Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A stealthy Command-and-Control (C2) infrastructure Red Team tool named ConvoC2 showcases how cyber attackers can exploit Microsoft Teams to execute system commands on compromised hosts remotely. This innovative project, designed with Red Team operations in mind, uses Teams messages for…

Read more →

Cybersecurity researchers have uncovered a sophisticated exploitation campaign involving a zero-day (0-day) vulnerability in Cleo file transfer software platforms. This campaign has been used to deliver a newly identified malware family, now dubbed “Malichus.” The threat, recently analyzed by Huntress…

Read more →

GitLab announced the release of critical security patches for its Community Edition (CE) and Enterprise Edition (EE). The newly released versions 17.6.2, 17.5.4, and 17.4.6 address several high-severity vulnerabilities, and GitLab strongly recommends that all self-managed installations be upgraded immediately.…

Read more →

Researchers have uncovered a vulnerability that allows attackers to compromise AMD’s Secure Encrypted Virtualization (SEV) technology using a $10 device. This breakthrough exposes a previously underexplored weakness in memory module security, specifically in cloud computing environments where SEV is widely…

Read more →

Splunk, the data analysis and monitoring platform, is grappling with a Remote Code Execution (RCE) vulnerability. This flaw, identified as CVE-2024-53247, affects several versions of Splunk Enterprise and the Splunk Secure Gateway app on the Splunk Cloud Platform. The vulnerability…

Read more →

In a major international operation codenamed “PowerOFF,” Europol, collaborating with law enforcement agencies across 15 countries, has taken down 27 illegal platforms facilitating Distributed Denial-of-Service (DDoS) attacks. This takedown marks a significant blow to the cybercrime industry, disrupting one of…

Read more →

Researchers reported a phishing attack on December 4th, 2024, where malicious emails purportedly from the Ukrainian Union of Industrialists and Entrepreneurs were distributed, inviting recipients to a NATO standardization conference.  The emails aimed to compromise systems by delivering malware, and…

Read more →

The US Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned Sichuan Silence Information Technology Company and its employee Guan Tianfeng for their involvement in the April 2020 global firewall compromise, which targeted numerous US critical infrastructure companies.  The…

Read more →

Zloader, a sophisticated Trojan, has recently evolved with features that enhance its stealth and destructive potential, as the latest version, 2.9.4.0, introduces a custom DNS tunnel for covert C2 communications, bypassing traditional network security measures.  An interactive shell empowers attackers…

Read more →

The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has confirmed an advanced cyber attack against organizations in Japan, believed to have been conducted by the cyber espionage group APT-C-60. The attackers used phishing techniques, masquerading as a job applicant…

Read more →

A critical security vulnerability (CVE-2024-49115) in Windows Remote Desktop Services (RDS) has been disclosed, potentially allowing hackers to execute arbitrary remote code via the network. The flaw, assigned the highest severity classification, was officially confirmed by Microsoft on December 10,…

Read more →

 Ivanti has issued critical software updates to address several severe vulnerabilities in its Cloud Services Application (CSA). These vulnerabilities tracked as CVE-2024-11639, CVE-2024-11772, and CVE-2024-11773, affect CSA versions 5.0.2 and earlier. Without mitigation, these flaws could allow malicious attackers to…

Read more →

Google has released a new update on the Stable channel for its Chrome browser, addressing a series of security vulnerabilities. The update has been rolled out as version 131.0.6778.139/.140 for Windows and Mac, and 131.0.6778.139 for Linux. Users can expect the patch to become…

Read more →

A critical security vulnerability, tracked as CVE-2024-11205, was recently discovered in the popular WordPress plugin, WPForms, which boasts over 6 million active installations globally. This flaw, identified by researcher villu164 through the Wordfence Bug Bounty Program, allows authenticated users with at least subscriber-level…

Read more →

In its final Patch Tuesday of 2024, Microsoft has released a significant security update addressing a total of 71 vulnerabilities, including 16 critical vulnerabilities and 1 zero-day. This December update marks a crucial milestone in Microsoft’s ongoing efforts to enhance…

Read more →

In its final Patch Tuesday of 2024, Microsoft has released a significant security update addressing a total of 71 vulnerabilities, including 16 critical flaws. This December update marks a crucial milestone in Microsoft’s ongoing efforts to enhance the security of…

Read more →

Attackers are distributing a malicious .NET-based HPDxLIB activator disguised as a new version, which is signed with a self-signed certificate, and targets entrepreneurs automating business processes and aims to compromise their systems. They are distributing malicious activators on forums targeting…

Read more →

In an attack campaign dubbed “Operation Digital Eye,” a suspected China-nexus threat actor has been observed targeting business-to-business IT service providers in Southern Europe.  The attack operation lasted roughly three weeks, from late June to mid-July 2024. The intrusions could…

Read more →

SAP has issued Security Note 3536965 to address multiple high-severity vulnerabilities in the Adobe Document Services of SAP NetWeaver AS for JAVA. These vulnerabilities, identified as CVE-2024-47578, CVE-2024-47579, and CVE-2024-47580, allow attackers to manipulate or upload malicious PDF files, potentially compromising internal systems and exposing sensitive data. Details of the Vulnerabilities CVE-2024-47578:…

Read more →

Dell Technologies has issued a security advisory, DSA-2024-439, to alert users of a critical vulnerability in its Dell Power Manager software. The vulnerability, identified as CVE-2024-49600, could allow malicious attackers to execute arbitrary code and gain elevated privileges on the affected…

Read more →

Cybersecurity researchers have unveiled an advanced technique to uncover hackers’ operational infrastructure using passive DNS data. This groundbreaking method sheds light on how attackers establish and maintain their networks to perpetrate malicious activities while remaining resilient to detection. By leveraging…

Read more →

Let’s Encrypt has officially announced its timeline to phase out support for the Online Certificate Status Protocol (OCSP). The nonprofit Certificate Authority (CA) plans to fully transition to Certificate Revocation Lists (CRLs) by mid-2025, citing privacy concerns and efficiency gains…

Read more →

Cybercriminals online take advantage of well-known events to register malicious domains with keywords related to the event, with the intention of tricking users through phishing and other fraudulent schemes.  The analysis examines event-related abuse trends across domain registrations, DNS and…

Read more →

In a resurgence since May 2024, the Black Basta ransomware campaign has exhibited a troubling escalation in its attack methods, incorporating a multi-stage infection chain that blends social engineering, a custom packer, a mix of malware payloads, and advanced delivery…

Read more →

Researchers analyzed a malicious Android sample created using Spynote RAT, targeting high-value assets in Southern Asia, which, likely deployed by an unknown threat actor, aims to compromise sensitive information.  Although the target’s precise location and nature have not been disclosed,…

Read more →

The Apache ActiveMQ server is vulnerable to remote code execution (CVE-2023-46604), where attackers can exploit this vulnerability by manipulating serialized class types in the OpenWire protocol to load malicious class configurations from external sources.  Successful exploitation allows attackers to execute…

Read more →

A sophisticated crypto-stealing malware, Realst, has been targeting Web3 professionals, as the threat actors behind this campaign have employed AI-generated content to create fake companies, such as “Meetio,” to appear legitimate.  By tricking victims into participating in video calls, cybercriminals…

Read more →

An international cybercrime network responsible for stealing millions of euros across at least ten European countries has been dismantled in a joint operation by the Rotterdam Police Cybercrime Team and the Belgian police. The sophisticated criminal group employed phishing schemes…

Read more →

Kurita America Inc. (KAI), the North American subsidiary of Tokyo-based Kurita Water Industries Ltd., has confirmed it was the victim of a ransomware attack that compromised multiple servers and potentially leaked sensitive data. The attack was detected on Friday, November 29,…

Read more →

Gamaredon, a persistent threat actor since 2013, targets the government, defense, diplomacy, and media sectors of their victims, primarily through cyberattacks, to gain sensitive information and disrupt operations. It continues to employ sophisticated tactics, leveraging malicious LNK and XHTML files…

Read more →

Researchers have uncovered that Large Language Models (LLMs) can generate and manipulate ANSI escape codes, potentially creating new security vulnerabilities in terminal-based applications. ANSI escape sequences are a standardized set of control characters used by terminal emulators to manipulate the appearance and behavior of text displays. They enable…

Read more →

Google has officially launched Vanir, an open-source security patch validation tool designed to streamline and automate the process of ensuring software security patches are integrated effectively. The announcement was made following Vanir’s initial preview during the Android Bootcamp earlier this year…

Read more →

Raspberry Pi, a pioneer in affordable and programmable computing, has once again elevated its game with the launch of the Raspberry Pi 500 alongside an official Raspberry Pi Monitor. This much-anticipated release offers enthusiasts and learners a complete desktop setup priced at just…

Read more →

A newly disclosed transaction-relay jamming vulnerability has raised concerns about the security of Bitcoin nodes, particularly in the context of time-sensitive contracting protocols like the Lightning Network. This attack exploits the transaction selection, announcement, and propagation mechanisms of Bitcoin’s base-layer…

Read more →

Qlik has identified critical vulnerabilities in its Qlik Sense Enterprise for Windows software that could lead to remote code execution (RCE) if exploited. Security patches have been released to mitigate these risks and ensure system integrity. The vulnerabilities, discovered during…

Read more →

QNAP Systems, Inc. has identified multiple high-severity vulnerabilities in its operating systems, potentially allowing attackers to compromise systems and execute malicious activities. These issues affect several versions of QNAP’s QTS and QuTS hero operating systems. Users are urged to update…

Read more →

Imagine this: It’s a typical Tuesday morning in a bustling hospital. Doctors make their rounds, nurses attend to patients, and the hum of medical equipment creates a familiar backdrop. Suddenly, screens go dark, vital systems freeze, and a chilling message…

Read more →

The Federal Bureau of Investigation (FBI) has issued a warning about a growing trend in cybercrime, hackers leveraging generative artificial intelligence (AI) to develop highly sophisticated social engineering attacks. With advancements in AI technology, cybercriminals are crafting fraud schemes that…

Read more →

Security researchers have identified a significant vulnerability dubbed “DaMAgeCard Attack” in the new SD Express card standard that could allow attackers to directly access system memory through Direct Memory Access (DMA) attacks. The vulnerability stems from SD Express cards’ use…

Read more →

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish the data it had stolen earlier this week. However, despite the claims, a Deloitte spokesperson said that its investigation indicates that the allegations relate to a…

Read more →

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top five industries targeted by subject-customized emails, which often leverage personal information like names, emails, phone numbers, or company names to bypass security measures.  Employing redaction techniques…

Read more →

Researchers discovered Celestial Stealer, a JavaScript-based MaaS infostealer targeting Windows systems that, evading detection with obfuscation and anti-analysis techniques, steals data from various browsers, applications, and cryptocurrency wallets.  It operates as an Electron or NodeJS application, injecting code into vulnerable…

Read more →

Secret Blizzard, a Russian threat actor, has infiltrated 33 command-and-control (C2) servers belonging to the Pakistani group Storm-0156, which allows Secret Blizzard to access networks of Afghan government entities and Pakistani operators.  They have deployed their own malware, TwoDash and…

Read more →

BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using spearphishing emails with malicious HTML attachments to deliver GammaLoad malware.  To evade detection, BlueAlpha is leveraging Cloudflare Tunnels to conceal their infrastructure and using DNS fast-fluxing…

Read more →

The open-source tech landscape continues to innovate, and the release of the CapibaraZero firmware marks another breakthrough. Designed for ESP32-S3-based hardware platforms, CapibaraZero provides a low-cost alternative to the highly popular—but expensive—Flipper Zero, a multifunctional tool for penetration testers, ethical…

Read more →

SonicWall has issued a critical alert regarding multiple vulnerabilities in its Secure Mobile Access (SMA) 100 series SSL-VPN appliances. These vulnerabilities could allow attackers to execute remote code, bypass authentication, or compromise system integrity. SonicWall urges users to take immediate…

Read more →

 The Django team has issued critical security updates for versions 5.1.4, 5.0.10, and 4.2.17. These updates address two vulnerabilities: a potential denial-of-service (DoS) attack in the strip_tags() method and a high-severity SQL injection risk in Oracle databases. All developers and system administrators…

Read more →

Rockwell Automation has issued a critical security advisory addressing multiple remote code execution (RCE) vulnerabilities discovered in its Arena® software. These vulnerabilities, reported by the Zero Day Initiative (ZDI), expose systems to potential exploitation by adversaries looking to execute arbitrary…

Read more →

Europol, in collaboration with law enforcement across Europe, has taken down a sophisticated cybercriminal network responsible for large-scale online fraud. Over 50 servers were seized, a trove of digital evidence was secured, and two primary suspects are now in pretrial…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has released two advisories highlighting significant security vulnerabilities in Industrial Control Systems (ICS) software and hardware. These vulnerabilities, identified in AutomationDirect’s C-More EA9 Programming Software and Planet Technology’s industrial switch WGS-804HPT, could pose…

Read more →

The Global Research and Analysis Team (GReAT) has announced the release of hrtng, a cutting-edge plugin for IDA Pro, one of the most prominent tools for reverse engineering. Designed specifically to enhance the efficiency of malware analysis, hrtng provides analysts with powerful…

Read more →

A critical zero-day vulnerability affecting all modern Windows Workstation and Server versions has been discovered. The flaw enables attackers to steal NTLM credentials with minimal user interaction, posing a significant security risk. It impacts systems from Windows 7 and Server…

Read more →

Recently identified by security researchers, a new vulnerability in HCL DevOps Deploy and HCL Launch has emerged, allowing users to embed arbitrary HTML tags within the Web UI. This vulnerability tracked as CVE-2024-42195, poses a potential risk of sensitive information…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about several vulnerabilities being actively exploited in the wild. The vulnerabilities affect popular software and hardware products, including Zyxel firewalls, CyberPanel, North Grid, and ProjectSend. Organizations using these products are…

Read more →

HackSynth is an autonomous penetration testing agent that leverages Large Language Models (LLMs) to solve Capture The Flag (CTF) challenges without human intervention.  It utilizes a two-module architecture: a planner to create commands and a summarizer to understand the hacking…

Read more →

Fuji Electric Indonesia has fallen victim to a ransomware attack, impacting its operations and raising concerns about data security and business continuity. The attack was publicly disclosed by Fuji Electric’s headquarters on December 2, 2024, through an official notice, which…

Read more →

A critical vulnerability identified as CVE-2024–53614 has been discovered in the Thinkware Cloud APK version 4.3.46. This vulnerability arises from the use of a hardcoded decryption key within the application. It allows malicious actors to access sensitive data and execute…

Read more →

Researchers released a detailed report on a significant security vulnerability named CVE-2023-49785, affecting the ChatGPT Next Web, popularly known as NextChat. This vulnerability has raised concerns within the cybersecurity community due to its potential for exploitation through Server-Side Request Forgery…

Read more →

I-O DATA DEVICE, INC. has announced that several critical vulnerabilities in their UD-LT1 and UD-LT1/EX routers are being actively exploited. These vulnerabilities pose significant risks to users, necessitating urgent attention and action. Below is a detailed look at each vulnerability,…

Read more →

A critical vulnerability has been identified in the bootloader of Cisco NX-OS Software, potentially allowing attackers to bypass image signature verification. This flaw, which affects several Cisco product lines, could enable unauthorized users to load unverified software onto affected devices.…

Read more →

Brain Cipher has claimed to have breached Deloitte UK and exfiltrated over 1 terabyte of sensitive data. Emerging in June 2024, Brain Cipher has quickly established a reputation for its aggressive cyberattacks, with a notable incident involving According to statements…

Read more →

The threat actors distributed malicious JS scripts disguised as legitimate business documents, primarily in ZIP archives with names like “Purchase request” or “Request for quote.”  They enriched their phishing emails with authentic-looking documents like passports, tax registrations, and company cards,…

Read more →

Attackers are exploiting publicly exposed Docker Remote API servers to deploy Gafgyt malware by creating a Docker container using a legitimate “alpine” image to deploy the malware and infect the victim system with Gafgyt botnet malware.  It allows attackers to…

Read more →

Cloudflare Pages, a popular web deployment platform, is exploited by threat actors to host phishing sites, as attackers leverage Cloudflare’s trusted infrastructure, global CDN, and free hosting to quickly set up and deploy convincing phishing sites.  Automatic SSL/TLS encryption enhances…

Read more →

The National Security Agency (NSA) has partnered with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and other entities to release a critical advisory. This initiative comes in response to the exploitation of major global…

Read more →

A critical vulnerability has been identified in the Mobile Security Framework (MobSF) that allows attackers to inject malicious scripts into the system. This vulnerability, CVE-2024-53999 is a Stored Cross-Site Scripting (XSS) flaw found in the “Diff or Compare” functionality, which…

Read more →

A registry overwrite remote code execution (RCE) vulnerability has been identified in NmAPI.exe, part of the WhatsUp Gold network monitoring software. This vulnerability, present in versions before 24.0.1, allows an unauthenticated remote attacker to execute arbitrary code on affected systems,…

Read more →

Google has released a significant security update for its Chrome browser, aiming to address several vulnerabilities and enhance user safety. The Stable channel has been updated to version 131.0.6778.108/.109 for Windows, and Mac, and version 131.0.6778.108 for Linux. These updates…

Read more →

Phishing attacks have surged nearly 40% in the year ending August 2024, with a significant portion of this increase linked to new generic top-level domains (gTLDs) like .shop, .top, and .xyz. These domains, known for their minimal registration requirements and…

Read more →

A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious actors to remotely compromise affected devices. The vulnerability, identified as CVE-2024-11237, affects TP-Link VN020 F3v(T) routers running firmware version TT_V6.2.1021, which are primarily deployed through Tunisie…

Read more →

A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious actors to remotely compromise affected devices. The vulnerability, identified as CVE-2024-11237, affects TP-Link VN020 F3v(T) routers running firmware version TT_V6.2.1021, which are primarily deployed through Tunisie…

Read more →

The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to malicious e-commerce websites, leveraging multiple SEO malware families to achieve their goal. Three distinct threat actor groups were identified, each employing a unique malware family, with…

Read more →

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce shoppers in Europe and the USA during the Black Friday shopping season.  The campaign leveraged the legitimate payment processor Stripe to steal victims’ Cardholder Data (CHD)…

Read more →

Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in 2022 by employing sophisticated social engineering techniques to infiltrate target networks, often leveraging advanced malware to compromise systems undetected.  Once inside, Black Basta extorts victims with…

Read more →

CVE-2024-52301 is a critical vulnerability identified in Laravel, a widely used PHP framework for building web applications. The vulnerability allows unauthorized access by exploiting improperly validated inputs, potentially leading to privilege escalation, data tampering, or full system compromise. Given Laravel’s…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert and added two new vulnerabilities related to Palo Alto Networks to its Known Exploited Vulnerabilities Catalog. These vulnerabilities, CVE-2024-9463 and CVE-2024-9465, are reportedly actively exploited by malicious cyber…

Read more →

A critical vulnerability has been discovered in the popular “Really Simple Security” WordPress plugin, formerly known as “Really Simple SSL,” putting over 4 million websites at risk. The flaw, identified as CVE-2024-10924, exposes websites using the plugin to potential remote attacks,…

Read more →

Daren Li, 41, a dual citizen of China and St. Kitts and Nevis, and a resident of China, Cambodia, and the United Arab Emirates, pleaded guilty today to one count of conspiracy to commit money laundering for his role in…

Read more →

Google has once again raised the bar for mobile security by introducing two new AI-powered real-time protection features for Android users. With a strong commitment to user privacy and safety, these innovative tools aim to shield users from scams, fraud,…

Read more →

Google Cloud has announced a significant step forward in its commitment to transparency and security by stating it will begin issuing Common Vulnerabilities and Exposures (CVEs) for critical vulnerabilities found in its cloud services. This move, which underscores Google’s dedication…

Read more →

GitLab has rolled out critical security updates to address multiple vulnerabilities in its Community Edition (CE) and Enterprise Edition (EE), fixing issues that could lead to unauthorized access to Kubernetes clusters and other potential exploits. The latest patch versions, 17.5.2,…

Read more →

A newly discovered zero-day vulnerability, CVE-2024-43451, has been actively exploited in the wild, targeting Windows systems across various versions. This critical vulnerability, uncovered by the ClearSky Cyber Security team in June 2024, has been linked to attacks aimed specifically at Ukrainian…

Read more →

If you’re looking to make some extra cash or to start a business, you should consider online reselling. Online reselling is growing rapidly at 11% each year- according to ThredUp.  When partaking in online reselling it is important to have…

Read more →

Keeping track of who has access and managing their permissions has gotten a lot more complicated because there are so many users, devices, and systems involved. Using automation for managing who can access what helps companies stay secure, work more…

Read more →

Fortinet, a leading cybersecurity provider, has issued patches for several critical vulnerabilities impacting multiple products, including FortiAnalyzer, FortiClient, FortiManager, and FortiOS. These vulnerabilities could allow attackers to perform unauthorized operations, escalate privileges, or hijack user sessions. Below are detailed descriptions…

Read more →

A Chinese state-sponsored threat group, identified as TAG-112, has been discovered hijacking Tibetan community websites to deliver Cobalt Strike malware, according to a recent investigation by Recorded Future’s Insikt Group. According to a report from Recorded Future, the investigation revealed…

Read more →

Ivanti, the well-known provider of IT asset and service management solutions, has issued critical security updates for its products Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC). These updates address multiple vulnerabilities, including medium, high, and critical…

Read more →

The Chrome team has officially announced the release of Chrome 131 for Windows, Mac, and Linux. The new version, Chrome 131.0.6778.69 for Linux and 131.0.6778.69/.70 for Windows and Mac is set to roll out to users over the coming days…

Read more →

In a critical security disclosure, it has been revealed that thousands of end-of-life (EOL) D-Link DSL-6740C routers are vulnerable to password change attacks. The vulnerability tracked as CVE-2024-11068 has been rated as critical by the TWCERT/CC, with an alarming CVSS score…

Read more →

Navigating the world of cryptocurrencies can feel like unlocking a new frontier. I remember my first foray into crypto wallet management, and the thrill of securing my digital assets was exhilarating. With the rapid growth of digital currencies, managing a…

Read more →

Diving into the world of crypto mining has always intrigued me. The allure of turning computer power into digital currency feels like a modern-day gold rush. As I explored this field, I discovered that understanding the profitability of crypto mining…

Read more →

Exploring the world of cryptocurrencies has been a thrilling journey for me. The allure of digital currencies lies not just in their potential for profit but also in the intricate technology that underpins them. One aspect that’s particularly fascinating is…

Read more →

Diving into the world of cryptocurrencies, I’ve found it’s a fascinating intersection of technology and economics. The crypto market isn’t just about digital coins; it’s deeply influenced by macroeconomic factors that shape its dynamics. Understanding these factors can unlock insights…

Read more →

Diving into the world of crypto investments has been one of the most exhilarating journeys I’ve embarked on. The dynamic nature of cryptocurrencies offers a unique blend of innovation and opportunity that’s hard to find elsewhere. Crafting a solid crypto…

Read more →

VMware has announced that its popular desktop hypervisor products, VMware Workstation and VMware Fusion, are now free to all users across various commercial, educational, and personal sectors. The transition, effective November 11, 2024, marks a shift in VMware’s strategy to…

Read more →

Dell Technologies has disclosed multiple critical security vulnerabilities in its Enterprise SONiC OS, which could allow attackers to gain control of affected systems. These vulnerabilities, identified through the Common Vulnerabilities and Exposures (CVE) system, are critical and affect Dell Enterprise…

Read more →

Amazon has confirmed that sensitive employee data was exposed due to a breach at a third-party vendor. The breach arose from exploiting a critical vulnerability in MOVEit, a widely used file transfer software. The vulnerability, first reported in mid-2023 under…

Read more →

Best DNS Management Tools play a crucial role in efficiently managing domain names and their associated DNS records. These tools enable users to make necessary changes and updates to DNS records, ensuring seamless website performance and accessibility. These tools are…

Read more →

In late October 2024, a coordinated IP spoofing attack targeted the Tor network, prompting abuse complaints and temporary disruptions. While the attack affected non-exit relays and caused some relays to be taken offline, the overall impact on Tor users was…

Read more →

SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases from screenshots stored on infected devices.  By stealthily capturing screenshots, the malware bypasses traditional security measures that rely on text-based detection, which allows it to efficiently…

Read more →