Tag: GBHackers – Latest Cyber Security News | Hacker News

The build and shared components on the CPUs are exploited by a method called Collide+Power. This attack vector does not target specific programs but the hardware itself. Advanced software-based power side channels echoed the discovery of Meltdown and Spectre vulnerability,…

Read more →

The United States Director of the Cybersecurity and Infrastructure Security Agency (CISA) released a warning on Friday about the active exploitation of Ivanti EPMM (formerly MobileIron Core) Vulnerabilities. CVE-2023-35078 is a critical vulnerability affecting Ivanti Endpoint Manager Mobile (EPMM). The…

Read more →

The updated Burp suite scanner has new add-on features and bug fixes that enhance the scanning process’s overall performance. Burp Suite is an integrated platform/graphical tool for performing security testing of web applications. On 27 July 2023, Portswigger released all…

Read more →

The Italian organizations, including tax agencies, were targeted by a new malware downloader delivering banking Trojan. The new loader malware is presently undergoing active development, employing a diverse array of sophisticated mechanisms to evade detection effectively. This new loader malware…

Read more →

According to reports, a new Android malware is circulating under the guise of a fake chat application that is being distributed through WhatsApp. This malware is discovered to belong to the APT Bahamut and has some footprints of tactics used…

Read more →

High-profile ransomware attacks on corporations like Kaseya, Colonial Pipeline, and MOVEit may lead to the misconception that only large organizations are targeted. However, the fact is that underestimating the risk due to focusing on large organizations may increase your vulnerability…

Read more →

Microsoft is held accountable for its poor cybersecurity procedures, which let China carry out a successful espionage campaign against the US government. In a letter to the directors of the Department of Justice, Federal Trade Commission (FTC), and Cybersecurity and…

Read more →

A new Android malware strain uses OCR (Optical Character Recognition) techniques to extract sensitive data from pictures. This new Android malware strain is dubbed “CherryBlos,” and along with this malware strain, another malware was also discovered that is dubbed “FakeTrade.”…

Read more →

The communications systems of 17 Air Force stations were concerned about “critical compromise” after $90,000 in federal radio technology had been stolen by a Tennessee-based engineer. According to the warrant that Forbes was able to obtain, the breach could potentially…

Read more →

Whether you’re a large or small business, network security is something you can’t ignore. Threat actors can and will, infiltrate businesses of any size wreaking havoc on computer systems, maliciously encrypting data, and in some cases completely destroying a company’s…

Read more →

In 2022, the detection of zero-day exploits in the wild decreased by 40% compared to the previous year.  41 in-the-wild 0-days were detected, the second-highest count since 2014, but lower than the 69 found in 2021. While a 40% drop…

Read more →

Apache Tomcat, a free and open-source server, supports Jakarta Servlet, Expression Language, and WebSocket technologies, providing a “pure Java” HTTP web server environment. Apache Tomcat dominates with nearly 50% developer adoption, and it’s widely used in the following developments:- Aqua’s…

Read more →

The latest research discovered malvertising campaigns abusing Google and Bing ads to target users seeking certain IT tools and deploying ransomware. This campaign targets several organizations in the technology and non-profit sectors in North America.  This campaign exhibits similar features…

Read more →

By offering a rapid and secure way to share your voice, audio messaging on WhatsApp revolutionized how people communicate. Now that WhatsApp has introduced instant ‘video messages’, you may record and share short personal videos directly in the chat. This…

Read more →

According to recent sources, threat actors have been working on a new variant of cross-platform ransomware that is named “Akira”. Akira was introduced to the cybersecurity sector in March 2023, which targets several financial institutions and organisations for stealing sensitive…

Read more →

Reports indicate that there have been three critical flaws including DDoS and Remote code execution discovered in the Microsoft Message Queuing Service (MMQS). These vulnerabilities existed in the message parser header that allowed unsanitized crafted message-headed inputs in one of…

Read more →

SolarWinds announces the release of SolarWinds Platform 2023.3, which includes new features and platform upgrades. Further, the release notes detail the issues that were resolved in the version. The company announced end-of-life plans for modules based on Orion Platform 2020.2.6…

Read more →

A new edition of the “VirusTotal Malware Trends Report” series, which focuses mostly on “Emerging Formats and Delivery Techniques,” has been published by VirusTotal to understand the nature of malicious attacks better. A representative subset of user submissions from January…

Read more →

According to reports, a privilege escalation vulnerability has been found in Ubuntu systems within the OverlayFS module. OverlayFS is a Linux filesystem that has been widely used in containers. OverlayFS allows the deployment of dynamic filesystems with respect to the…

Read more →

Based on recent reports, it was discovered that there has been info stealer malware that affects both Windows and macOS platforms. The malware can steal crypto wallets, passwords, and browser data. This new variant of malware is found to be…

Read more →

Recent reports suggest that threat actors have been spreading malicious Microsoft Visual Studio, a highly familiar Integrated Development Environment (IDE) used by several developers worldwide. Recently, cybercriminals have been targeting the familiar IDE, Microsoft Visual Studio, with malicious software. This…

Read more →

Data is a critical asset in today’s digital business landscape. The loss of crucial information can result in severe financial damages and harm to a company’s reputation. Protecting your company from data loss involves implementing proactive measures to secure data…

Read more →

The CRS v3.3.5 release has been announced by the OWASP ModSecurity Core Rule Set (CRS) team. The OWASP ModSecurity Core Rule Set (CRS) is a set of general attack detection rules that may be used with ModSecurity or other compatible…

Read more →

A new tool called FraudGPT has been launched by cybercriminals which pose a serious threat to both individuals and businesses. This black-hat-based tool is capable of executing social engineering and Business Email Compromise (BEC) attacks, making it a real cause…

Read more →

MikroTik RouterOS were vulnerable to a privilege escalation vulnerability which was first disclosed in June 2022 at REcon. The vulnerability existed on the x86 Virtual Machines of RouterOS, where a root shell can be obtained. However, the new CVE for…

Read more →

The CPUs that are based on x86-64 architecture feature XMM registers (128-bit), recently extended to 256-bit (YMM) and 512-bit (ZMM) for greater capacity. Beyond number crunching, the large registers (YMM and ZMM) are employed in various scenarios, including standard C…

Read more →

Reports indicate that a Smishing campaign was conducted against Japanese Android users under the name of a Japanese Power and Water Infrastructure company. The SMS contains a link to lure victims into a phishing site. Once the victims click on…

Read more →

A 24-year-old man named Amir Hossein Golshan from Downtown Los Angeles has pleaded guilty for hacking Instagram users’ accounts, using a technique called “SIM swapping” to obtain money fraudulently. The charges consist of illegally accessing a secured computer to acquire…

Read more →

A 24-year-old man named Amir Hossein Golshan from Downtown Los Angeles has pleaded guilty to hacking into Instagram users’ accounts and using a technique called “SIM swapping” to fraudulently obtain money. The charges consist of illegally accessing a secured computer…

Read more →

The CVE MITRE foundation has released the list of “On the Cusp” in which many of the CWEs (Common Weakness Enumerations) have increased as well as decreased in their rankings between 2022 and 2023. CVE releases the top 25 most…

Read more →

According to recent reports, twelve government ministries in Norway have been targeted by cyber-attacks. The most recent attack was aimed at Norway’s public sector, and investigations are currently ongoing. Norway has been Europe’s largest gas supplier after Russia had a…

Read more →

Increased botnet activity targeting vulnerability(CVE-2023-28771) in Zyxel devices has become a major concern to its users. This vulnerability lets the unauthorized attacker execute the arbitrary code by sending a specifically crafted packet to the targeted device. Since CISA added this…

Read more →

The China-linked threat actors who stole the US State Department and other Microsoft customer emails may have acquired access to apps other than Exchange Online and Outlook.com. According to Wiz Researchers, the compromised signing key was more potent than it…

Read more →

The cloud-based IT management firm JumpCloud was compromised by North Korean Lazarus Group hackers who appear to be financially motivated to steal cryptocurrencies. Since at least 2009, this hacking group has been active, and it is well recognized for its…

Read more →

APIs are poisoned pills you can’t live without. In today’s world, they are the enemy you must coddle next to every night. That is why API security is so vital in today’s digital landscape. APIs connect links between different software…

Read more →

Cisco has published a security advisory that states that they have discovered two vulnerabilities, an XSS and an HTML injection vulnerability. These vulnerabilities existed in the SPA500 series of the Cisco Small Business IP Phones. CVE-2023-20181: XSS Vulnerability This vulnerability…

Read more →

There are rising concerns about the security risks associated with artificial intelligence (AI), which is becoming more and more popular and pervasive. Google, a major participant in the creation of next-generation artificial intelligence (AI), has emphasized the need for caution…

Read more →

The revolutionary innovations by AI (Artificial Intelligence) include generative AI that has various creative potential, but along with that it also raises serious concerns with malicious tools like WormGPT. Since it’s a powerful generative AI-based tool, WormGPT enables attackers to…

Read more →

The use of illegal software has been under circulation ever since there have been torrents and cracked software. Recent reports show that threat actors have been relying on cracked software to deploy HotRat malware into victims’ systems. HotRat malware is…

Read more →

Microsoft expanded cloud logging accessibility and flexibility for customers’ deeper security visibility. This expansion coordinates results with commercial and government customers and the Cybersecurity and Infrastructure Security Agency (CISA) about security to provide cloud customers with insight and analysis. The…

Read more →

Cyber criminals have recently started using Facebook to pretend to be well-known generative AI brands like ChatGPT, Google Bard, Midjourney, and Jasper to steal users’ personal information. Users on Facebook are deceived into downloading content from fake brand sites and advertisements. These…

Read more →

Oracle has released a list of security patches for more than 130+ products. These products were used in several industries, including banking, communication, enterprise, development, and others.  Oracle has released the severity rating and categorized them as critical, high, medium,…

Read more →

Globally, security analysts and IT professionals heavily rely on Virustotal, a vast malware database, to scan files for viruses and malware. Even it also enables users to upload suspicious files or links to assess potential threats effectively. VirusTotal, crucial in…

Read more →

Turla, also known as Secret Blizzard, KRYPTON, and UAC-0003, is an Advanced Persistent Threat (APT) group that has been associated with Russia’s Federal Security Service (FSB). This group has gained fame for its sophisticated and persistent cyber threat activities. The…

Read more →

In an unfortunate turn of events, the computer hacker from the 1990s, who was involved in high-profile cases of computer data theft and credit card number stealing, passed away due to pancreatic cancer. When he was 16 years old, Mitnick…

Read more →

In an unfortunate turn of events, the notorious computer hacker from the 1990s, who was involved in high-profile cases of computer data theft and credit card number stealing, passed away due to pancreatic cancer. When he was 16 years old,…

Read more →

Thousands of US military emails were allegedly leaked to Mali, a country in western Africa, due to an unintentional typo error that occurred over a decade. This breach might have put US national security at risk. According to the Financial…

Read more →

NetScaler ADC and NetScaler Gateway (previously Citrix ADC and Citrix Gateway) contain multiple discovered vulnerabilities. Citrix ADC is a powerful networking solution that ensures fast, secure, and reliable delivery of applications across networks. While the NetScaler Gateway is a secure…

Read more →

Hackers Use “chatgpt5 [.]zip” to Trick Users into Downloading Malware. Phishing remains a severe cybersecurity threat, deceiving employees with cleverly disguised malicious links and malware attachments, potentially causing company-wide troubles for over a decade. The 2022 FortiGuard Labs report and…

Read more →

Sophisticated DDoS attacks have become a favored tool for hackers, enabling them to target not only large organizations but also individuals. This means that both businesses, regardless of their size, and private individuals find themselves vulnerable to these malicious activities.…

Read more →

Syssphinx (aka FIN8) is a financially motivated cyber-crime group deploying revamped sardonic backdoor to deliver Noberus ransomware. This group has been active since January 2016, targeting organizations such as hospitality, retail, entertainment, insurance, technology, chemicals, and finance sectors.  It is also…

Read more →

OWASP Foundation has released the 0.9.0 version of Critical Vulnerabilities in LLMs (Large Language Models). A groundbreaking initiative has emerged to address the pressing need for educating developers, designers, architects, and other professionals involved in AI models. AI-based technologies are…

Read more →

As the world moves increasingly into a digital realm, the security of data stored in the cloud is an ever-growing concern for businesses and individuals alike. Cloud computing enables access to our most sensitive and critical information from any device…

Read more →

On July 11, Adobe coordinated with the vendor to fix several ColdFusion vulnerabilities, including CVE-2023-29298. But it’s been reported that there are two ColdFusion vulnerabilities that hackers are actively exploiting to perform the following illicit tasks: Rapid7 detected Adobe ColdFusion…

Read more →

The Cybersecurity & Infrastructure Security Agency (CISA) has released a list of free tools for organizations to secure themselves in cloud environments. The post from CISA stated that these tools will help incident response analysts and network defenders to mitigate,…

Read more →

JumpCloud, an American commercial software company, has announced a data breach attributed to a spear phishing attack launched by a sophisticated nation-state-sponsored threat actor. As a result, the threat actor (Nation-state) gained unauthorized access to JumpCloud systems to target a…

Read more →

WormGPT, a black-hat-based tool has been recently launched by cybercriminals and has the potential to conduct various social engineering as well as Business Email Compromise (BEC) attacks. This tool has no limitations towards its use and has no boundaries. The…

Read more →

Black Box Penetration Testing to the organization is from an external point of view and tests an external network with zero information. The objective was simple – see how susceptible the organization is from an external point of view and…

Read more →

Dark Web Secrets: Have you ever wondered about the mysterious parts of the internet? Welcome to the dark web. This uncharted digital territory, inaccessible through regular search engines, is notorious for its association with illegal activities, like drug trafficking, firearm…

Read more →

Threat actors always search for vulnerable devices and networks to gain illicit access and perform malicious activities to accomplish their goals. The APT group, Lazarus, as an initial breach path actively targeting the Microsoft Internet Information Services (IIS) servers. Cybersecurity…

Read more →

Threat actors relying on legitimate, well-known software TeamViewer for exploitation has been a very common scenario. There have been several cases where threat actors used well-known software to deliver malware to the victims. Similarly, a recent report from Cyble Research…

Read more →

Rockwell Automation ControlLogix EtherNet/IP (ENIP) communication module models have two security issues that might be utilized to carry out remote code execution and cause a denial of service (DoS). The ControlLogix system’s impacted communications modules are found in several industrial sectors,…

Read more →

ChatGPT is one of the biggest and most sophisticated language models ever made, with a massive neural network of over 175 billion parameters. Recent research has revealed how ChatGPT for penetration testing can enable testers to achieve greater success. ChatGPT…

Read more →

Wireshark, One of the world’s most popular network packet analyzers, released Wireshark 4.0.7 with the fixes of several bugs, updated protocol support, and a few enhancements. Wireshark is an application that captures packets from a network link, like the one…

Read more →

Elon Musk publicly announced the establishment of xAI, a startup that aims at exploring “the true nature of the universe” and will also compete against OpenAI’s well-known chatbot ChatGPT. “The goal of xAI is to understand the true nature of…

Read more →

Apple has recently released new Rapid Security Response (RSR) patches to fix a zero-day vulnerability. This vulnerability has been exploited in attacks and affects iPhones, Macs, and iPads that have been fully patched. The zero-day vulnerability has been tracked as…

Read more →

Apple zero-day vulnerability has been identified that was actively exploited by the threat actors in the wild to break the browsing on some websites and for arbitrary code execution. The zero-day vulnerability has been tracked as CVE-2023-37450, and this vulnerability…

Read more →

A recent security advisory from Jenkins reported that they had fixed 24 vulnerabilities affecting multiple Jenkins plugins. This Flaw includes 5 High, 18 Medium, and 1 Low severity vulnerabilities. Patches have been released for some of the affected plugins, while…

Read more →

Cybercriminals are using malicious Chrome extensions to steal Facebook login information in a recent operation. The reports shared by Malwarebytes Labs also stated that sponsored posts and accounts impersonating Meta/Facebook’s Ads Manager have become more prevalent. With a focus on…

Read more →

SonicWall has recently published a security notice in which 15 vulnerabilities were fixed. CVEs for these vulnerabilities have been published, and patches for 4 Critical, 4 High, and 7 Medium severity vulnerabilities have been patched as per the notice. These…

Read more →

The OWASP Zed Attack Proxy is a widely used tool for conducting web application penetration testing. It is free and open-source. ZAP functions as a proxy between the tester’s browser and the web application, intercepting and scrutinizing messages. ZAP is…

Read more →

During the initial half of 2023, a notable surge occurred in attacks exploiting infected USB drives for secret theft. While the USB-based operation campaigns caused most incidents, impacting both public and private sectors worldwide. Cybersecurity analysts at Mandiant Managed Defense…

Read more →

IP geolocation API services can do far more than serve website visitors in their local language and currency using IP lookup. They can also play a critical role in cybersecurity. Geolocation data can source the IP address of DDoS (Distributed…

Read more →

As per the research conducted by SentinelOne, a new risk has been identified, which affects the information security researchers as well as the infosec community. Threat actors targeting the infosec community was not something new, as there were several instances…

Read more →

Storm-0978, a threat actor, actively targeted European and North American defense and government entities in a phishing campaign. Exploiting CVE-2023-36884, the campaign used Word documents with Ukrainian World Congress lures to abuse a remote code execution vulnerability. Recently, the cybersecurity…

Read more →

Citrix has released security advisories for critical and high-severity vulnerabilities, which could allow threat actors to escalate their privileges if they have access to an endpoint with Standard user account permission. CVE-2023-24491: Citrix Desktop for Windows There is a security…

Read more →

Shakeeb Ahmed, a former security engineer, has been arrested for defrauding a decentralized crypto exchange and stealing over $9 million. A digital currency exchange, also known as a cryptocurrency exchange (DCE), is a company that enables individuals to trade cryptocurrencies…

Read more →

Microsoft has recently made an announcement that their Microsoft Entra service has been extended to include the Security Service Edge. Moreover, the Azure AD has been rebranded as Microsoft Entra ID. According to Microsoft, there has been a significant increase…

Read more →

Microsoft blocked code signing certs, favored by Chinese hackers and devs, for loading malicious kernel mode drivers via Windows policy exploit. Windows kernel-mode drivers, at Ring 0, grant utmost privilege, enabling the following abilities:- A kernel-mode driver can disrupt the…

Read more →

GPT-4, OpenAI’s newest text-generation model, is now generally available through its API. As part of its upgrade, the company also made GPT 3.5, DALL-E, and Whisper available. “Whisper” refers to OpenAI’s speech-to-text model, while “DALL-E 2” is the company’s image-generating…

Read more →

Rekoobe is a notorious backdoor that primarily targets Linux environments, and it’s actively exploited by the threat actors, mainly a Chinese threat group, APT31. This notorious backdoor was discovered in 2015 for the first time, while an updated version of…

Read more →

“The Legion” is a Python-based software that has been crafted with the explicit intention of gathering credentials. Its propagation initially occurred via Telegram channels, where it was advertised as a tool that could be used for hacking. The tool is…

Read more →

One of the best methods for finding potential security gaps in your company’s cybersecurity design is a vulnerability assessment. You risk losing sensitive information to fraudsters who have been targeting charitable organizations more frequently since the epidemic hit if you…

Read more →

New Rapid Security Response (RSR) patches from Apple have been released to address a new zero-day defect that has been used in attacks and affects fully patched iPhones, Macs, and iPads. Rapid Security Responses are a new form of iOS,…

Read more →

New Rapid Security Response (RSR) patches from Apple have been released to address a new zero-day defect that has been used in attacks and affects fully patched iPhones, Macs, and iPads. Rapid Security Responses are a new form of iOS,…

Read more →

Cryptocurrency’s rising fame and diverse storage methods expand the arsenal of tools used by threat actors chasing digital assets and funds. The threat actors adapt their techniques and mimic legit sites based on target protection and potential theft size. There…

Read more →

AirCube is a wireless access point device used in homes and Edge Routers are special routers manufactured by Ubiquiti that act at the network boundary and allow an internal network to connect to an external network. MiniUPnPd (Mini Universal Plug…

Read more →

Vishing’s popularity has surged significantly in recent years, and this phenomenon is gradually destroying the trust factor in unknown calls from numbers that are unknown due to the rise in Voice over IP Phishing. Commonly, calls from bank employees or…

Read more →

RomCom is a RAT – that enables remote access/control over devices to exfiltrate sensitive information for financial gain, now being used in geo politically-motivated attacks against Ukraine’s military institutions.  According to the Blackberry threat intelligence team, the threat actor targets…

Read more →

Cyber Threat intelligence is one of the most critical concerns in the evolving threat environment of rapid day-zero attacks, cyber-criminality and espionage activities; the traditional approaches will be increasingly important to maintain but will simply not be sufficient to address…

Read more →

Cybersecurity is infamous for its acronyms. From APT to ZTNA, it is easy to get bogged down in the quagmire of jargon that, whether we like it or not, comes with the territory. This problem worsens when we come across…

Read more →

Cybersecurity researchers recently found 2 malicious applications on the Google Play store, installed by 1.5M users, collecting excessive data beyond what is required for promised features. The two malicious apps, both by the same publisher, are designed to exfiltrate data…

Read more →

A newly found Truebot Malware targets both US and Canada-based organizations to exfiltrate sensitive information by exploiting vulnerabilities in the Netwrix Auditor application(CVE-2022-31199). Truebot malware is a botnet that is delivered through phishing campaigns to attack victims, now exploiting the…

Read more →

In the age of total interconnectedness, digital dangers are all around. Email accounts have long become prime targets for cybercriminals aiming to take advantage of security flaws. Therefore, implementing strong email security measures has never been more crucial.  In this…

Read more →

A security flaw has been identified in the Linux kernel called “stockRot” (CVE-2023-3269). This vulnerability grants attackers access to the kernel and the ability to elevate their privileges. It has been discovered that “Stack Rot,” a vulnerability in stack expansion,…

Read more →

The rapid rise and sophistication of ransomware enable threat actors to launch attacks more frequently and disrupt businesses and organizations that are lacking adequate preparation. The researchers at Microsoft Incident Response recently investigated an intrusion in which it’s been the…

Read more →

The latest research discovered a campaign against cloud environments which is still under development. This evolving campaign is consistent with an aggressive cloud worm designed to deploy on exposed JupyterLab and Docker APIs to deploy Tsunami malware, cloud credentials hijack,…

Read more →

Recently, cybersecurity researchers at VulnCheck revealed that hundreds of internet-exposed SolarView systems on Shodan have been patched against a critical command injection vulnerability. Experts indicated that both the Mirai botnet hackers and inexperienced individuals have already begun exploiting it, with…

Read more →

The Cisco ACI Multi-Site CloudSec encryption feature of the Cisco Nexus 9000 Series switches contains a critical flaw that enables attackers to easily read encrypted traffic. The vulnerability resides in implementing the ciphers used by the CloudSec encryption feature on…

Read more →

The Barracuda Email Security Gateway (ESG) appliance has a remote command injection vulnerability that affects versions 5.1.3.001–9.2.0.006. This vulnerability was identified to be CVE-2023-2868, with a CVSS score of 9.8. It has been actively exploited since October 2022. The flaw stems…

Read more →