Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

OSINVGPT is an AI-based system that helps security analysts with open-source investigations and tool selection. While this tool was developed by “Very Simple Research.” This tool can assist security analysts in gathering relevant information, sources, and tools for their investigations.…

Read more →

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have raised a red flag: Chinese-made drones pose a significant risk to the security of critical infrastructure in the United States. While any UAS can harbor…

Read more →

Android TVs are widely used, and due to their wide adoption, threat actors frequently target them for unauthorized access or data theft. In Android smart TVs, the vulnerabilities in outdated software or third-party apps can be exploited. The interconnected nature…

Read more →

A cryptocurrency-related phishing scam that uses malware called a drainer is one of the most widely used tactics these days. From November 2022 to November 2023, ‘Inferno Drainer’, a well-known multichain cryptocurrency drainer, was operational under the scam-as-a-service paradigm. On sophisticated…

Read more →

Today, DDoS attacks stand out as the most widespread cyber threat, extending their impact to APIs.  When successfully executed, these attacks can cripple a system, presenting a more severe consequence than DDoS incidents targeting web applications.  The increased risk amplifies…

Read more →

Cisco NetScaler ADC and NetScaler Gateway have been discovered to have two vulnerabilities, which were associated with remote code execution and denial of service. The CVEs for these vulnerabilities were CVE-2023-6548 and CVE-2023-6549, and the severity has been given as…

Read more →

Threat actors use botnet malware to gain access to the network of compromised systems that enable them to perform several types of illicit activities. They get attracted to botnet malware due to its distributed and anonymous infrastructure, which makes it…

Read more →

Ever since the beginning of 2023, infostealers targeting macOS have been on the rise with many threat actors actively targeting Apple devices. As of last year, many variants of Atomic Stealer, macOS meta stealer, RealStealer, and many others were discovered.…

Read more →

Google Chrome has released its stable channel update version 20.0.6099.234 for Mac, 120.0.6099.224 for Linux, and 120.0.6099.224/225 for Windows. However, Google stated that this new security update will roll out in the upcoming days/weeks. The extended stable channel has also…

Read more →

GBHackers come across a new ChatGPT-powered Penetration testing Tool called “PentestGPT” that helps penetration testers to automate their pentesting operations. PentestGPT has been released on GitHub under the operator “GreyDGL,” a Ph.D. student at Nanyang Technological University, Singapore. It is…

Read more →

GitHub has become a major platform that cybercriminals use for various attack methods such as payload delivery, dead drop resolution (DDR), C2 (Command and Control) and exfiltration. T This is because GitHub is considered legitimate traffic, which threat actors can…

Read more →

The 29-year-old man was arrested in Mykolaiv, Ukraine, for using hacked accounts to create 1 million virtual servers to illegally mine cryptocurrency. It is estimated that the suspect has mined cryptocurrency worth over USD 2 million (or EUR 1.8 million). The…

Read more →

Network Penetration Testing checklist determines vulnerabilities in the network posture by discovering open ports, troubleshooting live systems, and services, and grabbing system banners. The pen-testing helps the administrator close unused ports, add additional services, hide or customize banners, troubleshoot services, and…

Read more →

Web server pentesting is performed under three significant categories: identity, analysis, and reporting vulnerabilities such as authentication weaknesses, configuration errors, and protocol relationship vulnerabilities.  1.  “Conduct a series of methodical and repeatable tests ” is the best way to test the webserver…

Read more →

Web server pentesting is performed under 3 significant categories: Identity, Analyse, and Report Vulnerabilities such as authentication weakness, configuration errors, and protocol Relation vulnerabilities.  1.  “Conduct a series of methodical and Repeatable tests ” is the best way to test the webserver…

Read more →

Hackers target vulnerable WordPress plugins as they provide a potential entry point to exploit website security weaknesses.  These plugins often have outdated code or known vulnerabilities, which make them attractive targets for malicious actors seeking:- Recently, on December 14th, 2023,…

Read more →

Several vulnerabilities have been discovered in Splunk Enterprise Security and Splunk User Behavior Analytics (UBA), which existed in several third-party packages. The third-party package includes Splunk, which includes babel/traverse, handsontable, semver, loader-utils, json5, socket.io-parser, protobuf, and Guava. However, Splunk has…

Read more →

Hackers use Qbot malware for its advanced capabilities, including keylogging, credential theft, and backdoor functionality. Previously distributed Qakbot malware campaign was capable of monitoring the browsing activities of the infected computer and logs all information related to finance-related websites. Qbot…

Read more →

Invati Connect Secure (ICS) and Ivanti Policy Secure Gateways have been discovered with two new vulnerabilities associated with authentication bypass and command injection. The CVEs for these vulnerabilities have been assigned as CVE-2023-46805 and CVE-2024-21887. The severity of these vulnerabilities…

Read more →

AgentTesla is a notorious malware that functions as a keylogger and information stealer.  By logging keystrokes and capturing screenshots on infected systems, this notorious malware targets sensitive data like:- Recently, the cybersecurity researchers at BitSight Security discovered that AgentTesla malware…

Read more →