Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Diving into the world of crypto investments has been one of the most exhilarating journeys I’ve embarked on. The dynamic nature of cryptocurrencies offers a unique blend of innovation and opportunity that’s hard to find elsewhere. Crafting a solid crypto…

Read more →

VMware has announced that its popular desktop hypervisor products, VMware Workstation and VMware Fusion, are now free to all users across various commercial, educational, and personal sectors. The transition, effective November 11, 2024, marks a shift in VMware’s strategy to…

Read more →

Dell Technologies has disclosed multiple critical security vulnerabilities in its Enterprise SONiC OS, which could allow attackers to gain control of affected systems. These vulnerabilities, identified through the Common Vulnerabilities and Exposures (CVE) system, are critical and affect Dell Enterprise…

Read more →

Amazon has confirmed that sensitive employee data was exposed due to a breach at a third-party vendor. The breach arose from exploiting a critical vulnerability in MOVEit, a widely used file transfer software. The vulnerability, first reported in mid-2023 under…

Read more →

Best DNS Management Tools play a crucial role in efficiently managing domain names and their associated DNS records. These tools enable users to make necessary changes and updates to DNS records, ensuring seamless website performance and accessibility. These tools are…

Read more →

Cybercriminals exploit leaked credentials, obtained through various means, to compromise systems and data, enabling them to gain unauthorized access. This can lead to data breaches, identity theft, and financial loss across diverse industries and geographic locations. Compromised credentials pose a…

Read more →

In late October 2024, a coordinated IP spoofing attack targeted the Tor network, prompting abuse complaints and temporary disruptions. While the attack affected non-exit relays and caused some relays to be taken offline, the overall impact on Tor users was…

Read more →

SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases from screenshots stored on infected devices.  By stealthily capturing screenshots, the malware bypasses traditional security measures that rely on text-based detection, which allows it to efficiently…

Read more →

The Metasploit Framework, a widely used open-source penetration testing tool maintained by Rapid7, has introduced an exciting new release packed with cutting-edge features. The latest update includes new payloads targeting the emerging RISC-V architecture, a sophisticated SMB-to-HTTP(S) relay exploit for…

Read more →

A threat actor has allegedly scraped 489 million lines of Instagram user data, including sensitive information, which is now reportedly being sold on the dark web. DarkWebInformer’s official X account revealed the alarming incident, raising concerns over the scale and…

Read more →

Threat actors known as “888” have allegedly leaked the database of Appleton Harley-Davidson, a prominent dealership affiliated with the iconic motorcycle brand. The breach, first reported by DarkWebInformer on their account on X, has sparked concerns over the safety of…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns organizations of a critical vulnerability in Palo Alto Networks’ Expedition tool, which could lead to severe security breaches. The vulnerability, CVE-2024-5910, is classified as a “Missing Authentication” flaw that potentially allows…

Read more →

A significant vulnerability (CVE-2024-20445) has been discovered in Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 that could allow remote, unauthenticated attackers to access sensitive information. This vulnerability, classified under CWE-200 (Exposure of Sensitive Information…

Read more →

A critical vulnerability has been discovered in Cisco Unified Industrial Wireless Software, which affects Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points. This flaw tracked as CVE-2024-20418 enables unauthenticated, remote attackers to perform command injection attacks and execute arbitrary commands as…

Read more →

The HookBot malware family employs overlay attacks to trick users into revealing sensitive information by impersonating various brands and apps to gain trust. It also utilizes C2 servers to receive updates and evolve continuously.  A builder tool empowers threat actors…

Read more →

Weaponized Linux virtual machines are used for offensive cybersecurity purposes, such as “penetration testing” or “exploiting vulnerabilities.” These setups often use the tools and frameworks that are designed for ethical hacking. Securonix researchers recently detected CRON#TRAP campaign that has been…

Read more →

North Korean threat actors behind the Contagious Interview and WageMole campaigns have refined their tactics, enhancing the obfuscation of their scripts to evade detection.  InvisibleFerret now boasts a dynamic RMM configuration and OS-specific persistence mechanisms, while Contagious Interview has expanded…

Read more →

Ransomware-as-a-Service (RaaS) platforms have revolutionized the ransomware market. Unlike traditional standalone ransomware sales, RaaS offers a subscription-based model where attackers can access pre-built ransomware tools and infrastructure without significant upfront costs.  These platforms provide user-friendly dashboards, customization options, and ongoing…

Read more →

The United States Department of Justice has unsealed an indictment against Anonymous Sudan, a hacking group responsible for distributed denial-of-service attacks.  LameDuck, a new threat actor, has carried out several massive distributed denial of service (DDoS) attacks to affect critical…

Read more →

Recent discoveries by Binary Security have revealed critical vulnerabilities in Azure API Management (APIM) that could allow attackers with minimal privileges to escalate their access and take full control over the APIM service. These vulnerabilities were reported to Microsoft, leading to some…

Read more →