantum will support AI.Read More
Security News | VentureBeat – Read More
Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining
/in General NewsPoorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a network to carry out cryptocurrency mining and distributed denial-of-service (DDoS) attacks.
“Threat actors can also choose to install only scanners and sell the breached IP and account credentials on
The Hacker News – Read More
RingGo, ParkMobile Owner EasyPark Suffers Data Breach, User Data Stolen
/in General NewsBy Waqas
ParkMobile, a globally-used parking app, is the same platform that suffered a massive data breach in 2021 when hackers leaked the data of 21 million customers.
This is a post from HackRead.com Read the original post: RingGo, ParkMobile Owner EasyPark Suffers Data Breach, User Data Stolen
Hackread – Latest Cybersecurity News, Press Releases & Technology Today – Read More
North Korea APT Slapped With Cyber Sanctions After Satellite Launch
/in General NewsSanctions on Kimsuky/APT43 focuses the world on disrupting DPRK regime’s sprawling cybercrime operations, expert says.
darkreading – Read More
Critical ‘LogoFAIL’ Bugs Offer Secure Boot Bypass for Millions of PCs
/in General NewsHundreds of consumer and enterprise-grade x86 and ARM devices from various vendors, including Intel, Acer, and Lenovo, are potentially vulnerable to bootkits and takeover.
darkreading – Read More
When It Comes to January 6 Lawsuits, a Court Splits Donald Trump in Two
/in General NewsA federal court ruled on Friday that Trump, as president, may be able to avoid civil action for his role in the January 6, 2021, attack on the US Capitol. But candidate Trump is something different.
Security Latest – Read More
Apple Security Update Fixes Zero-Day Webkit Exploits
/in General NewsApple recommends users update to iOS 17.1.2, iPadOS 17.1.2 and macOS 14.1.2. Google’s Threat Analysis Group discovered these security bugs.
Security | TechRepublic – Read More
US Government Sanctions North Korea’s Kimsuky Hacking Group
/in General NewsKimsuky is known for its aggressive social engineering tactics and targets governments, nuclear organizations, and foreign relations entities to gather intelligence for North Korea’s interests.
Cyware News – Latest Cyber News – Read More
Simple Hacking Technique can Extract ChatGPT Training Data
/in General NewsResearchers from Google DeepMind, Cornell University, and other institutions have discovered that the popular AI chatbot ChatGPT is susceptible to leaking data when prompted to repeat certain words.
Cyware News – Latest Cyber News – Read More