A group of hackers has claimed to have accessed the database of Qatar National Bank (QNB), one of the largest financial institutions in the Middle East. The announcement was made via a post on Twitter by the account MonThreat. ANYRUN…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Cloud-Based Malware Attack Abusing Google Drive & Dropbox
A phishing email with a malicious zip attachment initiates the attack. The zip contains a single executable disguised as an Excel file using Left-To-Right Override characters (LTRO). LTRO makes the filename appears to have a harmless .xlsx extension (e.g., RFQ-101432620247flexe.xlsx)…
OmniVision Technologies Cyber Attack, Hackers Stolen Personal Data in Ransomware Attack
OmniVision Technologies, Inc. (OVT) recently disclosed a significant security breach that compromised its clients’ personal data. The company, known for its advanced digital imaging solutions, reported that the incident occurred between September 4, 2023, and September 30, 2023. During this…
Threat Actors Leverage Bitbucket Artifacts to Breach AWS Accounts
In a recent investigation into Amazon Web Services (AWS) security breaches, Mandiant uncovered a troubling scenario client-specific secrets were leaked from Atlassian’s code repository tool, Bitbucket, and exploited by threat actors to gain unauthorized access to AWS accounts. This revelation…
Critical Flaw In Confluence Server Let Attackers Execute Arbitrary Code
The widely used team workspace corporate wiki Confluence has been discovered to have a critical remote code execution vulnerability. This vulnerability has been assigned with CVE-2024-21683 with a severity of 8.3 (High). This vulnerability affects multiple versions of Confluence Data…
Hackers Breached Western Sydney University Microsoft 365 & Sharepoint Environments
Western Sydney University has informed approximately 7,500 individuals today of an unauthorized access incident involving its IT network. The breach, first identified in January 2024, affected the University’s Microsoft Office 365 environment, including email accounts and SharePoint files. The earliest…
Memcyco Report Reveals Only 6% Of Brands Can Protect Their Customers From Digital Impersonation Fraud
Memcyco Inc., provider of digital trust technology designed to protect companies and their customers from digital impersonation fraud, released its inaugural 2024 State of Website Impersonation Scams report. Notably, Memcyco’s research indicates that the majority of companies do not have…
North Korean Hackers Hijacked Military Officials Personal Email
North Korean hacking groups are suspected of hijacking the personal email accounts of high-ranking military officials. The Defense Ministry confirmed that a joint investigation is underway, involving both the police and military police. A dedicated task force has been established…
Microsoft Unveild New Windows 11 Features To Strengthen Security
Microsoft has been prioritizing security in Windows, as they introduced Secured-Core PCs to protect from hardware to cloud attacks and expanded passwordless offerings with passkeys for better identity protection. Passkeys are protected by Windows Hello technology, and to further enhance…
Critical Memory Corruption In Cloud Logging Infrastructure Enables Code Execution Attack
A new critical vulnerability has been discovered in Fluent Bit’s built-in HTTP server, which has been termed “Linguistic Lumberjack” (CVE-2024-4323). Exploiting this vulnerability can also lead to a denial of service, information disclosure, or remote code execution. Its severity has…
DoppelGänger Attack: Malware Routed Via News Websites And Social Media
A Russian influence campaign, DoppelGänger, leverages fake news websites (typosquatted and independent) to spread disinformation, undermining support for Ukraine. Structura and SDA are running the campaign, which started in May 2022 and targets France, Germany, and other countries. Inauthentic social…
Multiple Vulnerabilities in Honeywell VirtualUOC Let Attackers Execute Remote Code
Team82 has uncovered multiple critical vulnerabilities in Honeywell’s ControlEdge Virtual Unit Operations Center (UOC). These vulnerabilities within the EpicMo protocol implementation could potentially allow attackers to execute remote code without authentication. Honeywell has since addressed these issues, but the discovery…
Grandoreiro Malware Hijacks Outlook Client to Send Phishing Emails
X-Force identified a phishing campaign targeting Latin American users since March 2024, where emails impersonate legitimate entities like tax and utility services, urging recipients to click links for invoices or account statements. Clicking the link redirects users in specific countries…
Critical Memory Corruption In Cloud Logging Infrastructure Enables Code Execution Attack
Fluent Bit, a widely used open-source data collector and processor, has been found to have a major memory loss flaw. Many big cloud providers use Fluent Bit for their logging because it is easy to use and can be scaled…
PoC Exploit Released for QNAP QTS zero-day RCE Flaw
Researchers have shown a proof-of-concept (PoC) attack for a zero-day remote code execution (RCE) flaw in the QTS operating system from QNAP. Users of QNAP’s Network-Attached Storage (NAS) devices, which are common in both small and big business settings, are…
Critical Git Vulnerability Let Attackers Execute Remote Code : PoC Published
A critical remote code execution vulnerability has been discovered in the git clone which was assigned with CVE-2024-32002 and the severity has been given as 9.0 (Critical). This particular vulnerability existed in the clone command that is widely used. Git…
SWARM – Switchable Backdoor Attack Against Pre-trained Models
In the big data era, pre-training large vision transformer (ViT) models on massive datasets has become prevalent for enhanced performance on downstream tasks. Visual prompting (VP), introducing learnable task-specific parameters while freezing the pre-trained backbone, offers an efficient adaptation alternative…
Akira Ransomware Escalates Privilege To Exfiltrate Domain Controller Files
In a recent encounter, the Akira ransomware group exploited a novel privilege escalation technique, where the attackers infiltrated the victim’s virtual environment to steal the NTDS.dit file, a critical file containing domain user accounts and passwords stored on domain controllers. …
Financial Organizations Need To Disclose Data Breach Within 30-Days
The U.S. Securities and Exchange Commission (SEC) has made changes to Regulation S-P that require financial companies to report data leaks within 30 days. This is a big step toward protecting consumers. This new rule, which goes into force on…
Two Chinese Nationals Arrested for Stealing $73M+ Via Cryptocurrency Scams
Two Chinese people have been arrested on suspicion of being involved in a complex cryptocurrency trading scam that stole more than $73 million from people. In the Central District of California, the accusation was made public. It charges Daren Li,…