Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Song Wu, a Chinese national, has been indicted on charges of wire fraud and aggravated identity theft. The charges stem from his alleged involvement in a sophisticated spear-phishing campaign targeting sensitive U.S. research and technology. This case highlights ongoing concerns…

Read more →

Millions of D-Link routers are at risk due to several critical vulnerabilities. Security researcher Raymond identified these vulnerabilities, which have been assigned multiple CVE IDs and pose severe threats to users worldwide. D-Link has issued urgent firmware updates to mitigate…

Read more →

Adobe released eight security updates in September 2024, addressing 28 vulnerabilities in various products, as ColdFusion received a critical patch to mitigate a code execution flaw rated at CVSS 9.8.  Other critical vulnerabilities were found in Photoshop, Illustrator, Premier Pro,…

Read more →

Medusa, a relatively new ransomware group, has gained notoriety for its dual-pronged online presence. Unlike its peers, Medusa maintains a visible profile on the surface web alongside its traditional dark web operations.  This unusual strategy has amplified its impact, with…

Read more →

A vulnerability in Azure API Management (APIM) has been identified. It allows attackers to escalate privileges and access sensitive information. This issue arises from a flaw in the Azure Resource Manager (ARM) API, which permits unauthorized access to critical resources.…

Read more →

A newly discovered vulnerability in the Spring Framework has been identified, potentially allowing attackers to access any file on the system. This vulnerability tracked as CVE-2024-38816, affects applications using the functional web frameworks WebMvc.fn or WebFlux.fn. It is classified as…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has called upon federal agencies and organizations to take immediate action concerning a critical vulnerability affecting Ivanti Cloud Services Appliance (CSA) 4.6. The vulnerability, CVE-2024-8190, poses a significant threat as it allows cyber…

Read more →

Cluster Bravo, despite its brief initial activity, subsequently targeted 11 organizations in the same region, as researchers found that these attackers used compromised environments within the same vertical for malware staging.  Cluster Charlie, after being disrupted, returned with new techniques,…

Read more →

Kali Linux 2024.3, the most recent iteration of Offensive Security’s highly regarded Debian-based distribution designed for ethical hacking and penetration testing, has been released. This new release is a major update that includes 11 new hacking tools and focuses on…

Read more →

A hacker known as Amadon has reportedly managed to bypass the safety protocols of ChatGPT, a popular AI chatbot developed by OpenAI, to generate instructions for creating homemade explosives. This incident raises significant questions about generative AI technologies’ security and…

Read more →

Citrix released a security bulletin (CTX691485) detailing two critical vulnerabilities in the Citrix Workspace app for Windows. These vulnerabilities, identified as CVE-2024-7889 and CVE-2024-7890, pose significant security risks. They allow local privilege escalation that could enable attackers to gain SYSTEM-level…

Read more →

A recent advanced malware campaign leverages a phishing attack to deliver a seemingly benign Excel file that exploits CVE-2017-0199. By exploiting this vulnerability in Microsoft Office, attackers are able to embed malicious code within the file using OLE objects.  It…

Read more →

A critical vulnerability in the Apache OFBiz framework has been actively exploited by hackers. The flaw designated CVE-2024-45195, allows for unauthenticated remote code execution (RCE), posing a threat to organizations relying on OFBiz for their operations. CVE-2024-45195 – Vulnerability Details…

Read more →

Docker has addressed critical vulnerabilities in Docker Desktop that could allow attackers to execute remote code. These vulnerabilities, identified as CVE-2024-8695 and CVE-2024-8696, highlight the ongoing risks associated with software extensions and the importance of timely updates. CVE-2024-8695: Crafted Extension…

Read more →

Fortinet, a leading cybersecurity firm, has confirmed a data breach involving a third-party cloud service after a hacker, known by the alias “Fortibitch,” claimed to have stolen 440GB of data. The breach primarily affects a small number of Fortinet’s Asia-Pacific…

Read more →

In a strategic move to bolster its cybersecurity capabilities, Mastercard has announced an agreement to acquire Recorded Future, a leading global threat intelligence company, for $2.65 billion. This acquisition, from Insight Partners, aims to enhance Mastercard’s existing suite of services…

Read more →

RCE attacks on WhatsUp Gold exploited the Active Monitor PowerShell Script to execute malicious code, as the vulnerabilities CVE-2024-6670 and CVE-2024-6671, patched on August 16, were leveraged to execute remote access tools and gain persistence. Despite the availability of patches,…

Read more →

Exploiting memory corruption vulnerabilities in server-side software often requires knowledge of the binary and environment, which limits the attack surface, especially for unknown binaries and load-balanced environments.  Successful exploitation is challenging due to the difficulty of preparing the heap and…

Read more →

The Iranian threat actor APT34, also known as GreenBug, has recently launched a new campaign targeting Iraqi government entities by employing a custom toolset, including a novel IIS backdoor and DNS tunneling protocol.  The malware used in this campaign shares…

Read more →

CosmicBeetle, a threat actor specializing in ransomware, has recently replaced its old ransomware, Scarab, with ScRansom, a custom-built ransomware that continues to evolve.  The threat actor has been actively targeting SMBs worldwide, exploiting vulnerabilities to gain access to their systems…

Read more →