BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
- [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
Outdated Wallets Threatening Billions in Crypto Assets
/in General NewsBy Waqas
The vulnerability is dubbed Randstorm, impacting browser-generated wallets created between 2011 and 2015.
This is a post from HackRead.com Read the original post: Outdated Wallets Threatening Billions in Crypto Assets
Hackread – Latest Cybersecurity News, Press Releases & Technology Today – Read More
UK: Secretary Fined For Accessing Scores of Patient Records
/in General NewsThe Information Commissioner’s Office (ICO) said that a complaint was first lodged back in June 2019, after a patient raised concerns that their records had been improperly accessed by Loretta Alborghetti, from Redditch.
Cyware News – Latest Cyber News – Read More
VX-Underground Malware Sharing Collective Framed by Phobos Ransomware
/in General NewsA new variant of the Phobos ransomware has been discovered, which attempts to frame VX-Underground. Phobos ransomware, which emerged in 2018, operates as a ransomware-as-a-service and has seen wide distribution through affiliated threat actors.
Cyware News – Latest Cyber News – Read More
Cybersecurity Firm Executive Pleads Guilty to Hacking Hospitals
/in General NewsVikas Singla, the former COO of a cybersecurity company, pleaded guilty to hacking two hospitals in an attempt to boost his company’s business. Singla disrupted phone and printer services at the hospitals and stole personal information from patients.
Cyware News – Latest Cyber News – Read More
Detailed Data on Employees of US National Security Lab Leaked Online
/in General NewsThe hacking group SiegedSec claimed responsibility for the breach and stated that they obtained a significant amount of personal information, including social security numbers and banking details.
Cyware News – Latest Cyber News – Read More
Update: British Library Says Ransomware Hackers Stole Data From HR Files
/in General NewsThe Rhysida ransomware gang, responsible for the attack, has leaked data stolen from the library’s internal HR files, prompting the library to advise users to change their passwords as a precautionary measure.
Cyware News – Latest Cyber News – Read More
Malicious Apps Disguised as Banks and Government Agencies Targeting Indian Android Users
/in General NewsAndroid smartphone users in India are the target of a new malware campaign that employs social engineering lures to install fraudulent apps that are capable of harvesting sensitive data.
“Using social media platforms like WhatsApp and Telegram, attackers are sending messages designed to lure users into installing a malicious app on their mobile device by impersonating legitimate organizations,
The Hacker News – Read More
Mustang Panda Hackers Targets Philippines Government Amid South China Sea Tensions
/in General NewsThe China-linked Mustang Panda actor has been linked to a cyber attack targeting a Philippines government entity amid rising tensions between the two countries over the disputed South China Sea.
Palo Alto Networks Unit 42 attributed the adversarial collective to three campaigns in August 2023, primarily singling out organizations in the South Pacific.
“The campaigns leveraged legitimate software
The Hacker News – Read More
NetSupport RAT Infections on the Rise – Targeting Government and Business Sectors
/in General NewsThreat actors are targeting the education, government, and business services sectors with a remote access trojan called NetSupport RAT. The malware is typically downloaded onto a victim’s computer through deceptive websites and fake browser updates.
Cyware News – Latest Cyber News – Read More
Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits
/in General NewsThe Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits.
“Once Kinsing infects a system, it deploys a cryptocurrency mining script that exploits the host’s resources to mine cryptocurrencies like Bitcoin, resulting in significant damage to the infrastructure and a negative
The Hacker News – Read More