Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

In May 24, 2024, Zero-Day Initiative released a security advisory for Ivanti EPM which was associated with SQL injection Remote code execution vulnerability. This vulnerability was assigned with CVE-2024-29824 and the severity was given as 9.6 (Critical). Though ZDI did…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a surge in impersonation scams. These scams often involve fraudsters pretending to be government employees, using their names and titles to deceive unsuspecting victims. Recently, CISA has become…

Read more →

Microsoft has disclosed a critical vulnerability identified as CVE-2024-30088. With a CVSS score of 8.8, this flaw affects Microsoft Windows and allows local attackers to escalate their privileges on affected installations. CVE-2024-30088 -Vulnerability Details The vulnerability resides in the implementation of the NtQueryInformationToken function within Microsoft Windows. This function is…

Read more →

Cybersecurity watchdog Shadowserver has identified 256,000+ publicly exposed servers vulnerable to a critical Remote Code Execution (RCE) flaw in Microsoft Message Queuing (MSMQ) services. The flaw, designated CVE-2024-30080, poses a significant threat to global cybersecurity. It could allow malicious actors…

Read more →

An Indian national was sentenced to two years and eight months in jail for unauthorized access to his former employer’s computer systems, resulting in substantial financial losses. Background of the Incident Kandula Nagaraju, a 39-year-old Indian national, was employed by…

Read more →

SSH and RDP provide remote access to server machines (Linux and Windows respectively) for administration. Both protocols are vulnerable to brute-force attacks if solid passwords and access controls are not implemented. Exposed SSH ports (default 22) are scanned by attackers…

Read more →

Hackers go for Apple due to its massive user base along with rich customers, including business people and managers who use those devices with some important information. Even with these security measures in place, Apple is a likely target since…

Read more →

A critical vulnerability (CVE-2024-37051) in the JetBrains GitHub plugin for IntelliJ-based IDEs (2023.1 and later) exposed access tokens to malicious content within GitHub pull requests, allowing attackers to steal tokens and potentially compromise linked accounts, even with two-factor authentication enabled. …

Read more →

Mozilla has released Firefox 127, addressing 15 security vulnerabilities, some of which have been rated as high impact. This update is crucial for users to ensure their browsing experience remains secure. Below is a detailed breakdown of the vulnerabilities fixed…

Read more →

The notorious Charon Android Botnet has resurfaced with enhanced capabilities, according to a threat actor’s announcement on a popular cybercrime forum. The botnet, an edited version of the infamous Ermac, has undergone significant improvements, making it a formidable threat in…

Read more →

Pure Storage has confirmed that a third party temporarily gained unauthorized access to a Snowflake data analytics workspace. This workspace contained telemetry information used by Pure Storage to provide proactive customer support services. The exposed data includes company names, LDAP…

Read more →

Microsoft has disclosed two Critical remote code execution vulnerabilities in MSMQ (Microsoft Message Queuing) and the Windows Wi-Fi Driver. The CVE for these vulnerabilities has been assigned with CVE-2024-30080 and CVE-2024-30078.  The severity for these vulnerabilities was given as 9.8…

Read more →

Cleveland City Hall and Erieview offices will remain closed for a second consecutive day, June 11, as officials continue investigating a significant “cyber event” that has disrupted city operations. A recent tweet from the City of Cleveland shared that the City Hall and Erieview are closed today June 10, except…

Read more →

Microsoft has disclosed two Critical remote code execution vulnerabilities in MSMQ (Microsoft Message Queuing) and the Windows Wi-Fi Driver. The CVE for these vulnerabilities has been assigned with CVE-2024-30080 and CVE-2024-30078.  The severity for these vulnerabilities was given as 9.8…

Read more →

Malware distributors use MSI installers as Windows OS already trusts them to run with administrative rights by bypassing security controls. For this reason, MSI files are a convenient means of spreading ransomware, spyware, and other malware that can be passed…

Read more →

Researchers identified a campaign distributing Remcos RAT, a Remote Access Trojan, where the attack uses phishing emails disguised as legitimate business communication, such as import/export or quotations.  The emails contain a UUEncoded (UUE) file compressed with Power Archiver, which likely…

Read more →

Cybersecurity experts have identified a new type of malware called “Noodle RAT,” which Chinese-speaking hacker groups use to target Linux servers. Although this malware has been active since 2016, it has only recently been properly classified, shedding light on its…

Read more →

The Mali GPU driver is a widely used Graphical Processing Unit for multiple devices, including Android and Linux. A new vulnerability has been discovered in the Mali GPU Kernel driver. It allows an authenticated, low-privileged user to gain access to…

Read more →

Hackers utilize MSC or Microsoft Management Console files in themed attack campaigns as these files contain commands and scripts that enable them to perform different administrative tasks on the target system.  By mimicking legitimate files, MSC files can evade various…

Read more →

Officers have made two arrests in connection with using a “text message blaster,” believed to have been used to send thousands of smishing messages posing as banks and other official organizations. These messages targeted unsuspecting members of the public. Unprecedented…

Read more →