no alarms and no surprises please..
-
BADBOX Botnet Rises Again: 192,000+ Android Devices Compromised
BADBOX Botnet Rises Again: 192,000+ Android Devices Compromised The BADBOX botnet is back and more dangerous than ever. Originally thought to have been dismantled, this cybercriminal operation has not only resurfaced but expanded, compromising over 192,000 Android-based devices… Go to gbhackers.com
-
Data Exfiltration and RCE Risks Found in Azure Data Factory’s Airflow Integration
Data Exfiltration and RCE Risks Found in Azure Data Factory’s Airflow Integration Unit 42 researchers have uncovered multiple vulnerabilities in Azure Data Factory’s managed Apache Airflow integration, potentially enabling attackers to achieve shadow administrator control, data exfiltration, and remote code execution. Apache… Go to gbhackers.com
-
High-Severity Vulnerabilities Fixed in Latest Chrome Release
High-Severity Vulnerabilities Fixed in Latest Chrome Release Google has released a crucial update for its Chrome browser, addressing five security vulnerabilities, several of which are rated as “High” severity. Users are strongly urged to update to the… Go to gbhackers.com
-
Fake CAPTCHAs Deliver Lumma Infostealer Malware in Massive Malvertising Campaign
Fake CAPTCHAs Deliver Lumma Infostealer Malware in Massive Malvertising Campaign A large-scale malvertising campaign analyzed by Guardio Labs exposes how fake CAPTCHA prompts are used to deliver the Lumma infostealer malware. This sophisticated operation highlights the dark side of Internet… Go to gbhackers.com
-
Interpol: Can We Drop the Term ‘Pig Butchering’?
Interpol: Can We Drop the Term ‘Pig Butchering’? The agency asks the cybersecurity community to adopt “romance baiting” in place of dehumanizing language. Becky Bracken, Senior Editor, Dark Reading Go to gbhackers.com
-
Recorded Future: Russia’s ‘Undesirable’ Designation Is a Compliment
Recorded Future: Russia’s ‘Undesirable’ Designation Is a Compliment The threat intelligence business, which is set to be acquired by Mastercard for billions, is officially vendor non grata in Putin’s regime. Tara Seals, Managing Editor, News, Dark Reading Go to gbhackers.com
-
Phishers Spoof Google Calendar Invites in Fast-Spreading, Global Campaign
Phishers Spoof Google Calendar Invites in Fast-Spreading, Global Campaign Attackers are using links to the popular Google scheduling app to lead users to pages that steal credentials, with the ultimate goal of committing financial fraud. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com
-
Wallarm Releases API Honeypot Report Highlighting API Attack Trends
Wallarm Releases API Honeypot Report Highlighting API Attack Trends Go to gbhackers.com
-
The Importance of Empowering CFOs Against Cyber Threats
The Importance of Empowering CFOs Against Cyber Threats Working closely with CISOs, chief financial officers can become key players in protecting their organizations’ critical assets and ensuring long-term financial stability. Shai Gabay Go to gbhackers.com
-
Midnight Blizzard Taps Phishing Emails, Rogue RDP Nets
Midnight Blizzard Taps Phishing Emails, Rogue RDP Nets The Russian-based attack group uses legitimate red-team tools, 200 domain names, and 34 back-end RDP servers, making it harder to identify and block malicious activity. Jai Vijayan, Contributing Writer Go to gbhackers.com
-
Wald.ai Launches Data Loss Protection for AI Platforms
Wald.ai Launches Data Loss Protection for AI Platforms The cybersecurity startup’s data loss protection platform uses contextual redaction to help organizations safely use private business information across AI platforms. Fahmida Y. Rashid Go to gbhackers.com
-
Earth Koshchei Employs RDP Relay, Rogue RDP server in Server Attacks
Earth Koshchei Employs RDP Relay, Rogue RDP server in Server Attacks A new cyber campaign by the advanced persistent threat (APT) group Earth Koshchei has brought rogue Remote Desktop Protocol (RDP) attacks to the forefront… Go to gbhackers.com
-
Careto – A legendary Threat Group Targets Windows By Deploy Microphone Recorder And Steal…
Careto – A legendary Threat Group Targets Windows By Deploy Microphone Recorder And Steal… Recent research has linked a series of cyberattacks to The Mask group, as one notable attack targeted a Latin American organization in 2022, where… Go to gbhackers.com
-
RiseLoader Attack Windows By Employed A VMProtect To Drop Multiple Malware Families
RiseLoader Attack Windows By Employed A VMProtect To Drop Multiple Malware Families RiseLoader, a new malware family discovered in October 2024, leverages a custom TCP-based binary protocol similar to RisePro for downloading and executing second-stage payloads. Despite… Go to gbhackers.com
-
1-Click RCE Attack In Kerio Control UTM Allow Attackers Gain Firewall Root Access Remotely
1-Click RCE Attack In Kerio Control UTM Allow Attackers Gain Firewall Root Access Remotely GFI Software’s Kerio Control, a popular UTM solution, was found to be vulnerable to multiple HTTP Response Splitting vulnerabilities, which affecting versions 9.2.5 through… Go to gbhackers.com
-
Azure Data Factory And Apache Airflow Integration Flaws Let Attackers Gain Write Access
Azure Data Factory And Apache Airflow Integration Flaws Let Attackers Gain Write Access Researchers have uncovered vulnerabilities in Microsoft Azure Data Factory’s integration with Apache Airflow, which could potentially allow attackers to gain unauthorized access and control… Go to gbhackers.com
-
NVIDIA shares fix for game performance issues with new NVIDIA App
NVIDIA shares fix for game performance issues with new NVIDIA App Nvidia has shared a temporary fix for a known issue impacting systems running its recently unveiled NVIDIA App and causing gaming performance to drop by up to 15%. […] Sergiu Gatlan Go to bleepingcomputer
-
‘Bitter’ cyberspies target defense orgs with new MiyaRAT malware
‘Bitter’ cyberspies target defense orgs with new MiyaRAT malware A cyberespionage threat group known as ‘Bitter’ was observed targeting defense organizations in Turkey using a novel malware family named MiyaRAT. […] Bill Toulas Go to bleepingcomputer
-
New fake Ledger data breach emails try to steal crypto wallets
New fake Ledger data breach emails try to steal crypto wallets A new Ledger phishing campaign is underway that pretends to be a data breach notification asking you to verify your recovery phrase, which is then stolen and used to steal your cryptocurrency. […] Lawrence Abrams Go to bleepingcomputer
-
CISA orders federal agencies to secure Microsoft 365 tenants
CISA orders federal agencies to secure Microsoft 365 tenants CISA has issued this year’s first binding operational directive (BOD 25-01), ordering federal civilian agencies to secure their Microsoft 365 cloud environments by implementing a list of required configuration baselines. […] Sergiu Gatlan Go to bleepingcomputer
-
New critical Apache Struts flaw exploited to find vulnerable servers
New critical Apache Struts flaw exploited to find vulnerable servers A recently patched critical Apache Struts 2 vulnerability tracked as CVE-2024-53677 is actively exploited using public proof-of-concept exploits to find vulnerable devices. […] Bill Toulas Go to bleepingcomputer
-
TR-24-1891 (Mobil365 Bilişim Teknolojileri – SAHA365 Uygulaması Güvenlik Bildirimi)
TR-24-1891 (Mobil365 Bilişim Teknolojileri – SAHA365 Uygulaması Güvenlik Bildirimi) Go to usom.gov
-
TR-24-1890 (Mobil365 Bilişim Teknolojileri – SAHA365 Uygulaması Güvenlik Bildirimi)
TR-24-1890 (Mobil365 Bilişim Teknolojileri – SAHA365 Uygulaması Güvenlik Bildirimi) Go to usom.gov
-
TR-24-1889 (NextGeography – NG Analyser Güvenlik Bildirimi)
TR-24-1889 (NextGeography – NG Analyser Güvenlik Bildirimi) Go to usom.gov
-
TR-24-1888 (Digital Operasyon Hizmetleri – WiFiBurada Güvenlik Bildirimi)
TR-24-1888 (Digital Operasyon Hizmetleri – WiFiBurada Güvenlik Bildirimi) Go to usom.gov
-
TR-24-1887 (Siemens Çoklu Ürün Güvenlik Bildirimi)
TR-24-1887 (Siemens Çoklu Ürün Güvenlik Bildirimi) Go to usom.gov
-
Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts
Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts Meta Platforms, the parent company of Facebook, Instagram, WhatsApp, and Threads, has been fined €251 million (around $263 million) for a 2018 data breach that impacted millions of users in the bloc, in what’s the latest financial hit the company has taken for…
-
Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected
Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution. The issue, tracked as CVE-2024-53677, carries a CVSS score of 9.5 out of 10.0, indicating critical severity. The vulnerability shares similarities with…
-
Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware
Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. “An attacker used social engineering via a Microsoft Teams call to impersonate a user’s client and gain remote access to their system,” Trend…
-
Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks
Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks A new phishing campaign has been observed employing tax-themed lures to deliver a stealthy backdoor payload as part of attacks targeting Pakistan. Cybersecurity company Securonix, which is tracking the activity under the name FLUX#CONSOLE, said it likely starts with a phishing email link…
-
Even Great Companies Get Breached — Find Out Why and How to Stop It
Even Great Companies Get Breached — Find Out Why and How to Stop It Even the best companies with the most advanced tools can still get hacked. It’s a frustrating reality: you’ve invested in the right solutions, trained your team, and strengthened your defenses. But breaches still happen. So, what’s going wrong? The truth is,…
-
Discover the Advanced Techniques and Capabilities of Nova: A Snake Keylogger Fork
Discover the Advanced Techniques and Capabilities of Nova: A Snake Keylogger Fork Nova, a newly discovered fork of the infamous Snake Keylogger family, is a growing challenge in cybersecurity. According to research conducted by ANY.RUN, this variant employs advanced techniques to steal… Go to gbhackers.com
-
Hacking Digital License Plates
Hacking Digital License Plates Not everything needs to be digital and “smart.” License plates, for example: Josep Rodriguez, a researcher at security firm IOActive, has revealed a technique to “jailbreak” digital license plates sold by Reviver, the leading vendor of those plates in the US with 65,000 plates already sold. By removing a sticker on…
-
RCE and DoS Vulnerabilities Addressed in Apache Tomcat: CVE-2024-50379 and CVE-2024-54677
RCE and DoS Vulnerabilities Addressed in Apache Tomcat: CVE-2024-50379 and CVE-2024-54677 The Apache Software Foundation has released important security updates to address two vulnerabilities in Apache Tomcat, a widely-used open-source web server, and servlet container. One of the vulnerabilities could allow… Go to gbhackers.com
-
CVE-2024-53376: CyberPanel Flaw Exposes Systems to Full Compromise, PoC Published
CVE-2024-53376: CyberPanel Flaw Exposes Systems to Full Compromise, PoC Published Security researcher Thanatos has uncovered a critical vulnerability (CVE-2024-53376) in CyberPanel, a popular web hosting control panel, that could allow attackers to completely compromise servers. Versions of CyberPanel prior to… Go to gbhackers.com
-
New Malware “I2PRAT” Exploits Anonymous I2P Network for Stealthy Command and Control
New Malware “I2PRAT” Exploits Anonymous I2P Network for Stealthy Command and Control A new malware campaign, identified as I2PRAT (I2P Remote Access Trojan), is raising the bar for cybercriminals’ ability to evade detection. Detailed in a report by Banu Ramakrishnan, a Malware… Go to gbhackers.com
-
CVE-2024-55949 (CVSS 9.3): Critical MinIO Flaw Allows Any User to Gain Full Admin Privileges
CVE-2024-55949 (CVSS 9.3): Critical MinIO Flaw Allows Any User to Gain Full Admin Privileges A newly discovered vulnerability in MinIO, the popular open-source object storage platform, could allow any user to escalate their privileges to the administrator level, posing a significant risk to data… Go to gbhackers.com
-
HiatusRAT Campaign Targets Web Cameras and DVRs: FBI Warns of Rising IoT Exploits
HiatusRAT Campaign Targets Web Cameras and DVRs: FBI Warns of Rising IoT Exploits The FBI, in collaboration with CISA, has issued a new alert regarding the HiatusRAT malware campaign. The latest iteration of the campaign has shifted its focus to Internet of Things… Go to gbhackers.com
-
Thai Police Systems Under Fire From ‘Yokai’ Backdoor
Thai Police Systems Under Fire From ‘Yokai’ Backdoor Hackers are abusing legitimate Windows utilities to target Thai law enforcement with a novel malware that is a mix of sophistication and amateurishness. Nate Nelson, Contributing Writer Go to gbhackers.com
-
The AI Fix #29: AI on OnlyFans, and the bot that wants to be a billionaire
The AI Fix #29: AI on OnlyFans, and the bot that wants to be a billionaire In episode 29 of The AI Fix, an AI company makes the bold step of urging us to “stop hiring humans”, Graham is wrong about GB AI, parents prepare their kids for the imminent Moxie-mageddon, Google releases Gemini 2.0,…
-
Texas Tech Fumbles Medical Data in Massive Breach
Texas Tech Fumbles Medical Data in Massive Breach The cyberattack impacts at least 1.4 million patients, as tranches of highly sensitive personal, medical, and financial data fall into the hands of cyber crooks who have everything they need to carry out convincing social engineering and fraud attacks. Tara Seals, Managing Editor, News, Dark Reading Go…
-
CISA Directs Federal Agencies to Secure Cloud Environments
CISA Directs Federal Agencies to Secure Cloud Environments Actions direct agencies to deploy specific security configurations to reduce cyber-risk. Go to gbhackers.com
-
Delinea Joins CVE Numbering Authority Program
Delinea Joins CVE Numbering Authority Program Go to gbhackers.com
-
Azure Data Factory Bugs Expose Cloud Infrastructure
Azure Data Factory Bugs Expose Cloud Infrastructure Three vulnerabilities in the service’s Apache Airflow integration could have allowed attackers to take shadow administrative control over an enterprise cloud infrastructure, gain access to and exfiltrate data, and deploy malware. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com
-
CompTIA Xpert Series Expands With SecurityX Professional Certification
CompTIA Xpert Series Expands With SecurityX Professional Certification Program designed to validate and sharpen cybersecurity skills for working professionals. Go to gbhackers.com
-
To Defeat Cybercriminals, Understand How They Think
To Defeat Cybercriminals, Understand How They Think Getting inside the mind of a threat actor can help security pros understand how they operate and what they’re looking for — in essence, what makes a soft target. Ben Barrontine Go to gbhackers.com
-
DLL Side-Loading Strikes Again: Yokai Backdoor Bypasses Security
DLL Side-Loading Strikes Again: Yokai Backdoor Bypasses Security Cybersecurity researchers from Netskope have uncovered a new side-loaded backdoor, dubbed Yokai, targeting Thai officials through decoy documents and a legitimate application. This campaign highlights the continued use of DLL… Go to gbhackers.com
-
Why Merchant Management Software is a Must-Have for Modern Banks and Payment Service Providers
Why Merchant Management Software is a Must-Have for Modern Banks and Payment Service Providers In today’s rapidly evolving financial ecosystem, banks and payment service providers (PSPs) face increasing demands for efficiency, scalability, and compliance. Merchant management software has emerged as a critical tool to… Go to gbhackers.com
-
BlackBerry to Sell Cylance to Arctic Wolf
BlackBerry to Sell Cylance to Arctic Wolf Arctic Wolf plans to integrate Cylance’s EDR technology into its XDR platform. Fahmida Y. Rashid Go to gbhackers.com
-
Beware of Malicious Ads on Captcha Pages that Deliver Password Stealers
Beware of Malicious Ads on Captcha Pages that Deliver Password Stealers Malicious actors have taken cybercrime to new heights by exploiting captcha verification pages, a typically harmless security feature, to launch large-scale malware distribution campaigns…. Go to gbhackers.com
-
Hitachi Authentication Bypass Vulnerability Allows Attackers to Hack the System Remotely
Hitachi Authentication Bypass Vulnerability Allows Attackers to Hack the System Remotely Critical Authentication Bypass Vulnerability Identified in Hitachi Infrastructure Analytics Advisor and Ops Center Analyzer.A severe vulnerability has been discovered in Hitachi’s Infrastructure Analytics Advisor… Go to gbhackers.com
-
ConnectOnCall Data Breach, 900,000 Customers Data Exposed
ConnectOnCall Data Breach, 900,000 Customers Data Exposed The healthcare communication platform ConnectOnCall, operated by ConnectOnCall.com, LLC, has confirmed a significant data breach that compromised the personal information of 900,000 patients and… Go to gbhackers.com
-
Kali Linux 2024.4 Released – What’s New!
Kali Linux 2024.4 Released – What’s New! Kali Linux has unveiled its final release for 2024, version Kali Linux 2024.4, packed with notable updates, including new tools and enhancements.This highly… Go to gbhackers.com
-
CISA Warns of Adobe & Windows Kernel Driver Vulnerabilities Exploited in Attacks
CISA Warns of Adobe & Windows Kernel Driver Vulnerabilities Exploited in Attacks The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert, adding two significant vulnerabilities to its Known Exploited Vulnerabilities Catalog.These vulnerabilities,… Go to gbhackers.com
-
FBI spots HiatusRAT malware attacks targeting web cameras, DVRs
FBI spots HiatusRAT malware attacks targeting web cameras, DVRs The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. […] Sergiu Gatlan Go to bleepingcomputer
-
Texas Tech University System data breach impacts 1.4 million patients
Texas Tech University System data breach impacts 1.4 million patients The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data of 1.4 million patients. […] Bill Toulas Go to bleepingcomputer
-
Kali Linux 2024.4 released with 14 new tools, deprecates some features
Kali Linux 2024.4 released with 14 new tools, deprecates some features Kali Linux has released version 2024.4, the fourth and final version of 2024, and it is now available with fourteen new tools, numerous improvements, and deprecates some features. […] Lawrence Abrams Go to bleepingcomputer
-
Windows kernel bug now exploited in attacks to gain SYSTEM privileges
Windows kernel bug now exploited in attacks to gain SYSTEM privileges CISA has warned U.S. federal agencies to secure their systems against ongoing attacks targeting a high-severity Windows kernel vulnerability. […] Sergiu Gatlan Go to bleepingcomputer
-
Malicious ads push Lumma infostealer via fake CAPTCHA pages
Malicious ads push Lumma infostealer via fake CAPTCHA pages A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not a bot. […] Bill Toulas Go to bleepingcomputer
-
DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages
DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of a malvertising-driven information stealer campaign dubbed DeceptionAds. “Entirely reliant on a single ad network for propagation,…
-
NoviSpy Spyware Installed on Journalist’s Phone After Unlocking It With Cellebrite Tool
NoviSpy Spyware Installed on Journalist’s Phone After Unlocking It With Cellebrite Tool A Serbian journalist had his phone first unlocked by a Cellebrite tool and subsequently compromised by a previously undocumented spyware codenamed NoviSpy, according to a new report published by Amnesty International. “NoviSpy allows for capturing sensitive personal data from a target’s phone after…
-
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips This past week has been packed with unsettling developments in the world of cybersecurity. From silent but serious attacks on popular business tools to unexpected flaws lurking in everyday devices, there’s a lot that might have flown under your radar. Attackers are adapting old tricks,…
-
Data Governance in DevOps: Ensuring Compliance in the AI Era
Data Governance in DevOps: Ensuring Compliance in the AI Era With the evolution of modern software development, CI/CD pipeline governance has emerged as a critical factor in maintaining both agility and compliance. As we enter the age of artificial intelligence (AI), the importance of robust pipeline governance has only intensified. With that said, we’ll explore…
-
New Investment Scam Leverages AI, Social Media Ads to Target Victims Worldwide
New Investment Scam Leverages AI, Social Media Ads to Target Victims Worldwide Cybersecurity researchers are calling attention to a new kind of investment scam that leverages a combination of social media malvertising, company-branded posts, and artificial intelligence (AI) powered video testimonials featuring famous personalities, ultimately leading to financial and data loss. “The main goal of…
-
Short-Lived Certificates Coming to Let’s Encrypt
Short-Lived Certificates Coming to Let’s Encrypt Starting next year: Our longstanding offering won’t fundamentally change next year, but we are going to introduce a new offering that’s a big shift from anything we’ve done before—short-lived certificates. Specifically, certificates with a lifetime of six days. This is a big upgrade for the security of the TLS…
-
CVE-2024-49112 (CVSS 9.8): Critical Windows LDAP Flaw Puts Networks at Risk of Remote Takeover
CVE-2024-49112 (CVSS 9.8): Critical Windows LDAP Flaw Puts Networks at Risk of Remote Takeover Microsoft has disclosed a critical Remote Code Execution (RCE) vulnerability in its Lightweight Directory Access Protocol (LDAP) service, tracked as CVE-2024-49112. Released as part of the company’s December Patch Tuesday… Go to gbhackers.com
-
Zero-Click HomeKit Exploit Used to Spy on Serbian Journalists
Zero-Click HomeKit Exploit Used to Spy on Serbian Journalists A new report by Amnesty International reveals that NSO Group’s Pegasus spyware was used to target iPhones belonging to Serbian journalists and activists. The attacks were conducted using a zero-click… Go to gbhackers.com
-
Hackers exploit critical Apache Struts RCE flaw (CVE-2024-53677) after PoC exploit release
Hackers exploit critical Apache Struts RCE flaw (CVE-2024-53677) after PoC exploit release Threat actors have begun exploiting a critical vulnerability in the Apache Struts framework, CVE-2024-53677, just days after a proof-of-concept (PoC) exploit was published online. Rated 9.5 on the CVSSv4 severity… Go to gbhackers.com
-
CVE-2024-55661: RCE Vulnerability Discovered in Laravel Pulse Monitoring Tool
CVE-2024-55661: RCE Vulnerability Discovered in Laravel Pulse Monitoring Tool A serious security flaw has been discovered in Laravel Pulse, a popular real-time application performance monitoring and dashboard tool for Laravel applications. Tracked as CVE-2024-55661, this vulnerability could allow authenticated… Go to gbhackers.com
-
Threat Actors Exploit Fake Brand Collaborations to Target YouTube Channels
Threat Actors Exploit Fake Brand Collaborations to Target YouTube Channels A recent report from CloudSek’s Threat Researcher Team exposes a highly sophisticated phishing campaign that targets popular YouTube channels through fraudulent brand collaboration offers. Threat actors behind this scheme employ… Go to gbhackers.com
-
Rydox cybercrime marketplace seized by law enforcement, suspected admins arrested
Rydox cybercrime marketplace seized by law enforcement, suspected admins arrested Rydox, an online marketplace used by cybercriminals to sell hacked personal information and tools to commit fraud, has been seized in an international law enforcement operation and its suspected administrators arrested. Read more in my article on the Hot for Security blog. Graham Cluley Go…
-
Does Desktop AI Come With a Side of Risk?
Does Desktop AI Come With a Side of Risk? Artificial intelligence capabilities are coming to a desktop near you — with Microsoft 365 Copilot, Google Gemini with Project Jarvis, and Apple Intelligence all arriving (or having arrived). But what are the risks? Robert Lemos, Contributing Writer Go to gbhackers.com
-
Citizen Development Moves Too Fast for Its Own Good
Citizen Development Moves Too Fast for Its Own Good While low-code/no-code tools can speed up application development, sometimes it’s worth taking a slower approach for a safer product. Michael Bargury Go to gbhackers.com
-
The Education Industry: Why Its Data Must Be Protected
The Education Industry: Why Its Data Must Be Protected The sector must prioritize comprehensive data protection strategies to safeguard PII in an aggressive threat environment. Vichai Levy Go to gbhackers.com
-
Microsoft Teams Vishing Spreads DarkGate RAT
Microsoft Teams Vishing Spreads DarkGate RAT A thwarted attack demonstrates that threat actors using yet another delivery method for the malware, which already has been spread using phishing emails, malvertising, hijacking of instant messages, and SEO poisoning. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com
-
Clop ransomware claims responsibility for Cleo data theft attacks
Clop ransomware claims responsibility for Cleo data theft attacks The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo data-theft attacks, utilizing zero-day exploits to breach corporate networks and steal data. […] Lawrence Abrams Go to bleepingcomputer
-
Winnti hackers target other threat actors with new Glutton PHP backdoor
Winnti hackers target other threat actors with new Glutton PHP backdoor The Chinese Winnti hacking group is using a new PHP backdoor named ‘Glutton’ in attacks on organizations in China and the U.S., and also in attacks on other cybercriminals. […] Bill Toulas Go to bleepingcomputer
-
Hackers Hack Hackers: MUT-1244 Steals Credentials in Deceptive GitHub Attack
Hackers Hack Hackers: MUT-1244 Steals Credentials in Deceptive GitHub Attack According to Datadog Security Labs, a cybercriminal group known as MUT-1244 has launched a sophisticated attack campaign that successfully compromised not only regular users but also other hackers and security… Go to gbhackers.com
-
Ukrainian Minors Recruited for Cyber Ops and Reconnaissance in Russian Airstrikes
Ukrainian Minors Recruited for Cyber Ops and Reconnaissance in Russian Airstrikes The Security Service of Ukraine (SBU or SSU) has exposed a novel espionage campaign suspected to be orchestrated by Russia’s Federal Security Service (FSB) that involves recruiting Ukrainian minors for criminal activities under the guise of “quest games.” Law enforcement officials said that it…
-
OpenAI Services Hit by Major Outage Due to Telemetry Service Deployment
OpenAI Services Hit by Major Outage Due to Telemetry Service Deployment OpenAI experienced a significant service disruption on December 11, 2024, impacting all its services, including ChatGPT, the API, and Sora. The outage, lasting over four hours, was caused by a… Go to gbhackers.com
-
CVE-2024-38819: Spring Framework Path Traversal PoC Exploit Released
CVE-2024-38819: Spring Framework Path Traversal PoC Exploit Released A critical vulnerability in the Spring Framework, tracked as CVE-2024-38819 (CVSS score 7.5), has been publicly disclosed, along with a proof-of-concept (PoC) exploit. This flaw allows attackers to conduct path… Go to gbhackers.com
-
Open Sesame Attack: Ruijie Networks Devices Vulnerable to Remote Takeover
Open Sesame Attack: Ruijie Networks Devices Vulnerable to Remote Takeover In a critical revelation highlighting the vulnerabilities of IoT ecosystems, Team82 has published a report detailing 10 security flaws in Ruijie Networks’ Reyee cloud management platform and its associated Reyee… Go to gbhackers.com
-
CVE-2024-45337: Golang Crypto Library Flawed, Risks Authorization Bypass
CVE-2024-45337: Golang Crypto Library Flawed, Risks Authorization Bypass A critical security vulnerability, tracked as CVE-2024-45337 (CVSS 9.1), has been discovered in the Golang cryptography library. This flaw stems from the misuse of the ServerConfig.PublicKeyCallback function, potentially leading to authorization… Go to gbhackers.com
-
Russian APT “Secret Blizzard” Leverages Cybercriminal Tools in Ukraine Attacks
Russian APT “Secret Blizzard” Leverages Cybercriminal Tools in Ukraine Attacks A new report from Microsoft Threat Intelligence reveals that the Russian state-sponsored threat actor known as Secret Blizzard (also tracked as Turla, Waterbug, Venomous Bear, Snake, Turla Team, and Turla… Go to gbhackers.com
-
Google Ads Abused in Graphic Design Malvertising Attack
Google Ads Abused in Graphic Design Malvertising Attack Silent Push Threat Analysts have revealed a widespread malvertising campaign exploiting Google Ads to target graphic design professionals. This ongoing operation, active since November, utilizes domains hosted on dedicated IP… Go to gbhackers.com
-
Weekly Update 430
Weekly Update 430 I’m back in Oslo! Writing this the day after recording, it feels like I couldn’t be further from Dubai; the temperature starts with a minus, it’s snowing and there’s not a supercar in sight. Back on business, this week I’m talking about the challenge of loading breaches and managing costs. A breach…
-
“Password Era is Ending,” Microsoft to Delete 1 Billion Passwords
“Password Era is Ending,” Microsoft to Delete 1 Billion Passwords Microsoft has announced that it is currently blocking an astounding 7,000 password attacks every second, nearly double the rate from just a year ago.This… Go to gbhackers.com
-
Over 300,000 Prometheus Servers Vulnerable to DoS Attacks Due to RepoJacking Exploit
Over 300,000 Prometheus Servers Vulnerable to DoS Attacks Due to RepoJacking Exploit The research identified vulnerabilities in Prometheus, including information disclosure from exposed servers, DoS risks from pprof endpoints, and potential code execution threats, which could… Go to gbhackers.com
-
Reyee OS IoT Devices Compromised: Over-The-Air Attack Bypasses Wi-Fi Logins
Reyee OS IoT Devices Compromised: Over-The-Air Attack Bypasses Wi-Fi Logins Researchers discovered multiple vulnerabilities in Ruijie Networks’ cloud-connected devices. By exploiting these vulnerabilities, attackers can remotely compromise access points, gain unauthorized access to internal… Go to gbhackers.com
-
New Android Banking Malware Attacking Indian Banks To Steal Login Credentials
New Android Banking Malware Attacking Indian Banks To Steal Login Credentials Researchers have discovered a new Android banking trojan targeting Indian users, and this malware disguises itself as essential utility services to trick users into… Go to gbhackers.com
-
390,000 WordPress accounts stolen from hackers in supply chain attack
390,000 WordPress accounts stolen from hackers in supply chain attack A threat actor tracked as MUT-1244 has stolen over 390,000 WordPress credentials in a large-scale, year-long campaign targeting other threat actors using a trojanized WordPress credentials checker. […] Sergiu Gatlan Go to bleepingcomputer
-
Citrix Alerts on Global Password Spraying Campaigns Targeting NetScaler Appliances
Citrix Alerts on Global Password Spraying Campaigns Targeting NetScaler Appliances Citrix has issued an advisory highlighting an increase in password spraying attacks aimed at NetScaler appliances worldwide. These attacks exploit authentication endpoints, causing significant operational disruptions for targeted organizations. Unlike… Go to gbhackers.com
-
Germany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole Action
Germany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole Action Germany’s Federal Office of Information Security (BSI) has announced that it has disrupted a malware operation called BADBOX that came preloaded on at least 30,000 internet-connected devices sold across the country. In a statement published earlier this week, authorities said they severed the communications between…
-
Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques
Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques Thai government officials have emerged as the target of a new campaign that leverages a technique called DLL side-loading to deliver a previously undocumented backdoor dubbed Yokai. “The target of the threat actors were Thailand officials based on the nature of the lures,” Nikhil…
-
Upcoming Speaking Events
Upcoming Speaking Events This is a current list of where and when I am scheduled to speak: I’m speaking at a joint meeting of the Boston Chapter of the IEEE Computer Society and GBC/ACM, in Boston, Massachusetts, USA, at 7:00 PM ET on Thursday, January 9, 2025. The event will take place at the Massachusetts…
-
CVE-2024-11053 (CVSS 9.1): Curl Vulnerability Exposes User Credentials in Redirects
CVE-2024-11053 (CVSS 9.1): Curl Vulnerability Exposes User Credentials in Redirects A recently discovered vulnerability in the popular curl command line tool and library, tracked as CVE-2024-11053 and assigned a CVSS score of 9.1, could lead to the unintended exposure of… Go to gbhackers.com
-
New Android Banking Trojan Targets Indian Users Through Fake Apps
New Android Banking Trojan Targets Indian Users Through Fake Apps McAfee Labs has revealed the discovery of a new Android banking trojan targeting Indian users, exploiting the country’s dependence on utility and banking apps to steal sensitive financial information. This… Go to gbhackers.com
-
Critical Microsoft Azure MFA Bypass Exposed: What You Need to Know
Critical Microsoft Azure MFA Bypass Exposed: What You Need to Know Oasis Security’s research team has unveiled a critical vulnerability in Microsoft Azure’s Multi-Factor Authentication (MFA) system, exposing millions of users to potential breaches. The bypass technique allows attackers to gain… Go to gbhackers.com
-
IOCONTROL Malware: CyberAv3ngers’ Weapon of Choice Targets Critical Infrastructure
IOCONTROL Malware: CyberAv3ngers’ Weapon of Choice Targets Critical Infrastructure A sophisticated malware strain dubbed “IOCONTROL” has emerged as a significant threat to industrial control systems (ICS) and Internet of Things (IoT) devices, particularly in Israel and the United States…. Go to gbhackers.com
-
Auto parts giant LKQ says cyberattack disrupted Canadian business unit
Auto parts giant LKQ says cyberattack disrupted Canadian business unit Automobile parts giant LKQ Corporation disclosed that one of its business units in Canada was hacked, allowing threat actors to steal data from the company. […] Lawrence Abrams Go to bleepingcomputer