Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

A new method of attack has emerged that leverages WebDAV technology to host malicious files. This approach, which facilitates the distribution of the Emmenhtal loader—also known as PeakLight—has been under scrutiny since December 2023. The loader is notorious for its…

Read more →

A proof-of-concept (PoC) exploit has been released for a critical zero-day vulnerability identified as CVE-2024-7965, affecting Google’s Chrome browser. This vulnerability explicitly targets the V8 JavaScript engine and is exclusive to ARM64 architectures. The release of this PoC has raised…

Read more →

A threat actor on a well-known dark web forum has allegedly claimed responsibility for a significant data breach involving the Indian financial institution, Federal Bank. The breach reportedly exposes sensitive information of hundreds of thousands of customers, raising serious concerns…

Read more →

The anonymity of the Tor network has been scrutinized in a recent investigation by German law enforcement agencies. Despite these revelations, the Tor Project maintains that its network remains secure for users. This article delves into the details of the…

Read more →

Authorities have successfully dismantled “Ghost,” an encrypted communication platform allegedly used by cybercriminals worldwide. The operation, led by the Australian Federal Police (AFP) and involving international law enforcement agencies, marks a major victory in the ongoing battle against transnational crime…

Read more →

Cybersecurity firm Dr.Web faced a targeted cyber attack on its infrastructure on September 14. The incident prompted the company to disconnect its servers as a precautionary measure. Despite the disruption, no users protected by Dr.Web’s systems were affected. Dr.Web specialists…

Read more →

LibreOffice users are urged to update their software after disclosing a critical vulnerability, CVE-2024-7788, which affects the document repair mode. This flaw allows attackers to manipulate document signatures, potentially leading to security breaches. Vulnerability Overview LibreOffice, a popular open-source office…

Read more →

Ransomware attackers are increasingly exfiltrating data using tools like MEGAsync and Rclone. Shellbags analysis by modePUSH reveals their navigation of directories and file shares to find sensitive data. Despite exfiltrating large amounts of data, attackers prioritize valuable and protected information.…

Read more →

Windows Minifilter drivers are a type of file system filter driver that operates within the Windows operating system to manage and modify I/O operations without direct access to the file system.  They utilize the Filter Manager, which simplifies their development…

Read more →

Microsoft has confirmed the exploitation of a Windows Kernel vulnerability, identified as CVE-2024-37985, in the wild. This vulnerability, first released on July 9, 2024, and last updated on September 17, 2024, poses a significant risk due to its potential for…

Read more →

UNC2970, a North Korean cyber espionage group, used customized SumatraPDF trojans to deliver MISTPEN backdoors to victims through phishing emails pretending to be job recruiters.  The group targeted the energy and aerospace industries, copying job descriptions and engaging with victims…

Read more →

Discord has introduced end-to-end encryption (E2EE) for audio and video chats. Known as the DAVE protocol, this new feature aims to provide users with a more secure communication experience without compromising the platform’s renowned quality and performance. A Commitment to…

Read more →

A threat actor has allegedly put up for sale a database belonging to Bharat Petroleum Corporation Limited (BPCL). This alarming news was first reported by DarkWebInformer on X, raising significant cybersecurity concerns for the corporation and its stakeholders. Details of…

Read more →

VMware has issued a critical security advisory (VMSA-2024-0019) addressing two significant vulnerabilities in its vCenter Server and VMware Cloud Foundation products. CVE-2024-38812 and CVE-2024-38813 vulnerabilities could allow attackers to execute remote code and escalate privileges. CVE-2024-38812: Heap-Overflow Vulnerability The first…

Read more →

The Chrome team has officially announced the release of Chrome 129, which is now available on the stable channel for Windows, Mac, and Linux. This update, which will be gradually rolled out over the coming days and weeks, addresses several…

Read more →

Two campaigns targeting Selenium Grid’s default lack of authentication are underway, as threat actors are exploiting this vulnerability to deploy malicious payloads, including exploit kits, cryptominers, and proxyjackers. Selenium Grid’s widespread use among developers, coupled with its default lack of…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding two critical vulnerabilities affecting Microsoft Windows MSHTML and Progress WhatsUp Gold. These vulnerabilities, identified as CVE-2024-43461 and CVE-2024-6670, are reportedly being exploited widely, posing significant risks to…

Read more →

Honeypots, decoy systems, detect and analyze malicious activity by coming in various forms and can be deployed on cloud platforms to provide insights into attacker behavior, enhancing security. The study proposes to create an interactive honeypot system using a Large…

Read more →

North Korean hackers have been identified as targeting LinkedIn users to deliver sophisticated malware known as RustDoor. This cyber threat underscores the evolving tactics of state-sponsored hacking groups, mainly from North Korea, which have increasingly turned to social engineering on…

Read more →

The Russian ransomware group Key Group, active since early 2023, is targeting organizations globally, as their modus operandi involves encrypting files and stealing data before demanding ransom via Telegram. The group utilizes the .NET-based Chaos ransomware builder to create their…

Read more →