Hackers have reportedly infiltrated and extracted a vast 82 GB of sensitive data from the Indonesian government’s Regional Financial Management Information System (Sistem Informasi Pengelolaan Keuangan Daerah, or SIPKD). This system is operated by the Badan Pendapatan, Pengelolaan Keuangan, dan Aset…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
IBM AIX TCP/IP Vulnerability Lets Attackers Exploit to Launch Denial of Service Attack
IBM has issued a security bulletin warning of two vulnerabilities in its AIX operating system that could potentially lead to denial-of-service (DoS) attacks. The affected kernel extensions—perfstat and TCP/IPmpresent risks to systems running on AIX 7.2, AIX 7.3, VIOS 3.1,…
USA Launched Cyber Attack on Chinese Technology Firms
The Chinese National Internet Emergency Center (CNIE) has revealed two significant cases of cyber espionage targeting Chinese technology companies and research institutions. These attacks, suspected to be orchestrated by U.S. intelligence agencies, aimed to steal sensitive commercial secrets and intellectual…
Apache Auth-Bypass Vulnerability Lets Attackers Gain Control Over HugeGraph-Server
The Apache Software Foundation has issued a security alert regarding a critical vulnerability in Apache HugeGraph-Server. The flaw, identified as CVE-2024-43441, could potentially allow authentication bypass due to an issue with assumed-immutable data in JWT tokens. The vulnerability impacts versions…
Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks
A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing millions of systems to potential remote code execution (RCE) and privilege escalation attacks. The vulnerability, assigned CVE-2024-56334, highlights the importance of secure coding practices when dealing with…
BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques
An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the initial sample (MD5 14f6c034af7322156e62a6c961106a8c) provided valuable insights into its version and development timeline. A second suspicious sample on the same machine, while exhibiting similar functionality to…
Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware
Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer through malicious packages disguised as legitimate tools. The threat actor, “k303903,” compromised hundreds of machines before the packages were removed. Subsequent analysis revealed that “k303903” likely…
Hackers Exploiting PLC Controllers In US Water Management System To Gain Remote Access
A joint Cybersecurity Advisory (CSA) warns of ongoing exploitation attempts by Iranian Islamic Revolutionary Guard Corps (IRGC)-affiliated cyber actors using the online persona “CyberAv3ngers.” These actors are targeting and compromising Unitronics Vision Series programmable logic controllers (PLCs), specifically those manufactured…
DigiEver IoT Devices Exploited To Deliver Mirai-based Malware
A new Mirai-based botnet, “Hail Cock Botnet,” has been exploiting vulnerable IoT devices, including DigiEver DVRs and TP-Link devices with CVE-2023-1389. The botnet, active since September 2024, leverages a variant of Mirai malware with enhanced encryption. A recent uptick in…
New Python NodeStealer Attacking Facebook Business To Steal Login Credentials
NodeStealer, initially a JavaScript-based malware, has evolved into a more sophisticated Python-based threat that targets Facebook Ads Manager accounts, stealing sensitive financial and business data in addition to credit card details and browser information. The malware is delivered through spear-phishing…
Lazarus Hackers Using New VNC Based Malware To Attack Organizations Worldwide
The Lazarus Group has recently employed a sophisticated attack, dubbed “Operation DreamJob,” to target employees in critical sectors like nuclear energy, which involves distributing malicious archive files disguised as legitimate job offers. Once executed, these files unleash a multi-stage infection…
Malicious Apps On Amazon Appstore Records Screen And Interecpt OTP Verifications
A seemingly benign health app, “BMI CalculationVsn,” was found on the Amazon App Store, which secretly collected sensitive user data, including installed app package names and incoming SMS messages, posing a significant privacy threat. The BMI calculator app conceals malicious…
North Korean Hackers Stolen $2.2 Billion from Crypto Platforms in 2024
North Korean hackers are estimated to have stolen a staggering $2.2 billion in 2024, up 21% from 2023. With advanced tactics and increasing sophistication, the Democratic People’s Republic of Korea (DPRK) has positioned itself as a dominant force in crypto…
17M Patient Records Stolen in Ransomware Attack on Three California Hospitals
A staggering 17 million patient records, containing sensitive personal and medical information, have been stolen in a devastating ransomware attack on PIH Health. The cyberattack, which began on December 1, has disrupted operations at three hospitals: PIH Health Downey Hospital,…
WhatsApp Wins NSO in Pegasus Spyware Hacking Lawsuit After 5 Years
After a prolonged legal battle stretching over five years, WhatsApp has triumphed over NSO Group in a significant lawsuit concerning the use of Pegasus spyware. The verdict, handed down by the United States District Court for the Northern District of…
PentestGPT – A ChatGPT Powered Automated Penetration Testing Tool
GBHackers come across a new ChatGPT-powered Penetration testing Tool called “PentestGPT” that helps penetration testers to automate their pentesting operations. PentestGPT has been released on GitHub under the operator “GreyDGL,” a Ph.D. student at Nanyang Technological University, Singapore. It is…
Threat Actors Selling Nunu Stealer On Hacker Forums
A new malware variant called Nunu Stealer is making headlines after being advertised on underground hacker forums and Telegram channels. Priced at $100 per month, this malicious tool is gaining attention for its extensive capabilities and potential to wreak havoc on individuals…
Siemens UMC Vulnerability Allows Arbitrary Remote Code Execution
A critical vulnerability has been identified in Siemens’ User Management Component (UMC), which could allow unauthenticated remote attackers to execute arbitrary code. The flaw, designated CVE-2024-49775, is a heap-based buffer overflow vulnerability. Siemens has issued Security Advisory SSA-928984 and urges customers…
Foxit PDF Editor Vulnerabilities Allows Remote Code Execution
Foxit Software has issued critical security updates for its widely used PDF solutions, Foxit PDF Reader and Foxit PDF Editor. The updates—Foxit PDF Reader 2024.4 and Foxit PDF Editor 2024.4/13.1.5—were released on December 17, 2024, to counter vulnerabilities that could leave…
Windows 11 Privilege Escalation Vulnerability Lets Attackers Execute Code to Gain Access
Microsoft has swiftly addressed a critical security vulnerability affecting Windows 11 (version 23H2), which could allow local attackers to escalate privileges to the SYSTEM level. Security researcher Alex Birnberg showcased the exploit during the renowned TyphoonPWN 2024 cybersecurity competition, securing…