Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Cyber Threat Intelligence (CTI) is a process that actively gathers and analyzes information on potential cyber threats, including Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) used by attackers, along with their goals and capabilities.  The ultimate goal…

Read more →

Ahoy, which is often associated with communicating to ships, has now been playfully adopted in pirate language. We coin ‘Ahoi,’ an anagram of ‘Iago,’ to pay tribute to research on interface attacks with TEEs. Confidential computing, also referred to as…

Read more →

Hackers exploit Oracle WebLogic Servers, knowing that they are extensively used in enterprises. Threat actors can use security vulnerabilities present in the WebLogic servers to gain unauthorized access to sensitive data and install backdoors that open avenues for further exploitation.…

Read more →

In a recent cybersecurity revelation, Ivanti, a leading provider of enterprise-grade secure access solutions, has been found to have significant vulnerabilities in its VPN appliances. The most critical of these, identified as CVE-2024-21894, is a heap overflow vulnerability that could…

Read more →

A Sandbox is a protective medium that blocks the entire system from any application accessing vulnerable resources.  Restrictive environments for web content in browsers called sandboxes reduce the impact that can be caused by browser-based attacks such as malicious programs…

Read more →

Greylock McKinnon Associates, a prominent consulting firm, has reported a cyber attack that exposed personal data belonging to 341,000 individuals, including sensitive information from the Department of Justice (DOJ). Greylock McKinnon Associates, located at 75 Park Plaza, Boston, MA, discovered…

Read more →

Targus International, LLC and its affiliates fell victim to a sophisticated cyberattack. The company, an indirect subsidiary of B. Riley Financial, Inc., announced that an unauthorized entity breached its file systems, prompting an immediate and robust response to mitigate the…

Read more →

Privacy mistakes could pose a serious threat to sensitive information or systems,, which threat actors could exploit for their gain. These mistakes can include weak passwords, unsecured networks, and outdated software, making it easier for threat actors to infiltrate and…

Read more →

In a recent announcement, the team behind the widely acclaimed source code editor, Notepad++, has issued a call to arms for its user community. The appeal comes in response to the emergence of a deceptive website that misleads users and…

Read more →

Google has announced the global rollout of its revamped Find My Device network. This innovative feature is set to transform how Android users locate their misplaced devices and everyday items, leveraging a vast, crowdsourced network of over a billion Android…

Read more →

Cybercriminals have actively exploited a critical vulnerability in D-Link Network Attached Storage (NAS) devices globally. Identified as CVE-2024-3273, this remote code execution (RCE) flaw poses a significant threat to as many as 92,000 devices worldwide. The exploit allows attackers to…

Read more →

Researchers identified a significant vulnerability within the HTTP/2 protocol, potentially allowing hackers to launch Denial of Service (DOS) attacks on web servers. The vulnerability tracked as CVE-2024-28182 has raised concerns among internet security experts and prompted responses from various technology…

Read more →

In the dynamic and ever-evolving landscape of cyber security defenses, enterprise-grade penetration testing is one of the most crucial practices for organizations to adopt.  With cyber criminals operating on a far more sophisticated level than ever, continuous and multi-layered security…

Read more →

Researchers investigated a recent Agent Tesla malware campaign targeting US and Australian organizations, which used phishing emails with fake purchase orders to trick victims into clicking malicious links.  Upon clicking, an obfuscated Agent Tesla sample protected by Cassandra Protector was…

Read more →

Threat actors target home users with information-stealing malware like Vidar, StealC, and Lumma Stealer, which disguises the malware as pirated software and video game cracks in YouTube videos.  The videos appear to instruct users on obtaining free software or game…

Read more →

By exploiting the AI tools deepfake hackers could make videos or audios of political candidates to spread misinformation or disinformation, which may be used in election campaigns. Large language models (LLMs) can also enable them to produce realistic but misleading…

Read more →

Cisco recently fixed a high-severity vulnerability in Cisco IOS Software for Catalyst 6000 Series Switches, which could lead to a denial of service (DoS). This high-severity vulnerability, which has a base score of 7.4 and is tracked as CVE-2024-20276, is triggered by improper…

Read more →