Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Adobe has addressed several critical code execution flaws across a broad spectrum of its products. This move underscores the company’s commitment to software security and protecting its user base against potential cyber threats. Free Webinar on Live API Attack Simulation: Book…

Read more →

Hackers exploit the Windows zero-day vulnerabilities, as they offer great advantages. This means that no patches or defenses exist for zero-day vulnerabilities as software vendors are unaware of them, consequently, hackers have a certain period to start their attacks before…

Read more →

Google has issued an urgent security update for its Chrome browser after discovering a zero-day vulnerability that is currently being exploited by attackers. The vulnerability, tracked as CVE-2024-4761, affects the V8 JavaScript engine and could potentially allow attackers to execute arbitrary code on the user’s computer. Google has responded quickly with a patch, urging all users to update their browsers immediately to…

Read more →

A critical vulnerability has been discovered in Fortinet’s FortiOS SSL-VPN and FortiProxy SSL-VPN. The flaw, identified as FG-IR-23-225, allows attackers to spoof IP addresses and bypass security controls by sending specially crafted packets. It affects multiple versions of FortiOS and…

Read more →

A court has sentenced the developer of the cryptocurrency mixing service Tornado Cash to over five years in prison. The developer was found guilty of designing and operating a platform that laundered billions of dollars, including proceeds from high-profile cybercrimes.…

Read more →

Hackers exploit social engineering, which avoids technical security systems, by manipulating the psychology and behavior of a human being. Social engineering techniques, such as baiting emails or pretexting phone calls, manipulate victims into providing confidential information or performing actions that…

Read more →

Tor Project has announced the release of Tor Browser 13.0.15. Available now on the Tor Browser download page and through their distribution directory, this new version introduces a series of significant updates and bug fixes that promise to improve the…

Read more →

Hackers target smart homes due to the increased interconnected devices with often insufficient security measures.  Smart homes provide a wealth of personal and sensitive information, including access to security cameras, smart locks, and personal data stored on connected devices. Cybersecurity…

Read more →

Attackers launched a campaign distributing trojanized installers for WinSCP and PuTTY in early March 2024, as clicking malicious ads after searching for the software leads to downloads containing a renamed pythonw.exe that loads a malicious DLL.  The DLL side-loads a…

Read more →

In a concerning development for Dell Technologies, a threat actor known as Menelik has reportedly accessed and scraped sensitive customer data from a Dell support portal. This latest security breach, which follows a previous incident involving the theft of physical…

Read more →

The New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) has detected a formidable new cyber threat. Dubbed LockBit Black, this ransomware campaign is leveraging a botnet to distribute millions of weaponized emails, posing a significant risk to individuals and organizations.…

Read more →

As a sneaky scheme, hackers use DNS tunneling to bypass traditional security measures. By wrapping malicious data inside DNS queries and responses, they can smuggle out sensitive information or talk to command and control servers without getting caught. DNS tunneling…

Read more →

A notorious threat actor has decided to sell the INC Ransomware code for an unbelievable $300,000. As a result of this change, the number of cyber threats has significantly increased, putting many more businesses at risk of damaging hacks. A…

Read more →

In a recent development, Zscaler Inc., a prominent cybersecurity firm, has concluded its investigation into a potential data breach initially reported last week. The company confirmed that the breach was confined to an isolated test environment on a single server…

Read more →

In a sophisticated cyberattack campaign, hackers are using the online meeting platform GoToMeeting to distribute a Remote Access Trojan known as Remcos. This alarming development underscores cybercriminals’ evolving tactics of leveraging trusted software to breach security defenses and gain unauthorized…

Read more →

iTunes has been found to have an arbitrary code execution vulnerability that might allow attackers to execute malicious code. To fix this vulnerability, Apple has issued a security advisory. It also stated that until an investigation is complete and updates…

Read more →

OpenAI, the top lab for researching artificial intelligence, just released GPT-4o, its newest advance in AI technology. In the field of generative AI, this newest and most advanced model is a big step forward because it can work with voice,…

Read more →

In collaboration with Red Balloon Security, Narf Industries, and Niyo Little Thunder Pearson (ONEGas, Inc.), MITER has unveiled EMB3D, a comprehensive threat model designed to address the growing cybersecurity risks faced by embedded devices in critical infrastructure sectors. Embedded devices,…

Read more →

Tycoon 2FA, a recently emerged Phishing-as-a-Service (PhaaS) platform, targets Microsoft 365 and Gmail accounts, which leverage an Adversary-in-the-Middle (AitM) technique to steal user session cookies, bypassing multi-factor authentication (MFA) protections.  By acting as an intermediary between the user and the…

Read more →

Hackers very frequently target the finance and insurance sectors due to the large volumes of sensitive data that they own. These areas manage huge quantities of valuable as well as critical financial information, personal identities, and intellectual property. When their…

Read more →