Category: securityonline
-
Google’s Search Dominance Under Fire in Japan
Google’s Search Dominance Under Fire in Japan Google finds itself in hot water with regulators yet again, this time in Japan. The nation’s Fair Trade Commission (JFTC) is poised to rule that the tech giant has violated… Go to gbhackers.com
-
Dutch DPA Fines Netflix €4.75 Million for GDPR Violations
Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Streaming giant Netflix has been hit with a hefty fine by the Dutch Data Protection Authority (Dutch DPA) for failing to provide clear and sufficient information to customers about how… Go to gbhackers.com
-
Pegasus Spyware: Court Finds NSO Group Liable for 1,400 Infections
Pegasus Spyware: Court Finds NSO Group Liable for 1,400 Infections A California court has ruled that Israeli firm NSO Group is liable for hacking into WhatsApp and deploying its notorious Pegasus spyware. The ruling, delivered by Judge Phyllis Hamilton in… Go to gbhackers.com
-
NodeStealer Infostealer: New Python-Based Variant Targets Facebook Ads Manager
NodeStealer Infostealer: New Python-Based Variant Targets Facebook Ads Manager The NodeStealer malware, first identified as a JavaScript-based threat, has undergone a transformation into a Python-based infostealer, expanding its capabilities to harvest a broader range of sensitive data. According to… Go to gbhackers.com
-
DigiEver DVR Vulnerability Under Attack by Hail Cock Botnet
DigiEver DVR Vulnerability Under Attack by Hail Cock Botnet Akamai Security Intelligence Research Team (SIRT) has uncovered a vulnerability in DigiEver DS-2105 Pro DVRs is being actively exploited by the Hail Cock botnet, a Mirai variant enhanced with modern… Go to gbhackers.com
-
CVE-2024-56145 (CVSS 9.3): Remote Code Execution Vulnerability in Craft CMS, PoC Published
CVE-2024-56145 (CVSS 9.3): Remote Code Execution Vulnerability in Craft CMS, PoC Published Security researchers at Assetnote have disclosed a critical vulnerability (CVE-2024-56145) in Craft CMS, a widely-used PHP-based content management system. This flaw, assigned a CVSS score of 9.3, enables unauthenticated remote… Go to gbhackers.com
-
CVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability
CVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability The Apache Software Foundation recently released a critical security update to address a remote code execution (RCE) vulnerability in Apache Tomcat, identified as CVE-2024-56337. This vulnerability affects a wide range… Go to gbhackers.com
-
Cybercriminals Go Mobile: Executives Targeted in Advanced Phishing Campaigns
Cybercriminals Go Mobile: Executives Targeted in Advanced Phishing Campaigns Cybercriminals are targeting corporate executives with highly advanced mobile spear phishing attacks, leveraging sophisticated evasion techniques and exploiting the inherent vulnerabilities of mobile devices, a new report reveals. In today’s… Go to gbhackers.com
-
New Skuld Infostealer Campaign Unveiled in npm Ecosystem
New Skuld Infostealer Campaign Unveiled in npm Ecosystem The npm ecosystem has been infiltrated once more by the persistent Skuld infostealer, a notorious malware strain targeting developers with deceptive packages. Socket’s threat research team unveiled this campaign, led… Go to gbhackers.com
-
LNK Files and SSH Commands: The New Arsenal of Advanced Cyber Attacks
LNK Files and SSH Commands: The New Arsenal of Advanced Cyber Attacks A recent report by Cyble Research and Intelligence Labs (CRIL) unveils a troubling trend: threat actors are increasingly leveraging LNK files and SSH commands as stealthy tools to orchestrate advanced… Go to gbhackers.com
-
NotLockBit: New Cross-Platform Ransomware Threatens Windows and macOS
NotLockBit: New Cross-Platform Ransomware Threatens Windows and macOS Pranita Pradeep Kulkarni, Senior Engineer in Threat Research at Qualys, has detailed a new ransomware strain dubbed NotLockBit, which mimics the notorious LockBit ransomware while introducing unique cross-platform capabilities. This… Go to gbhackers.com
-
LummApp Malware Campaign: Researcher Exposes Advanced Data Stealing Operation
LummApp Malware Campaign: Researcher Exposes Advanced Data Stealing Operation In a recent revelation, Team Axon, the elite threat hunting division at Hunters, exposed a sophisticated malware campaign named “LummApp.” This operation employs a combination of advanced techniques, including DLL… Go to gbhackers.com
-
CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics
CVE-2024-51466 (CVSS 9.0): Critical Vulnerability Found in IBM Cognos Analytics IBM has disclosed two severe vulnerabilities in its Cognos Analytics platform that could compromise sensitive data and system integrity. These vulnerabilities, identified as CVE-2024-51466 and CVE-2024-40695, highlight risks in business… Go to gbhackers.com
-
From .NET to C++: BellaCiao Malware Evolves with BellaCPP
From .NET to C++: BellaCiao Malware Evolves with BellaCPP Kaspersky has uncovered a fresh variant of the BellaCiao malware family—BellaCPP—marking a shift from .NET to C++ in its development. First appearing in April 2023, BellaCiao is a .NET-based malware… Go to gbhackers.com
-
Tax-Themed Campaign Exploits Windows MSC Files to Deliver Stealthy Backdoor
Tax-Themed Campaign Exploits Windows MSC Files to Deliver Stealthy Backdoor The Securonix Threat Research team has uncovered a sophisticated phishing campaign named FLUX#CONSOLE, leveraging tax-related lures and the use of Windows MSC (Microsoft Management Console) files to deploy a stealthy… Go to gbhackers.com
-
Diicot Threat Group Targets Linux with Advanced Malware Campaign
Diicot Threat Group Targets Linux with Advanced Malware Campaign Wiz Threat Research revealed a new malware campaign orchestrated by the Romanian-speaking threat group Diicot, also known as Mexals. This campaign targets Linux environments with advanced malware techniques, marking a… Go to gbhackers.com
-
Critical Flaws in Rockwell Automation PowerMonitor 1000 Devices: CVSS Scores Hit 9.8/10
Critical Flaws in Rockwell Automation PowerMonitor 1000 Devices: CVSS Scores Hit 9.8/10 Rockwell Automation has issued a critical security advisory highlighting three severe vulnerabilities affecting its PowerMonitor 1000 devices. These vulnerabilities, identified by Vera Mens of Claroty Research – Team82, pose significant… Go to gbhackers.com
-
Romanian National Sentenced to 20 Years for NetWalker Ransomware Attacks
Romanian National Sentenced to 20 Years for NetWalker Ransomware Attacks A Romanian man has been sentenced to 20 years in prison for his role in the devastating NetWalker ransomware attacks. Daniel Christian Hulea, 30, was also ordered to forfeit over… Go to gbhackers.com
-
TA397 Leverages Sophisticated Spearphishing Techniques to Deploy Malware in Defense Sector
TA397 Leverages Sophisticated Spearphishing Techniques to Deploy Malware in Defense Sector Proofpoint researchers have identified a new spearphishing campaign by TA397, a South Asia-based advanced persistent threat (APT) group also known as Bitter. The campaign, observed on November 18, 2024, targets… Go to gbhackers.com
-
CVE-2024-49576 and CVE-2024-47810: Foxit Addresses Remote Code Execution Flaws
CVE-2024-49576 and CVE-2024-47810: Foxit Addresses Remote Code Execution Flaws Foxit has released a crucial security update for its widely used Foxit PDF Reader and Foxit PDF Editor. The update, version 2024.4, resolves multiple vulnerabilities that pose significant risks, including… Go to gbhackers.com
-
Phishing Campaign Targets European Companies with Fake HubSpot and DocuSign Forms
Phishing Campaign Targets European Companies with Fake HubSpot and DocuSign Forms A recent report by Unit 42 researchers has uncovered an extensive phishing campaign targeting European companies, with the automotive, chemical, and industrial compound manufacturing sectors among the hardest hit. The… Go to gbhackers.com
-
PoC Exploit Released for Databricks Remote Code Execution Vulnerability CVE-2024-49194
PoC Exploit Released for Databricks Remote Code Execution Vulnerability CVE-2024-49194 A newly discovered vulnerability in the Databricks JDBC Driver (CVE-2024-49194) could allow attackers to remotely execute code on vulnerable systems. The flaw, found by security researchers at Alibaba Cloud Intelligence… Go to gbhackers.com
-
CVE-2024-12727 and More: Sophos Issues Urgent Firewall Security Update
CVE-2024-12727 and More: Sophos Issues Urgent Firewall Security Update Sophos has announced the resolution of three critical security vulnerabilities affecting its Sophos Firewall product, a widely used network security tool. These vulnerabilities, tracked as CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729, pose… Go to gbhackers.com
-
Kaspersky Uncovers Active Exploitation of Fortinet Vulnerability CVE-2023-48788
Kaspersky Uncovers Active Exploitation of Fortinet Vulnerability CVE-2023-48788 In a recent investigation, Kaspersky’s Global Emergency Response Team (GERT) uncovered active exploitation of a patched vulnerability in Fortinet FortiClient EMS. This SQL injection vulnerability, identified as CVE-2023-48788, affects FortiClient… Go to gbhackers.com
-
CVE-2024-51479: Next.js Authorization Bypass Vulnerability Affects Millions of Developers
CVE-2024-51479: Next.js Authorization Bypass Vulnerability Affects Millions of Developers A recently disclosed security vulnerability in Next.js, a popular React framework used by millions of developers worldwide, could have allowed unauthorized access to sensitive application data. The vulnerability, tracked as… Go to gbhackers.com
-
CVE-2023-34990 (CVSS 9.8): Critical Security Flaw Found in Fortinet FortiWLM
CVE-2023-34990 (CVSS 9.8): Critical Security Flaw Found in Fortinet FortiWLM Fortinet, a leading cybersecurity vendor, has issued urgent advisories regarding several critical vulnerabilities affecting its popular products, including FortiClient VPN, FortiManager, and FortiWLM. These flaws range from password exposure to… Go to gbhackers.com
-
CVE-2024-10205: Critical Authentication Bypass Flaw Found in Hitachi Infrastructure Analytics Advisor and Ops Center Analyzer
CVE-2024-10205: Critical Authentication Bypass Flaw Found in Hitachi Infrastructure Analytics Advisor and Ops Center Analyzer Hitachi Vantara has disclosed a critical authentication bypass vulnerability (CVE-2024-10205) affecting its Infrastructure Analytics Advisor and Ops Center Analyzer. These tools are widely used for IT infrastructure optimization, making the… Go to gbhackers.com
-
Azure Key Vault Vulnerability: Exploiting Role Misconfigurations for Privilege Escalation
Azure Key Vault Vulnerability: Exploiting Role Misconfigurations for Privilege Escalation Datadog Security Labs has uncovered a potential privilege escalation method in Azure Key Vault that could grant unintended access to sensitive secrets, keys, and certificates. This discovery sheds light on… Go to gbhackers.com
-
VIPKeyLogger: A New Infostealer Targeting Sensitive Data via Phishing Campaigns
VIPKeyLogger: A New Infostealer Targeting Sensitive Data via Phishing Campaigns Forcepoint researchers have uncovered an alarming rise in activity involving a new infostealer malware named VIPKeyLogger. Distributed through phishing campaigns, VIPKeyLogger demonstrates sophisticated techniques to harvest sensitive data from its… Go to gbhackers.com
-
Fake CAPTCHAs Deliver Lumma Infostealer Malware in Massive Malvertising Campaign
Fake CAPTCHAs Deliver Lumma Infostealer Malware in Massive Malvertising Campaign A large-scale malvertising campaign analyzed by Guardio Labs exposes how fake CAPTCHA prompts are used to deliver the Lumma infostealer malware. This sophisticated operation highlights the dark side of Internet… Go to gbhackers.com
-
High-Severity Vulnerabilities Fixed in Latest Chrome Release
High-Severity Vulnerabilities Fixed in Latest Chrome Release Google has released a crucial update for its Chrome browser, addressing five security vulnerabilities, several of which are rated as “High” severity. Users are strongly urged to update to the… Go to gbhackers.com
-
Data Exfiltration and RCE Risks Found in Azure Data Factory’s Airflow Integration
Data Exfiltration and RCE Risks Found in Azure Data Factory’s Airflow Integration Unit 42 researchers have uncovered multiple vulnerabilities in Azure Data Factory’s managed Apache Airflow integration, potentially enabling attackers to achieve shadow administrator control, data exfiltration, and remote code execution. Apache… Go to gbhackers.com
-
BADBOX Botnet Rises Again: 192,000+ Android Devices Compromised
BADBOX Botnet Rises Again: 192,000+ Android Devices Compromised The BADBOX botnet is back and more dangerous than ever. Originally thought to have been dismantled, this cybercriminal operation has not only resurfaced but expanded, compromising over 192,000 Android-based devices… Go to gbhackers.com
-
CVE-2024-12356 (CVSS 9.8): Critical Vulnerability in BeyondTrust PRA and RS Enables Remote Code Execution
CVE-2024-12356 (CVSS 9.8): Critical Vulnerability in BeyondTrust PRA and RS Enables Remote Code Execution A critical command injection vulnerability (CVE-2024-12356) has been discovered in BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) solutions. With a CVSS score of 9.8, this flaw represents a… Go to gbhackers.com
-
Discover the Advanced Techniques and Capabilities of Nova: A Snake Keylogger Fork
Discover the Advanced Techniques and Capabilities of Nova: A Snake Keylogger Fork Nova, a newly discovered fork of the infamous Snake Keylogger family, is a growing challenge in cybersecurity. According to research conducted by ANY.RUN, this variant employs advanced techniques to steal… Go to gbhackers.com
-
CVE-2024-55949 (CVSS 9.3): Critical MinIO Flaw Allows Any User to Gain Full Admin Privileges
CVE-2024-55949 (CVSS 9.3): Critical MinIO Flaw Allows Any User to Gain Full Admin Privileges A newly discovered vulnerability in MinIO, the popular open-source object storage platform, could allow any user to escalate their privileges to the administrator level, posing a significant risk to data… Go to gbhackers.com
-
New Malware “I2PRAT” Exploits Anonymous I2P Network for Stealthy Command and Control
New Malware “I2PRAT” Exploits Anonymous I2P Network for Stealthy Command and Control A new malware campaign, identified as I2PRAT (I2P Remote Access Trojan), is raising the bar for cybercriminals’ ability to evade detection. Detailed in a report by Banu Ramakrishnan, a Malware… Go to gbhackers.com
-
CVE-2024-53376: CyberPanel Flaw Exposes Systems to Full Compromise, PoC Published
CVE-2024-53376: CyberPanel Flaw Exposes Systems to Full Compromise, PoC Published Security researcher Thanatos has uncovered a critical vulnerability (CVE-2024-53376) in CyberPanel, a popular web hosting control panel, that could allow attackers to completely compromise servers. Versions of CyberPanel prior to… Go to gbhackers.com
-
RCE and DoS Vulnerabilities Addressed in Apache Tomcat: CVE-2024-50379 and CVE-2024-54677
RCE and DoS Vulnerabilities Addressed in Apache Tomcat: CVE-2024-50379 and CVE-2024-54677 The Apache Software Foundation has released important security updates to address two vulnerabilities in Apache Tomcat, a widely-used open-source web server, and servlet container. One of the vulnerabilities could allow… Go to gbhackers.com
-
HiatusRAT Campaign Targets Web Cameras and DVRs: FBI Warns of Rising IoT Exploits
HiatusRAT Campaign Targets Web Cameras and DVRs: FBI Warns of Rising IoT Exploits The FBI, in collaboration with CISA, has issued a new alert regarding the HiatusRAT malware campaign. The latest iteration of the campaign has shifted its focus to Internet of Things… Go to gbhackers.com
-
Why Merchant Management Software is a Must-Have for Modern Banks and Payment Service Providers
Why Merchant Management Software is a Must-Have for Modern Banks and Payment Service Providers In today’s rapidly evolving financial ecosystem, banks and payment service providers (PSPs) face increasing demands for efficiency, scalability, and compliance. Merchant management software has emerged as a critical tool to… Go to gbhackers.com
-
DLL Side-Loading Strikes Again: Yokai Backdoor Bypasses Security
DLL Side-Loading Strikes Again: Yokai Backdoor Bypasses Security Cybersecurity researchers from Netskope have uncovered a new side-loaded backdoor, dubbed Yokai, targeting Thai officials through decoy documents and a legitimate application. This campaign highlights the continued use of DLL… Go to gbhackers.com
-
Threat Actors Exploit Fake Brand Collaborations to Target YouTube Channels
Threat Actors Exploit Fake Brand Collaborations to Target YouTube Channels A recent report from CloudSek’s Threat Researcher Team exposes a highly sophisticated phishing campaign that targets popular YouTube channels through fraudulent brand collaboration offers. Threat actors behind this scheme employ… Go to gbhackers.com
-
CVE-2024-55661: RCE Vulnerability Discovered in Laravel Pulse Monitoring Tool
CVE-2024-55661: RCE Vulnerability Discovered in Laravel Pulse Monitoring Tool A serious security flaw has been discovered in Laravel Pulse, a popular real-time application performance monitoring and dashboard tool for Laravel applications. Tracked as CVE-2024-55661, this vulnerability could allow authenticated… Go to gbhackers.com
-
Hackers exploit critical Apache Struts RCE flaw (CVE-2024-53677) after PoC exploit release
Hackers exploit critical Apache Struts RCE flaw (CVE-2024-53677) after PoC exploit release Threat actors have begun exploiting a critical vulnerability in the Apache Struts framework, CVE-2024-53677, just days after a proof-of-concept (PoC) exploit was published online. Rated 9.5 on the CVSSv4 severity… Go to gbhackers.com
-
Zero-Click HomeKit Exploit Used to Spy on Serbian Journalists
Zero-Click HomeKit Exploit Used to Spy on Serbian Journalists A new report by Amnesty International reveals that NSO Group’s Pegasus spyware was used to target iPhones belonging to Serbian journalists and activists. The attacks were conducted using a zero-click… Go to gbhackers.com
-
CVE-2024-49112 (CVSS 9.8): Critical Windows LDAP Flaw Puts Networks at Risk of Remote Takeover
CVE-2024-49112 (CVSS 9.8): Critical Windows LDAP Flaw Puts Networks at Risk of Remote Takeover Microsoft has disclosed a critical Remote Code Execution (RCE) vulnerability in its Lightweight Directory Access Protocol (LDAP) service, tracked as CVE-2024-49112. Released as part of the company’s December Patch Tuesday… Go to gbhackers.com
-
Hackers Hack Hackers: MUT-1244 Steals Credentials in Deceptive GitHub Attack
Hackers Hack Hackers: MUT-1244 Steals Credentials in Deceptive GitHub Attack According to Datadog Security Labs, a cybercriminal group known as MUT-1244 has launched a sophisticated attack campaign that successfully compromised not only regular users but also other hackers and security… Go to gbhackers.com
-
OpenAI Services Hit by Major Outage Due to Telemetry Service Deployment
OpenAI Services Hit by Major Outage Due to Telemetry Service Deployment OpenAI experienced a significant service disruption on December 11, 2024, impacting all its services, including ChatGPT, the API, and Sora. The outage, lasting over four hours, was caused by a… Go to gbhackers.com
-
Google Ads Abused in Graphic Design Malvertising Attack
Google Ads Abused in Graphic Design Malvertising Attack Silent Push Threat Analysts have revealed a widespread malvertising campaign exploiting Google Ads to target graphic design professionals. This ongoing operation, active since November, utilizes domains hosted on dedicated IP… Go to gbhackers.com
-
Russian APT “Secret Blizzard” Leverages Cybercriminal Tools in Ukraine Attacks
Russian APT “Secret Blizzard” Leverages Cybercriminal Tools in Ukraine Attacks A new report from Microsoft Threat Intelligence reveals that the Russian state-sponsored threat actor known as Secret Blizzard (also tracked as Turla, Waterbug, Venomous Bear, Snake, Turla Team, and Turla… Go to gbhackers.com
-
CVE-2024-45337: Golang Crypto Library Flawed, Risks Authorization Bypass
CVE-2024-45337: Golang Crypto Library Flawed, Risks Authorization Bypass A critical security vulnerability, tracked as CVE-2024-45337 (CVSS 9.1), has been discovered in the Golang cryptography library. This flaw stems from the misuse of the ServerConfig.PublicKeyCallback function, potentially leading to authorization… Go to gbhackers.com
-
Open Sesame Attack: Ruijie Networks Devices Vulnerable to Remote Takeover
Open Sesame Attack: Ruijie Networks Devices Vulnerable to Remote Takeover In a critical revelation highlighting the vulnerabilities of IoT ecosystems, Team82 has published a report detailing 10 security flaws in Ruijie Networks’ Reyee cloud management platform and its associated Reyee… Go to gbhackers.com
-
CVE-2024-38819: Spring Framework Path Traversal PoC Exploit Released
CVE-2024-38819: Spring Framework Path Traversal PoC Exploit Released A critical vulnerability in the Spring Framework, tracked as CVE-2024-38819 (CVSS score 7.5), has been publicly disclosed, along with a proof-of-concept (PoC) exploit. This flaw allows attackers to conduct path… Go to gbhackers.com
-
Citrix Alerts on Global Password Spraying Campaigns Targeting NetScaler Appliances
Citrix Alerts on Global Password Spraying Campaigns Targeting NetScaler Appliances Citrix has issued an advisory highlighting an increase in password spraying attacks aimed at NetScaler appliances worldwide. These attacks exploit authentication endpoints, causing significant operational disruptions for targeted organizations. Unlike… Go to gbhackers.com
-
Critical Microsoft Azure MFA Bypass Exposed: What You Need to Know
Critical Microsoft Azure MFA Bypass Exposed: What You Need to Know Oasis Security’s research team has unveiled a critical vulnerability in Microsoft Azure’s Multi-Factor Authentication (MFA) system, exposing millions of users to potential breaches. The bypass technique allows attackers to gain… Go to gbhackers.com
-
New Android Banking Trojan Targets Indian Users Through Fake Apps
New Android Banking Trojan Targets Indian Users Through Fake Apps McAfee Labs has revealed the discovery of a new Android banking trojan targeting Indian users, exploiting the country’s dependence on utility and banking apps to steal sensitive financial information. This… Go to gbhackers.com
-
CVE-2024-11053 (CVSS 9.1): Curl Vulnerability Exposes User Credentials in Redirects
CVE-2024-11053 (CVSS 9.1): Curl Vulnerability Exposes User Credentials in Redirects A recently discovered vulnerability in the popular curl command line tool and library, tracked as CVE-2024-11053 and assigned a CVSS score of 9.1, could lead to the unintended exposure of… Go to gbhackers.com
-
IOCONTROL Malware: CyberAv3ngers’ Weapon of Choice Targets Critical Infrastructure
IOCONTROL Malware: CyberAv3ngers’ Weapon of Choice Targets Critical Infrastructure A sophisticated malware strain dubbed “IOCONTROL” has emerged as a significant threat to industrial control systems (ICS) and Internet of Things (IoT) devices, particularly in Israel and the United States…. Go to gbhackers.com
-
Abusing Microsoft’s UI Automation Framework: The New Evasion Technique Bypassing EDR
Abusing Microsoft’s UI Automation Framework: The New Evasion Technique Bypassing EDR Akamai security researcher Tomer Peled has unveiled a novel attack technique exploiting Microsoft’s legacy UI Automation framework, a tool originally designed to enhance computer accessibility. The findings reveal how attackers… Go to gbhackers.com
-
Over 15,000 Sites at Risk: Woffice WordPress Theme Vulnerabilities Could Lead to Full Site Takeovers
Over 15,000 Sites at Risk: Woffice WordPress Theme Vulnerabilities Could Lead to Full Site Takeovers Patchstack has disclosed two critical vulnerabilities in the widely used Woffice WordPress theme, a premium intranet/extranet solution with over 15,000 sales. Developed by Xtendify, the Woffice theme offers team and… Go to gbhackers.com
-
DCOM Upload & Execute: A New Backdoor Technique Unveiled
DCOM Upload & Execute: A New Backdoor Technique Unveiled Deep Instinct Security Researcher Eliran Nissan has uncovered a new and potent lateral movement technique, “DCOM Upload & Execute,” redefining how attackers might exploit Distributed Component Object Model (DCOM) interfaces… Go to gbhackers.com
-
Careto APT Returns: Decade-Old Threat Resurfaces with New Sophistication
Careto APT Returns: Decade-Old Threat Resurfaces with New Sophistication Kaspersky Labs has unveiled research on the return of “The Mask,” also known as Careto, a legendary Advanced Persistent Threat (APT) actor. After a decade-long silence since its last known… Go to gbhackers.com
-
MAC Address vs. IP Address: Key Differences and Practical Uses
MAC Address vs. IP Address: Key Differences and Practical Uses The internet is one of the marvels of the century. It allows us to stay connected at a global level by using various devices that are convenient for us. Whether… Go to gbhackers.com
-
Gamaredon APT Deploys Two Russian Android Spyware Families: BoneSpy and PlainGnome
Gamaredon APT Deploys Two Russian Android Spyware Families: BoneSpy and PlainGnome Researchers at the Lookout Threat Lab have uncovered two sophisticated Android spyware families, BoneSpy and PlainGnome, attributed to the Russian-aligned Advanced Persistent Threat (APT) group Gamaredon. Also known as Primitive… Go to gbhackers.com
-
CVE-2024-55633: Apache Superset Vulnerability Exposes Sensitive Data to Unauthorized Modification
CVE-2024-55633: Apache Superset Vulnerability Exposes Sensitive Data to Unauthorized Modification A newly discovered vulnerability in Apache Superset, a popular open-source business intelligence platform, could allow attackers to gain unauthorized write access to sensitive data. Tracked as CVE-2024-55633 and assigned a… Go to gbhackers.com
-
Citrix NetScaler Under Siege: Significant Increase in Brute Force Attacks Observed
Citrix NetScaler Under Siege: Significant Increase in Brute Force Attacks Observed A significant increase in brute-force attacks targeting outdated and misconfigured Citrix NetScaler devices has been observed in Germany, prompting warnings from cybersecurity experts and organizations, including CERT Germany and the… Go to gbhackers.com
-
PDQ Deploy Vulnerability Exposes Admin Credentials: CERT/CC Issues Advisory
PDQ Deploy Vulnerability Exposes Admin Credentials: CERT/CC Issues Advisory A critical vulnerability in PDQ Deploy, a software deployment service used by system administrators, has been highlighted in a recent advisory by the CERT Coordination Center (CERT/CC). The flaw, which… Go to gbhackers.com
-
Dell Warns of Critical Flaws in Enterprise Products, Including CVE-2024-37143 (CVSS 10)
Dell Warns of Critical Flaws in Enterprise Products, Including CVE-2024-37143 (CVSS 10) Dell has released a critical security update to address multiple vulnerabilities impacting several of its enterprise products, including PowerFlex, InsightIQ, and Data Lakehouse. These vulnerabilities, identified as CVE-2024-37143 and CVE-2024-37144,… Go to gbhackers.com
-
APT-C-60 Exploits Legitimate Services in Sophisticated Malware Attack Targeting Japanese Organizations
APT-C-60 Exploits Legitimate Services in Sophisticated Malware Attack Targeting Japanese Organizations In August 2024, JPCERT/CC confirmed a targeted attack against a Japanese organization, believed to be the work of the threat group APT-C-60. This advanced campaign utilized legitimate services like Google… Go to gbhackers.com
-
International Cybercrime Ring Dismantled: Rydox Marketplace Seized and Administrators Arrested
International Cybercrime Ring Dismantled: Rydox Marketplace Seized and Administrators Arrested The U.S. Department of Justice announced the takedown of Rydox, a notorious online marketplace for stolen personal information and cybercrime tools. This operation, involving authorities in the U.S., Kosovo, Albania,… Go to gbhackers.com
-
Secure Email Gateways Fail to Stop Advanced Phishing Campaign Targeting Multiple Industries
Secure Email Gateways Fail to Stop Advanced Phishing Campaign Targeting Multiple Industries A detailed report from Group-IB reveals a sophisticated global phishing campaign targeting employees across 30 companies in 15 jurisdictions. By leveraging trusted domains and dynamic personalization, the threat actors have… Go to gbhackers.com
-
Operation PowerOFF: Europol Cracks Down on Global DDoS-for-Hire Platforms
Operation PowerOFF: Europol Cracks Down on Global DDoS-for-Hire Platforms Law enforcement worldwide has delivered a significant blow to cybercriminals with Operation PowerOFF, an international effort led by Europol to dismantle Distributed Denial-of-Service (DDoS)-for-hire platforms. In a coordinated strike involving… Go to gbhackers.com
-
EagleMsgSpy: Unmasking a Sophisticated Chinese Surveillance Tool
EagleMsgSpy: Unmasking a Sophisticated Chinese Surveillance Tool Researchers at the Lookout Threat Lab have identified a sophisticated surveillance tool, dubbed EagleMsgSpy, reportedly used by law enforcement agencies in mainland China. The tool, operational since at least 2017,… Go to gbhackers.com
-
“Aggressive Inventory Zombies”: Unmasking a Massive Phishing and Pig-Butchering Network
“Aggressive Inventory Zombies”: Unmasking a Massive Phishing and Pig-Butchering Network Silent Push Threat Analysts have shed light on a large-scale phishing and pig-butchering network targeting retail brands and cryptocurrency users. Dubbed “Aggressive Inventory Zombies” (AIZ), this campaign underscores the threat… Go to gbhackers.com
-
PoC Exploit Code Releases Cleo Zero-Day Vulnerability (CVE-2024-50623)
PoC Exploit Code Releases Cleo Zero-Day Vulnerability (CVE-2024-50623) Organizations using Cleo file transfer software are urged to take immediate action as a critical vulnerability, CVE-2024-50623, is being actively exploited in the wild. This zero-day flaw affects Cleo LexiCom,… Go to gbhackers.com
-
CVE-2024-53677 (CVSS 9.5): Critical Vulnerability in Apache Struts Allows Remote Code Execution
CVE-2024-53677 (CVSS 9.5): Critical Vulnerability in Apache Struts Allows Remote Code Execution Developers using the popular Apache Struts framework are urged to update their systems immediately following the discovery of a critical security flaw (CVE-2024-53677, CVSS 9.5) that could allow attackers to… Go to gbhackers.com
-
ChatGPT and Sora Go Offline: OpenAI Scrambles to Restore Service Amid Global Outage
ChatGPT and Sora Go Offline: OpenAI Scrambles to Restore Service Amid Global Outage In a sudden and unexpected turn of events, OpenAI’s ChatGPT, the AI chatbot that has taken the world by storm, is experiencing a major global outage. The disruption, which began… Go to gbhackers.com
-
CVE-2024-11274: GitLab Vulnerability Exposes User Accounts
CVE-2024-11274: GitLab Vulnerability Exposes User Accounts GitLab has issued an important security update addressing a range of vulnerabilities affecting multiple versions of its platform. The update, which includes versions 17.6.2, 17.5.4, and 17.4.6 for Community Edition… Go to gbhackers.com
-
Malicious npm Package Mimics ESLint Plugin, Steals Sensitive Data
Malicious npm Package Mimics ESLint Plugin, Steals Sensitive Data A recent report by the Socket Research Team uncovers a sophisticated typosquatting attack targeting developers using the popular @typescript-eslint/eslint-plugin. The legitimate @typescript-eslint/eslint-plugin is a cornerstone of TypeScript development, having over… Go to gbhackers.com
-
Zloader Trojan Employs Novel DNS Tunneling Protocol for Enhanced Evasion
Zloader Trojan Employs Novel DNS Tunneling Protocol for Enhanced Evasion Zloader, the modular Trojan with roots in the infamous Zeus malware, has once again evolved, presenting a new and sophisticated challenge to cybersecurity professionals. ThreatLabz, the security research team at… Go to gbhackers.com
-
BadRAM Vulnerability (CVE-2024-21944): Researchers Uncover Security Flaw in AMD SEV
BadRAM Vulnerability (CVE-2024-21944): Researchers Uncover Security Flaw in AMD SEV A collaborative research effort has exposed a significant vulnerability, designated CVE-2024-21944 and named “BadRAM,” that undermines the integrity of AMD’s Secure Encrypted Virtualization (SEV) technology. This security flaw permits malicious… Go to gbhackers.com
-
CVE-2024-11639 (CVSS 10) – Critical Flaw in Ivanti Cloud Services Application: Immediate Patch Recommended
CVE-2024-11639 (CVSS 10) – Critical Flaw in Ivanti Cloud Services Application: Immediate Patch Recommended Ivanti, a leading provider of IT management and security solutions, has released critical security updates for the Ivanti Cloud Services Application (CSA). These updates address vulnerabilities that could lead to… Go to gbhackers.com
-
Ivanti Connect Secure and Policy Secure Updates Address Critical Vulnerabilities
Ivanti Connect Secure and Policy Secure Updates Address Critical Vulnerabilities Ivanti, a leader in unified endpoint and enterprise service management, has issued patches for several high and critical vulnerabilities affecting its Connect Secure and Policy Secure solutions. These updates are… Go to gbhackers.com
-
UAC-0185 APT Leverages Social Engineering to Target Ukrainian Defense Industrial Base
UAC-0185 APT Leverages Social Engineering to Target Ukrainian Defense Industrial Base The Computer Emergency Response Team of Ukraine (CERT-UA) has issued a security advisory (CERT-UA#12414) detailing a sophisticated phishing campaign targeting organizations within Ukraine’s defense industrial base. The attacks, attributed to… Go to gbhackers.com
-
Microsoft Strengthens Default Security Posture Against NTLM Relay Attacks
Microsoft Strengthens Default Security Posture Against NTLM Relay Attacks Microsoft has announced significant enhancements to its default security configuration, aimed at mitigating the risk of NTLM relay attacks across its ecosystem. In a recent blog post, the company detailed… Go to gbhackers.com
-
Researcher Details CVE-2024-44131 – A Critical TCC Bypass in macOS and iOS
Researcher Details CVE-2024-44131 – A Critical TCC Bypass in macOS and iOS Jamf Threat Labs has identified a vulnerability in Apple’s Transparency, Consent, and Control (TCC) security framework. Designated as CVE-2024-44131, this flaw enables malicious applications to bypass user consent mechanisms and… Go to gbhackers.com
-
No Warning, No Data: Hetzner Terminates Kiwix Account Abruptly
No Warning, No Data: Hetzner Terminates Kiwix Account Abruptly A recent incident involving Hetzner, a well-known European cloud hosting provider, and Kiwix, a non-profit organization dedicated to offline access to Wikipedia, has brought to light critical considerations regarding cloud… Go to gbhackers.com
-
Exploiting CDN Integrations: A WAF Bypass Threatening Global Web Applications
Exploiting CDN Integrations: A WAF Bypass Threatening Global Web Applications In a recently disclosed analysis, Zafran’s research team has unveiled a pervasive misconfiguration vulnerability affecting some of the world’s largest web application firewall (WAF) vendors, including Akamai, Cloudflare, Fastly, and… Go to gbhackers.com
-
CVE-2024-52335 (CVSS 9.8): Siemens Healthineers Addresses Critical Flaw in Medical Imaging Software
CVE-2024-52335 (CVSS 9.8): Siemens Healthineers Addresses Critical Flaw in Medical Imaging Software Siemens Healthineers has released a critical security update to address an unauthenticated SQL injection vulnerability in its syngo.plaza VB30E medical imaging software. The vulnerability, identified as CVE-2024-52335 and assigned a… Go to gbhackers.com
-
How Can You Unblock Your IP Address in 5 Easy Ways?
How Can You Unblock Your IP Address in 5 Easy Ways? Method Quick Overview Restart Your Router Gets you a new IP address from your ISP Use a VPN Changes your IP address via a VPN server Use a Proxy Server… Go to gbhackers.com
-
CVE-2024-50623: Critical Vulnerability in Cleo Software Actively Exploited in the Wild
CVE-2024-50623: Critical Vulnerability in Cleo Software Actively Exploited in the Wild Huntress Labs has raised the alarm over the active exploitation of a critical vulnerability (CVE-2024-50623) in Cleo’s Harmony, VLTrader, and LexiCom software, commonly used for managing file transfers. Threat actors… Go to gbhackers.com
-
CVE-2024-47578 (CVSS 9.1): SAP Issues Critical Patch for NetWeaver AS for JAVA
CVE-2024-47578 (CVSS 9.1): SAP Issues Critical Patch for NetWeaver AS for JAVA SAP’s latest Security Patch Day, released today, detailed 10 new Security Notes alongside updates to three previously released notes. Among the newly disclosed vulnerabilities, multiple critical and high-priority flaws demand… Go to gbhackers.com
-
CVE-2024-54143: Critical Vulnerability in OpenWrt’s Attended SysUpgrade Server Allows for Firmware Poisoning
CVE-2024-54143: Critical Vulnerability in OpenWrt’s Attended SysUpgrade Server Allows for Firmware Poisoning OpenWrt, a popular open-source operating system for embedded devices, has disclosed a critical vulnerability (CVE-2024-54143) that could allow attackers to compromise the integrity of firmware updates delivered through its Attended… Go to gbhackers.com
-
CVE-2024-11205: WPForms Plugin Vulnerability Impacts 6 Million WordPress Sites
CVE-2024-11205: WPForms Plugin Vulnerability Impacts 6 Million WordPress Sites A critical vulnerability (CVE-2024-11205) discovered in WPForms, a prevalent WordPress form builder plugin with over 6 million active installations, exposed websites to significant financial risk. The vulnerability, assigned a CVSS… Go to gbhackers.com
-
Bulletproof Hosting: The Dark Infrastructure Behind Global Cybercrime
Bulletproof Hosting: The Dark Infrastructure Behind Global Cybercrime A recent report by the Knownsec 404 team highlights the pivotal role of bulletproof hosting services in facilitating global cybercriminal activities. These specialized hosting providers, often referred to as “dark… Go to gbhackers.com
-
International Operation Dismantles Phone Phishing Ring Targeting Vulnerable Individuals Across Europe
International Operation Dismantles Phone Phishing Ring Targeting Vulnerable Individuals Across Europe A sophisticated phone phishing operation targeting vulnerable individuals, primarily the elderly, has been dismantled in a joint operation conducted by Belgian and Dutch law enforcement agencies, with support from Europol… Go to gbhackers.com
-
Let’s Encrypt to Deprecate OCSP in Favor of CRLs, Enhancing User Privacy
Let’s Encrypt to Deprecate OCSP in Favor of CRLs, Enhancing User Privacy Let’s Encrypt, a leading certificate authority renowned for its commitment to a secure and privacy-respecting internet, has formally announced the deprecation of the Online Certificate Status Protocol (OCSP). This strategic… Go to gbhackers.com
-
FCC Takes Action to Strengthen Cybersecurity in Response to Salt Typhoon Cyberattack
FCC Takes Action to Strengthen Cybersecurity in Response to Salt Typhoon Cyberattack The Federal Communications Commission (FCC) is taking decisive action to bolster the cybersecurity of U.S. telecommunications networks in the wake of the Salt Typhoon cyberattack, a sophisticated intrusion attributed to… Go to gbhackers.com
-
CVE-2024-55563: Transaction-Relay Jamming Vulnerability Poses Threat to Bitcoin Lightning Network
CVE-2024-55563: Transaction-Relay Jamming Vulnerability Poses Threat to Bitcoin Lightning Network A recently disclosed vulnerability, identified as CVE-2024-55563, has revealed a critical security risk within the Bitcoin network’s transaction-relay mechanism, with potential implications for the stability and security of the Lightning… Go to gbhackers.com