Splunk Enterprise has multiple vulnerabilities that can lead to Cross-site Scripting (XSS), Denial of Service (DoS), Remote code execution, Privilege Escalation, and Path Traversal. The severities of these vulnerabilities range between 6.3 (Medium) to 8.8 (High). Splunk has addressed these…
Tag: GBHackers – Latest Cyber Security News | Hacker News
Cisco BroadWorks Application Software Flaw Let Attackers conduct XSS Attack
Cisco released a fix for the medium impact vulnerability found on CommPilot Application Software, allowing cross-site scripting against the user interface. The Cisco BroadWorks CommPilot Application allows authenticated users to upload configuration files on the platform. The lack of file…
Paramount Media Hacked: Attackers Obtain Access to User Personal Information
In a shocking turn of events, Paramount Media recently fell victim to a significant data breach, leading to the unauthorized access of user personal information. Paramount Media Networks(founded as MTV Networks in 1984 and known under this name until 2011)…
Multiple Flaws in ArubaOS Switches Let Attackers Execute Remote Code
Multiple vulnerabilities have been identified in ArubaOS-Switch Switches, specifically pertaining to Stored Cross-site Scripting (Stored XSS), Denial of Service (DoS), and Memory corruption. Aruba has taken measures to mitigate these vulnerabilities and has subsequently published a security advisory. ArubaOS-Switch is…
Dismantling Qakbot Botnet – FBI’s Largest Cyber Operation Ever
Qakbot (aka QBot, Pinkslipbot) is a sophisticated banking Trojan malware that can spread through various methods. Once installed on a system, Qakbot can collect:- The FBI, along with the Justice Department, led a multinational operation to dismantle the complete infrastructure…
Google Chrome Security Update: High-Severity Vulnerability Patched
Google has updated the Stable and Extended Stable channels for Mac, Linux, and Windows to version 116.0.5845.140/.141 to address a security issue in Chrome. One “high-severity” security patch is included in this version. This upgrade will roll out over the…
DarkGate Loader Delivered Through Stolen Email Threads to Lure Victims
The research revealed high malspam activity of DarkGate malware distributed via phishing emails to the users either through MSI files or VBs script payloads. Darkgate malware has been active since 2018 and has the ability to download and execute files…
Email Authentication Protocols: SPF, DKIM, and DMARC – A Detailed Guide
Email communication is essential for personal and professional contact in the modern digital environment. Email is widely used, making it a perfect target for cybercriminals, leading to increased phishing attempts, spam, and email spoofing. Strong email security measures are becoming…
Hackers Exploiting Juniper RCE Flaw Following PoC Release
There were multiple vulnerabilities in the Juniper SRX and EX Series, which were reported previously. These vulnerabilities have a medium severity if they are separated. However, combining them together results in a pre-auth RCE, which is a critical vulnerability. Following…
Stealthy Android Malware Attacking Mobile Users Via Fake App Stores
A recently discovered Android Trojan, dubbed “MMRat,” poses a serious threat to mobile banking security. Unlike other forms of malware, this Trojan is designed to evade detection from traditional antivirus software. The security experts at TrendMicro have identified the Trojan…
What is Static Network Address Translation?
Static NAT is a type of NAT that maps one public IP address to one private IP address. Every time a device with a private IP address on your network tries to access the internet, its traffic will be routed…
Threat Actors Abuse Google Groups to Send Fake order Notifications
Threat actors continue to evolve their spam tactics by utilizing legitimate Google Groups to send Fake order messages to target multiple users. Fake order scams work by notifying victims about the purchase status or confirmation that originally was not placed…
Hackers Can Exploit Skype Vulnerability to Find User IP Address
Hackers can now capture your IP address and expose your physical location by sending a Skype link, even if you don’t click it. An IP address, which stands for “Internet Protocol address,” is like a unique digital home address for…
Hackers Abuse Azure AD Abandoned Reply URLs to Escalate Privilege
Recent reports indicate that there has been a privilege escalation vulnerability discovered, which arises due to abandoned Active Directory URLs. Threat actors can use this flaw to gain illegal authorization codes that can be used against Microsoft Power Platform API…
Mom’s Meals Breached: Over 1.2 Million Consumers Data Exposed
PurFoods, LLC, operating under the trade name Mom’s Meals, has announced the compromise of personal information affecting its clients and employees. The company acknowledged that its cybersecurity defenses had been compromised, allowing unauthorized access to a treasure trove of consumer…
Two Men Arrested Following Poland’s Railway System Signals Hack
Authorities in Poland arrested two individuals on suspicion of planning an unlawful hack into the communication network of the national railway, which caused delays in train service in some areas. The Polish PKP railway’s radio communication system was hacked on Friday…
Microsoft Edge Privilege Escalation Flaw – Update Now!
Microsoft Edge has published a release note that mentioned a Privilege escalation vulnerability with the CVE ID of CVE-2023-36741 and has a CVSS Score of 8.3 (High). This vulnerability exists in the Microsoft-Edge Chromium-based versions prior to 116.0.1938.62. An unauthorized…
Lockbit 3.0 Builder Leaked: Anyone Can Blend Ransomware
It has come to the attention of researchers that the LockBit 3.0 builder has suffered from a leak, which now allows anyone to create various versions of the LockBit ransomware according to their own preferences. This poses a serious security…
Hackers Embed Weaponized Word File into a PDF to Evade Detection
To avoid detection, hackers employed a new method dubbed “MalDoc in PDF” to insert a malicious Word file into a PDF file. Despite having magic numbers and a PDF-specific file format, a file created with MalDoc in PDF may be opened…
Hackers Disruptred Poland’s Railway System Signals
Poland’s Railway infrastructure, a crucial transit route for Western weapons transported to Ukraine, has been compromised by cybercriminals. The signals were intermingled with recordings of the Russian national anthem and a speech by President Vladimir Putin, according to the Polish…
Cisco Nexus 3000 and 9000 Series Switches Flaw Let Attackers Trigger DoS Attack
A Denial-of-Service vulnerability has been discovered in the Cisco Nexus 3000 and 9000 series switches, which could allow a threat actor to cause a denial-of-service condition due to a flaw in the IS-IS (Intermediate System-to-Intermediate System) protocol. ISIS is one…
Cloud Hosting Provider Lost all Customer Data Following Ransomware Attack
There has been a cyber attack on two cloud hosting providers, namely CloudNordic and Azero Cloud, both of which are owned by Certiqa Holding. The cyber attack has resulted in a complete data loss for all of their customers. The…
Cisco NX-OS Software Flaw Let Attacker Trigger a DoS Attack
A high-severity vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software might allow an unauthenticated local attacker to force an affected device to unintentionally reload. NX-OS is a network operating system for Cisco Systems’ Nexus-series Ethernet switches and…
Hackers Continue to Exploit Barracuda ESG Zero-Day Flaw: FBI Flash Alert
The recent discovery of a zero-day vulnerability (CVE-2023-2868) in Barracuda Networks Email Security Gateway (ESG) appliances has brought significant concern. CVE-2023-2868 is a remote command injection vulnerability that grants unauthorized execution of system commands with administrator privileges on Barracuda ESG…
Wireshark 4.0.8 Release: What’s New!
The most widely used network protocol analyzer in the world, Wireshark, has released version 4.0.8. It is employed for network analysis, troubleshooting, software and communications protocol development, and education. This new version includes bug fixes, improved protocol support, and a…
What are Brute Force Attacks, and How to Protect Your APIs Against them?
Brute force attacks have been one of the most common attack types. In Q1 2022, brute force made up 51% of all attacks! These attacks often pave the way for other types of threats and have devastating consequences for the…
Simplify Secure Enterprise Device Management With QR Codes
Corporate mobile devices have become essential to everyday tasks for employees, but this convenience also comes with security risks. The challenge lies in managing and securing multiple devices, especially without a proper solution. This is where mobile device management (MDM)…
NoFilter: Tool that Escalates Privilege Abusing Windows Filtering Platform
Privilege escalation is a commonly employed attack vector in the Windows operating system environment. Attackers often leverage offensive tools such as Meterpreter, CobaltStrike, or Potato tools to execute code such as “NT AUTHORITY\SYSTEM.” These tools typically employ token duplication and…
Kali Linux 2023.3 Released: What’s New!
Kali Linux 2023.3 is now available, and it includes a variety of new packages and tools, as well as the usual upgrades. The release of Kali Linux 2023.3 arrives three months after Kali Linux 2023.2. This upgrades the kernel from Debian…
GroundPeony Group Exploiting Zero-day Flaw to Attack Government Agencies
A cyber attack group – GroundPeony, targeting the Taiwanese government, was discovered in March 2023; it used several tactics, such as tampering with legitimate websites for distributing malware, URL obfuscation, and multi-stage loaders. Further investigations revealed that a China-nexus attack…
Hackers Threaten Patients Following a Massive Cyberattack on a Hospital
One of the renowned hospitals in Israel became the victim of a data breach, and patients were blackmailed with a financial motive. According to an Israel Hayom report, Maayanei HaYeshua Medical Center in Bnei Brak was attacked, and the sensitive…
How Malware Sandboxes Strengthen Your Cybersecurity
Cyberattacks are becoming increasingly sophisticated, threatening organizations’ critical infrastructure and sensitive data more than ever. Core solutions such as SIEMs are often insufficient to ensure complete protection against malware infections, especially new and unexplored ones. As a result, security specialists…
Carderbee Hacking Group Uses Legitimate Software in Supply Chain Attack
For a supply chain attack and to plant the Korplug backdoor (aka PlugX) on the systems of the targeted victims, an unknown APT group was found to be using the “Cobra DocGuard.” Cobra DocGuard is a legit software package that…
Apache XML Graphics Batik Flaw Exposes Sensitive Information
Two Server-Side Request Forgery (SSRF) vulnerabilities were found in Apache Batik, which could allow a threat actor to access sensitive information in Apache Batik. These vulnerabilities exist in the Apache XML Graphics Batik and are given CVE IDs CVE-2022-44729 and…
Researchers Uncovered the Developer of CypherRAT and CraxsRAT
Researchers have identified a new Malware-as-a-Service (MaaS) operator called ‘EVLF DEV’ as being behind the creation of CypherRAT and CraxsRAT. EVLF has been selling CraxsRAT, one of the most extremely dangerous Android RATs accessible today, for the past three years, with…
Ivanti Sentry Flaw: Let Attackers Access Critical APIs Used for Configuration
An unauthenticated critical API access vulnerability was found in the Ivanti Sentry interface, which could allow a threat actor to gain access to sensitive APIs that can be used to access the Ivanti administrator portal and configure Ivanti Sentry. This…
Juniper Networks Junos OS Let Attacker Remotely Execute Code
Multiple vulnerabilities have been discovered on Junos OS, which can be combined to execute a preAuth remote code execution vulnerability on Junos OS on SRX and EX Series. An unauthenticated network-based attacker can exploit these vulnerabilities by chaining them. Junos…
Apache Ivy Injection Flaw Let Attackers Exfiltrate Sensitive Data
A blind XPath injection vulnerability was discovered in Apache Software Foundation Apache Ivy, which allows threat actors to exfiltrate data and access sensitive information that is restricted to only the machine that runs Apache Ivy. This vulnerability exists in the…
Juniper Networks Junos OS let Attacker Remotely Execute Code
Multiple vulnerabilities have been discovered on Junos OS, which can be combined to execute a preAuth remote code execution vulnerability on Junos OS on SRX and EX Series. An unauthenticated network-based attacker can exploit these vulnerabilities by chaining them. Junos…
DotRunpeX Malware Injector Widely Delivers Known Malware Families to Attack Windows
DotRunpeX is one of the new and stealthiest .NET injectors that employs the “Process Hollowing” method, through which this malware distributes a diverse range of other malware strains. Cybersecurity researchers at Check Point recently revealed the real-world use and campaign-related…
Interpol Arrested 14 cybercriminals and uncovered 20,674 suspicious cyber networks
The recent Africa Cyber Surge II operation conducted by INTERPOL and AFRIPOL has revealed a stark reality – the surge in digital insecurity and cybercriminals threats across Africa. This operation spanned 25 African countries and successfully identified 20,674 suspicious cyber…
3,000+ Android Malware Using Unique Compression Methods to Avoid Detection
Android Smartphones lay a vital role in our daily life, as they help us to stay connected and, not only that even it also helps in performing several daily tasks like:- But, besides this, it also attracts the attention of…
10 Best Linux Distributions In 2023
The Linux Distros is generally acknowledged as the third of the holy triplet of PC programs, along with Windows and macOS. Here we have provided you with a top 10 best Linux distros in 2023 for all professionals. Hence Linux…
Cyber Criminals Exploiting Google Drive, OneDrive to Hide Malicious Traffic
Threat actors are actively modifying their TTPs to counter the advanced security mechanisms and tools to accomplish their illicit goals for several malicious purposes. Hiding malicious traffic in cloud storage platforms is not a new concept completely, and it seems…
Cuba Ransomware Armed with New Weapons to Attack U.S Infrastructure
The Cuba ransomware seems to be gaining more pace with each passing year, and this ransomware has been operating and active since 2019. Until now, the operators of the Cuba ransomware have executed several high-profile attacks to target many industries…
The Number of MSPs Offering Virtual CISO Services Will Grow Fivefold By Next Year: Cynomi Study
Cynomi, the leading AI-powered virtual Chief Information Security Officer (vCISO) platform vendor for Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs) and consulting firms, has published the results of its first annual report, “The State of the Virtual CISO…
Artificial Airplane Mode – New iOS 16 Hack Blocks All Apps Except Attackers Online
The Airplane mode in smartphones ensures safe device use on flights, as this feature prevents interference with critical flight systems by deactivating all the wireless functions of the smartphone. Besides this, the Airplane Mode’s role extends beyond travel, serving as:…
Cyber Criminals Attacking Web Services to Breach Organisations
Web servers are a prime target for threat actors due to their open and volatile nature. However, these servers must remain open to provide various web services to users. Web services that are provided on Windows servers by the Web…
Hackers Selling SMS Bomber Attack Tools on Underground Forums
In the current world of cybersecurity, security threats are evolving at a rapid pace, as there are always new problems to deal with. Among the ever-evolving threats, SMS Bomber attacks are one of the modern attacks in the current threat…
Cisco Unified Communications Manager Flaw Let Attacker Launch SQL Injection Attacks
An SQL injection vulnerability was discovered in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME). Cisco Unified CM is used for handling voice and video calls,…
HPE Aruba Networking Product Vulnerabilities Allow File Overwrite
The vulnerabilities, CVE-2023-38401 and CVE-2023-38402, affect the HPE Aruba Networking Virtual Intranet Access (VIA) client for the Microsoft Windows operating system. If the exploit is successful, the attacker can overwrite arbitrary files. HPE Aruba Networking has issued an upgrade to…
Beware of New Hacking Attack Targeting LinkedIn Accounts Worldwide
An ongoing campaign has resulted in the compromise of multiple LinkedIn accounts. However, the motive behind this campaign remains unclear at this time. Numerous users have reported instances of their LinkedIn accounts being temporarily locked, hacked, or permanently deleted. In…
Monti Ransomware’s Linux Variant Attacks the Financial & Healthcare Industries
The Monti ransomware was found in June 2022 that attracted notice due to its close resemblance to the Conti ransomware, both in name and tactics, drawing attention from cybersecurity experts and organizations. Monti ransomware group has been observed to employ…
Gigabud RAT Attacking Android Users to Steal Banking Credentials
Recent reports indicate that GigaBud malware has been targeting more than 99 financial institutions in Thailand, Indonesia, Vietnam, the Philippines, and Peru. GigaBud is an undocumented Android Remote Access Trojan (RAT) and has been active since July 2022. Investigating the…
New SectopRAT Steals Browser Passwords, 2FA Codes
LummaC, an information stealer, is being disseminated on Russian-speaking forums through a Malware-as-a-Service (MaaS) approach. Sensitive data from affected devices is intended to be stolen by this malware. Cryptocurrency wallets, browser add-ons, two-factor authentication credentials, and numerous files are some…
ATM Fleet Monitoring Software Flaws Let Attackers Hack ATMs Remotely
ScrutisWeb is a secure solution that aids global organizations in monitoring ATMs, enhancing issue response time, and this solution is accessible through any browser. The following things could be done with the help of this secure solution:- Cybersecurity researchers at…
Hackers Using Beta-Testing Apps to Target Victims: FBI Alert
The Federal Bureau of Investigation has released an announcement stating that cybercriminals are using mobile-beta testing applications to target victims for malicious purposes. These apps are often distributed through phishing or romance scams. These applications are capable of stealing personally…
Hackers Use Weaponized PDFs and Chat Apps for C2 to Evade Detection
A malware campaign targeting the Ministries of Foreign Affairs of NATO-aligned countries was recently discovered, which used PDF files masquerading as a German Embassy email. One of the PDF files consists of Duke malware which was previously linked with a…
Ford Cars WiFi Vulnerability Let Attackers Execute Remote Code
Ford recently identified a buffer overflow flaw in the Wi-Fi driver used by it in the SYNC 3 infotainment system. After the discovery, Ford quickly alerted about this flaw and disclosed the vulnerability publicly. Car hijacking by hackers exploiting various…
Xiaomi Mi Phones Flags Telegram as Malicious App
Xiaomi, the Asian smartphone giant, has implemented measures within its MIUI operating system that flag Telegram as a malicious app. This move has ignited discussions surrounding both technical and political dimensions, raising questions about user privacy, app censorship, and the…
Beware of Fake Chrome Browser Updates that Install Malware
Reports indicate that there seems to be an ongoing campaign that lures victims into installing a Remote Administration Tool called NetSupport Manager with fake Chrome browser updates. Threat actors use this remote administration software as an info stealer and to…
Hackers Compromised ChatGPT Model with Indirect Prompt Injection
ChatGPT quickly gathered more than 100 million users just after its release, and the ongoing trend includes newer models like the advanced GPT-4 and several other smaller versions. LLMs are now widely used in a multitude of applications, but flexible…
Black Hat USA 2023: Complete AI Briefings Roundup
The 26th annual BLACK HAT USA is taken place at the Mandalay Bay Convention Centre in Las Vegas from August 5 to August 10, 2023. Four days of intensive cybersecurity training covering all skill levels are scheduled to start off…
MoustachedBouncer Attacking Foreign Embassies Using NightClub and Disco Hacking Tools
MoustachedBouncer, a cyberespionage group active since 2014, likely has performed ISP-level adversary-in-the-middle (AitM) attacks since 2020 to compromise its targets. For AitM, the MoustachedBouncer employs a lawful interception system like “SORM,” and besides this, it uses two toolsets that we…
2023 Threat Report – Dramatic Surge in Social Engineering and Web Attacks
The Second quarter of 2023 has shown a significant increase in the overall cyber-threat risks. The blocking of unique web attacks rose to 24% which accounts for more than 700 million unique blocked attacks each month. Among these cyber risks,…
Researchers Uncover Series of Ransomware Attacks that Follow Same Pattern
Ransomware groups often recycle tools, techniques, and procedures. Even some of them also provide playbooks for affiliates as well. Numerous use Cobalt Strike for remote access, employ RDP brute force, and target Domain Controller servers to control network machines. Cybersecurity…
Authorities Taken Down Bulletproof Hosting Provider Lolek
The well-known bulletproof hosting platform, Lolek Hosted, has been shut down by law enforcement officials from the United States and Poland to limit fraudsters’ access to tools that enable anonymous online behavior. These platforms give hackers anonymity and are frequently…
New Infostealer Malware Steal Logs & Corporate Access Data
Infostealer malware is becoming extremely popular among cybercriminals, especially in the malware-as-a-service (MaaS) based sector. These kinds of malware remain undetected as much as possible for stealing information from the user’s device and transfer to the C2 server of the…
Researchers Tricked Hackers into Reveal Their Secrets Using Honeypot
In the last three years, hackers unknowingly seeking data or malware deployment have found a seemingly vulnerable virtual machine that is hosted in the U.S., which in reality, is a cleverly designed trap. While this cleverly designed, trap has been…
TargetCompany Ransomware Deploy Fully Undetectable Malware on SQL Server
The TargetCompany ransomware (aka Mallox, Fargo, and Tohnichi) is actively targeting the organizations that are using or running vulnerable SQL servers. Apart from this, recently, the TargetCompany ransomware unveiled a new variant of malware along with several malicious tools for…
Rhysida Ransomware Has Added New Techniques, Tactics, And Tools to Its Arsenal
A new ransomware group known as ‘Rhysida’ has been operating since May 2023, posing a huge danger to the healthcare industry. Rhysida ransomware gang has been connected to several significant attacks, including an assault on the Chilean Army. Recently, the organization…
16 Zero-Day Vulnerabilities Discovered in CODESYS Affect Millions of Industrial Devices
CODESYS, a widely-used integrated environment for controller programming, holds a strong presence in Operational Technology across diverse industries, such as:- Backed by more than 500 manufacturers (including Schnieder Electric, Beckhoff, Wago, Eaton, ABB, Festo, etc.) and spanning various architectures that…
RedHotel Chinese APT Hackers Attack Government Entities & Intelligence Organizations
RedHotel (TAG-22), a Chinese-state-sponsored threat group, is well-known for its persistence, prominence, operational intensity, and global reach. RedHotel is reported to have acted upon over 17 countries in North America Asia and between 2021 and 2023. This threat group poses…
Downfall Attack Enables Extraction of Passwords and Encryption Key From Intel Microprocessor
Gather Data Sampling (GDS) impacts select Intel CPUs, enabling attackers to deduce outdated data through malicious use of gather instructions. While all these entries link to the prior thread or sibling core registers. Like MDS, GDS (Gather Data Sampling) enables…
Beware of New Malware Attack Disguised As Google Bard Ads On Facebook
Researchers have discovered a Google Bard Ads campaign that is being used by cybercriminals on Facebook to impersonate well-known generative AI brands such as ChatGPT and Google Bard. The campaign is actually malicious software that is disguised as legitimate ads.…
Patch Tuesday: Microsoft Fixes 2 Office Zero-Days, Critical Team Flaw
Microsoft fixed 74 security issues in its August Patch Tuesday release, including two that were being actively exploited and twenty-three that allowed remote code execution. Although twenty-three RCE flaws were addressed, Microsoft only categorized six of them as ‘Critical,’ and 67…
Threat Actors English-Speaking Countries with Customized Yashma Ransomware
An unidentified threat actor has deployed the Yashma ransomware variant since June 4, 2023, actively targeting English-speaking countries like:- While this new variant of Yashma ransomware has reemerged after being fixed last year since the release of a decryptor. This…
43 Malicious Android Apps With Over 2.5 Million Installs Display Secret Ads
It has been reported that over 43 Android applications, which are available on the Google Play Store, display ads while the mobile screen is turned off. When the users attempt to open their home screen, they might catch a glimpse…
Threat Actors Using an Armed OpenBullet Pentesting Tool to Manipulate Script Kids
Recent reports indicate that threat actors have been manipulating Script kiddies or amateur hackers into performing malicious actions that they never intended. This is done with the OpenBullet tool, which is used by web application testers and security professionals. OpenBullet…
Bug Bounty Program: Microsoft Rewarded $13.8M for 345 Security Researches
Microsoft Bug Bounty Program awarded $13.8M for their collaboration with over 345 security researchers from +45 countries around the world between July 01, 2023, to June 30, 2023. Bug Bounty Programs authorize independent security experts to report bugs to a…
New PaperCut NG/MF Flaw Let Attackers Execute Code on Unpatched Windows Servers
A Critical vulnerability was discovered in the widely used PaperCut MG/ NF print management software running on Windows prior to version 22.1.3. As of the July 2023 security bulletin, patches have been released by PaperCut to fix this vulnerability. PaperCut…
New SkidMap Malware Attacking Wide Range of Linux Distributions
According to recent reports, there have been instances of threat actors using malware called “SkidMap” to exploit vulnerable Redis systems. Earlier versions of SkidMap were used to surreptitiously mine cryptocurrency and create false network traffic and CPU usage by loading…
Microsoft Addresses Azure AD Flaw Following Criticism from Tenable’s CEO
After being criticized as “grossly irresponsible” and “blatantly negligent” by the CEO of Tenable, Microsoft addressed a vulnerability in the Power Platform Custom Connectors feature that allowed unauthenticated attackers access to cross-tenant apps and sensitive data from Azure customers. On…
IBM SDK, Java Technology Flaw Lets Remote Attacker Execute Arbitrary
IBM has discovered a vulnerability in the IBM SDK, Java Technology Edition, that allows threat actors to execute arbitrary code on the system due to unsafe deserialization. This vulnerability exists in the Object Request Broker (ORB) and is given a…
Research Jailbreak Tesla’s Software-Locked Features Worth up to $15,000
Tesla has a reputation for having highly integrated and technologically advanced car computers, which can be used for everything from basic entertainment to completely autonomous driving. BlackHat brief on an attack against modern AMD-based infotainment systems (MCU-Z) found on all current…
Hackers Deliver Updated STRRAT Malware Using Weaponized PDF Files
A versatile Java-based RAT that is capable of keylogging and credential theft from browsers and email clients emerged in 2020 that is dubbed “STRRAT.” The most recent updated version of STRRAT evolved dramatically, and since its discovery, it has been…
Hackers Deliver Magniber Ransomware Disguised as Windows Security Update
Magniber Ransomware was first detected in late 2017; it targeted South Korean users through malvertising attacks using the Magnitude Exploit Kit. It had been distributed earlier through Internet Explorer(IE) vulnerabilities. Since Microsoft announced IE’s end of support, it is now being…
Hackers Deliver Magniber Ransomware Disguised as Windows Security Update Package
Magniber Ransomware was first detected in late 2017; it targeted South Korean users through malvertising attacks using the Magnitude Exploit Kit. It had been distributed earlier through Internet Explorer(IE) vulnerabilities. Since Microsoft announced IE’s end of support, it is now being…
CISA Advisory of Top 42 Frequently Exploited Flaws of 2022
The Cybersecurity and Infrastructure Security Agency (CISA) has published a report which was co-authored by the NSA, FBI, and the FYEY (Five Eyes) from different countries. The report provides a complete insight into the Common Vulnerabilities and Exposures (CVEs) that…
What is Business Email Compromise (BEC) Attacks? – Prevention Guide
BEC, an acronym for Business Email Compromise, is a sophisticated form of cybercrime. Cyber threats have become a pressing concern in a world where almost every aspect of our lives is digitized. One of these threats that have been growing…
Hacker Group of 1980s is Back with Secure Coding Framework for Developers
Cult of the Dead Cow (cDc) is one of the oldest and most highly influential hacking groups that was formed at the end of the 1980s. This group was once responsible for distributing hacking tools and pointing out flaws in…
Mysterious Team Bangladesh Hackers Launched 750 DDoS Attacks and Hacked 78 Website
The notorious Hacktivists group, Known as Mysterious Team Bangladesh, exploits vulnerable versions of PHPMyAdmin and WordPress. It conducts DDoS and defacement attacks through open-source utilities and is believed to have carried out over 750 DDoS and 70+ website defacements within…
CISA Guide to Network and System Administrators to Harden Cisco Firewalls
The National Security Agency (NSA) has released best practices for configuring and hardening Cisco Firepower Threat Defense (FTD) which can help network and system administrators in configuring these Next Generation Firewalls (NGFW). These Cisco FTD systems provide a combination of…
HackerOne Lays off 12% of Its Employees as a One-Time Event
HackerOne is a renowned cybersecurity company that offers bounty and penetration testing platforms to ethical hackers for the following activities:- HackerOne is a San Francisco-based startup, and at the moment, it boasts more than 450 employees globally. However, HackerOne CEO…
Beware of Fake FlipperZero Sites That Promise Free Device Offer
A website pretending to be Flipper Devices offers a free FlipperZero in exchange for completing an offer, but it merely directs users to insecure browser extensions and fraudulent websites. Flipper Zero is a portable multi-functional cybersecurity gadget designed for pen…
Hackers Abuse AWS SSM Agent to Perform Various Malicious Activities
Legitimate SSM agents can turn malicious when attackers with high-privilege access use it to carry out ongoing malicious activities on an endpoint. Once compromised, the threat actors retain access to the compromised system, allowing ongoing illicit activities on AWS or…
Ongoing Attacks: Over 600+ Citrix Servers Compromised to Install Web Shells
A critical remote code execution (RCE) vulnerability identified as CVE-2023-3519 has been the subject of several attacks, which have already compromised and backdoored hundreds of Citrix Netscaler ADC and Gateway servers. Attackers used web shells on at least 640 Citrix servers in…
Users of Facebook for Business are the Target of a New Phishing Attack
An unreported phishing campaign that disseminated a Python version of the NodeStealer has been found. NodeStealer gave threat actors the ability to steal browser cookies and use them to hijack users’ accounts on the platform, with a focus on business accounts.…
Researchers Uncovered a New Flaw in ChatGPT to Turn Them Evil
LLMs are commonly trained on vast internet text data, often containing offensive content. To mitigate this, developers use “alignment” methods via finetuning to prevent harmful or objectionable responses in recent LLMs. ChatGPT and AI siblings were fine-tuned to avoid undesirable…
Beware! Hacker-Sold macOS HVNC Tool Allows Complete Takeover
Threat actors targeting macOS have increased lately as there were several cases of macOS information stealer malware found in the past, and many are being currently exploited in the wild. According to reports, there was a new macOS malware found…