Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Active Directory infiltration methods exploit vulnerabilities or weaknesses in Microsoft’s Active Directory to gain unauthorized access. Active Directory is a central component in many organizations, making it a valuable target for attackers seeking access to:- While successful infiltration allows threat…

Read more →

Wireshark is a popular open-source network protocol analyzer that allows users to inspect and capture data on a network in real time.  It enables detailed examination of network traffic for the following purposes:- Several key factors make Wireshark one of…

Read more →

A Critical Google Cookies exploit involves manipulating or stealing user cookies, which store authentication information, to gain unauthorized access to accounts.  Hackers exploit this illicit mechanism to:- A developer, PRISMA, discovered a major Google cookie exploit in Oct 2023 that…

Read more →

DLL hijacking is a technique where a malicious DLL (Dynamic Link Library) is placed in a directory that a vulnerable application searches before the legitimate one.  When the application is launched, it unknowingly loads the malicious DLL instead, allowing attackers…

Read more →

DLL hijacking is a technique where a malicious DLL (Dynamic Link Library) is placed in a directory that a vulnerable application searches before the legitimate one.  When the application is launched, it unknowingly loads the malicious DLL instead, allowing attackers…

Read more →

Google Kubernetes Engine (GEK) has been detected with two flaws that a threat actor can utilize to create significant damage in case the threat actor already has access inside the Kubernetes cluster. The first issue was associated with FluentBit with…

Read more →

Cyber attacks are evolving rapidly with advancements in technology, as threat actors exploit new vulnerabilities in:- The rise of the following sophisticated techniques demonstrates a growing level of complexity:- Moreover, the expansion of Internet of Things (IoT) devices provides new…

Read more →

Hackers abuse the ChatGPT name for malicious domains to exploit the credibility associated with the ChatGPT model, deceiving users into trusting fraudulent websites.  Leveraging the model’s reputation enables them to trick individuals into:- H2 2023’s ransomware from ESET highlight isn’t…

Read more →

Network Security tools for Penetration testing is more often used by security industries to test the vulnerabilities in network and applications. Here you can find the Comprehensive Network Security Tools list that covers Performing Penetration testing Operations in all Environments.…

Read more →

While the world celebrated Christmas, the cybercrime underworld feasted on a different kind of treat: the release of Meduza 2.2, a significantly upgraded password stealer poised to wreak havoc on unsuspecting victims.  Cybersecurity researchers at Resecurity uncovered the details of…

Read more →

Hackers exploit Zero-Days because these vulnerabilities are unknown to software developers, making them valuable for launching attacks before developing patches.  Zero-day exploits provide an opportunity to:- Cybersecurity researchers at Securelist recently discovered a malicious operation dubbed “Triangulation,” in which threat…

Read more →

Barracuda Email Security Gateway (ESG) Appliance has been discovered with an Arbitrary code Execution vulnerability exploited by a China Nexus threat actor tracked as UNC4841. Additionally, the vulnerability targeted only a limited number of ESG devices.  However, Barracuda has deployed…

Read more →

A new vulnerability has been discovered in Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. Apache OfBiz is used as a part of the software supply chain in Atlassian’s JIRA, which is predominantly used in several organizations. This vulnerability…

Read more →

The cybersecurity domain is undergoing rapid changes owing to the rise in frequency and complexity of cyber threats. As the digital world expands, the risk of cyberattacks is increasing, and security experts must stay vigilant to safeguard against potential breaches.…

Read more →

Threat actors targeting crypto wallets for illicit transactions have been in practice for quite some time. Threat actors have been using Wallet Drainers for such cybercrime activities, which have seen great success in recent years.  Several techniques were used for…

Read more →

Ubisoft, the renowned video game developer behind iconic franchises like Assassin’s Creed and Far Cry, narrowly escaped a potentially devastating data breach.  On December 20th, an unidentified threat actor infiltrated their systems, gaining access for approximately 48 hours before Ubisoft’s…

Read more →

Hackers use weaponized Word documents to deliver malicious payloads through social engineering.  By embedding malware or exploiting vulnerabilities in these documents, attackers trick users into opening them and leading to the execution of malicious code.  While leveraging the familiarity and…

Read more →

In a strategic move destined to fortify its dominance in the ever-evolving realm of cloud security, Cisco has officially declared its intent to acquire Isovalent, a trailblazer in open-source cloud-native networking and security.  This bold acquisition underscores Cisco’s steadfast commitment…

Read more →

Android malware infects devices to take full control for various illicit purposes like:-  By gaining complete control, threat actors can exploit the device for their illicit activities, posing significant threats to:- Cybersecurity analysts at McAfee Mobile Research recently found an…

Read more →

Organizations face an escalating threat of bot attacks in the rapidly evolving digital landscape. As revealed in our latest AppSec report, there has been a staggering 56% increase in bot attacks compared to Q2 2023. Previously associated with DDoS attacks,…

Read more →