Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

The Cybersecurity and Infrastructure Security Agency (CISA) has issued six advisories concerning vulnerabilities: These advisories highlight critical industrial control system vulnerabilities. Rockwell Automation’s RSLogix 5 and RSLogix 500 software Rockwell Automation’s RSLogix 5 and RSLogix 500 software are vulnerable due…

Read more →

A hacking group has allegedly claimed responsibility for breaching the Dell employee database. The claim was made public on a well-known hacking forum, where the group asserted that they had accessed sensitive information belonging to approximately 10,800 Dell employees and…

Read more →

Hertz, a well-known car rental company, has inadvertently exposed over 60,000 insurance claim reports. This breach has raised serious concerns about the company’s data security practices and left customers questioning the safety of their personal information. Discovery of the Breach…

Read more →

GitLab has issued an urgent call to action for organizations using its platform to patch a critical authentication bypass vulnerability. This security flaw, CVE-2024-45409, affects instances configured with SAML-based authentication. The vulnerability could potentially allow unauthorized access to sensitive data.…

Read more →

SambaSpy Attacking Windows Users With Weaponized PDF FilesResearchers discovered a targeted cybercrime campaign in May 2024 that exclusively focused on Italian victims, which was unusual as attackers typically aim for broader targets to increase profits.  However, this campaign implemented checks…

Read more →

Recent intelligence indicates a new technique employed by stealers to trick victims into entering credentials directly into a browser, enabling subsequent theft from the browser’s credential store. This method, used in conjunction with StealC malware, was first observed in August…

Read more →

Researchers identified an attack campaign targeting poorly secured Linux SSH servers, where the attack leverages Supershell, a cross-platform reverse shell backdoor written in Go, granting attackers remote control of compromised systems.  Following the initial infection, attackers are suspected to have…

Read more →

Researchers discovered a large, Chinese state-sponsored IoT botnet, “Raptor Train,” that compromised over 200,000 SOHO and IoT devices. Operated by Flax Typhoon, the botnet leveraged a sophisticated control system, “Sparrow,” to manage its extensive network.  The botnet posed a significant…

Read more →

A new method of attack has emerged that leverages WebDAV technology to host malicious files. This approach, which facilitates the distribution of the Emmenhtal loader—also known as PeakLight—has been under scrutiny since December 2023. The loader is notorious for its…

Read more →

A proof-of-concept (PoC) exploit has been released for a critical zero-day vulnerability identified as CVE-2024-7965, affecting Google’s Chrome browser. This vulnerability explicitly targets the V8 JavaScript engine and is exclusive to ARM64 architectures. The release of this PoC has raised…

Read more →

A threat actor on a well-known dark web forum has allegedly claimed responsibility for a significant data breach involving the Indian financial institution, Federal Bank. The breach reportedly exposes sensitive information of hundreds of thousands of customers, raising serious concerns…

Read more →

The anonymity of the Tor network has been scrutinized in a recent investigation by German law enforcement agencies. Despite these revelations, the Tor Project maintains that its network remains secure for users. This article delves into the details of the…

Read more →

Authorities have successfully dismantled “Ghost,” an encrypted communication platform allegedly used by cybercriminals worldwide. The operation, led by the Australian Federal Police (AFP) and involving international law enforcement agencies, marks a major victory in the ongoing battle against transnational crime…

Read more →

Cybersecurity firm Dr.Web faced a targeted cyber attack on its infrastructure on September 14. The incident prompted the company to disconnect its servers as a precautionary measure. Despite the disruption, no users protected by Dr.Web’s systems were affected. Dr.Web specialists…

Read more →

LibreOffice users are urged to update their software after disclosing a critical vulnerability, CVE-2024-7788, which affects the document repair mode. This flaw allows attackers to manipulate document signatures, potentially leading to security breaches. Vulnerability Overview LibreOffice, a popular open-source office…

Read more →

Ransomware attackers are increasingly exfiltrating data using tools like MEGAsync and Rclone. Shellbags analysis by modePUSH reveals their navigation of directories and file shares to find sensitive data. Despite exfiltrating large amounts of data, attackers prioritize valuable and protected information.…

Read more →

Windows Minifilter drivers are a type of file system filter driver that operates within the Windows operating system to manage and modify I/O operations without direct access to the file system.  They utilize the Filter Manager, which simplifies their development…

Read more →

Microsoft has confirmed the exploitation of a Windows Kernel vulnerability, identified as CVE-2024-37985, in the wild. This vulnerability, first released on July 9, 2024, and last updated on September 17, 2024, poses a significant risk due to its potential for…

Read more →

UNC2970, a North Korean cyber espionage group, used customized SumatraPDF trojans to deliver MISTPEN backdoors to victims through phishing emails pretending to be job recruiters.  The group targeted the energy and aerospace industries, copying job descriptions and engaging with victims…

Read more →

Discord has introduced end-to-end encryption (E2EE) for audio and video chats. Known as the DAVE protocol, this new feature aims to provide users with a more secure communication experience without compromising the platform’s renowned quality and performance. A Commitment to…

Read more →