18 individuals and entities have been charged with widespread fraud and manipulation within the cryptocurrency markets. The charges, unsealed in Boston, target leaders of four cryptocurrency companies, four financial services firms known as “market makers,” and various employees. This case…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Threat Actor ProKYC Selling Tools To Bypass Two-Factor Authentication
Threat actors are leveraging a newly discovered deepfake tool, ProKYC, to bypass two-factor authentication on cryptocurrency exchanges, which is designed specifically for NAF (New Account Fraud) attacks and can create verified but synthetic accounts by mimicking facial recognition authentication. By…
Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks
A critical use-after-free vulnerability affecting Firefox and Firefox Extended Support Release (ESR) is being actively exploited in cyberattacks. With a CVSS base score of 9.8, the flaw is identified as Use-after-free in the Animation timeline component tracked as CVE-2024-9680 reported…
Hackers Exploiting Zero-day Flaw in Qualcomm Chips to Attack Android Users
Hackers exploit a zero-day vulnerability found in Qualcomm chipsets, potentially affecting millions worldwide. The flaw, identified as CVE-2024-43047, is a use-after-free vulnerability resulting from memory corruption in the DSP Services while maintaining memory maps of HLOS memory. Vulnerability in Qualcomm…
Wireshark 4.4.1 Released, What’s new!
Wireshark, the world’s leading network protocol analyzer, has just released version 4.4.1, bringing a host of bug fixes and updates to enhance user experience and functionality. Hosted by the Wireshark Foundation, this tool is indispensable for troubleshooting, analysis, development, and…
Foxit PDF Reader Vulnerability Let Attackers Execute Arbitary Code
Researchers recently disclosed six new security vulnerabilities across various software, as one critical vulnerability was found in Foxit PDF Reader, a widely used alternative to Adobe Acrobat. Given the memory corruption vulnerability, attackers could execute arbitrary code on the machine…
Multiple VMware NSX Vulnerabilities Let Attackers Gain Root Access
VMware has disclosed multiple vulnerabilities in its NSX product line that could potentially allow attackers to gain root access. The vulnerabilities, identified as CVE-2024-38818, CVE-2024-38817, and CVE-2024-38815, affect both VMware NSX and VMware Cloud Foundation. According to the Broadcom report,…
CISA Added Fortinet & Ivanti Vulnerabilities that Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities Catalog, adding critical vulnerabilities from Fortinet and Ivanti. These vulnerabilities are actively exploited in the wild, posing significant risks to organizations worldwide. CISA urges immediate action…
Network Penetration Testing Checklist – 2024
Network Penetration Testing checklist determines vulnerabilities in the network posture by discovering open ports, troubleshooting live systems, and services, and grabbing system banners. The pen-testing helps the administrator close unused ports, add additional services, hide or customize banners, troubleshoot services, and…
Hackers Breached Japan Aerospace Company’s President Account
Hackers have infiltrated the Japan Aerospace Exploration Agency (JAXA), compromising the accounts of several high-ranking officials, including President Hiroshi Yamakawa. This alarming incident is part of a series of cyberattacks targeting JAXA since June 2023, raising concerns about the security…
Dark Angels Ransomware Attacking Windows And Linux/ESXi Systems
The sophisticated ransomware group Dark Angels, active since 2022, targets large companies for substantial ransom payments by employing third-party ransomware payloads like Babuk, RTM Locker, and RagnarLocker to encrypt files on Windows and Linux systems. It employs ransomware in a…
Chrome Security Update, Patched for High-Severity Vulnerabilities
Google has rolled out a new update for its Chrome browser, addressing several high-severity security vulnerabilities. The Stable channel has been updated to version 129.0.6668.100/.101 for Windows and Mac and 129.0.6668.100 for Linux. Users will be able to access this…
CISA Alerted Users to Remain Vigil on Natural Disasters Scam
As hurricanes and other natural disasters feel their presence, the Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning urging individuals to be on high alert for potential malicious cyber activities. The agency highlights the increased risk of fraudulent…
CISA Warns of Microsoft Zero-Day Vulnerabilities Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has warned regarding two critical zero-day vulnerabilities affecting Microsoft Windows products. These vulnerabilities, identified as CVE-2024-43572 and CVE-2024-43573, pose significant security risks and have been reportedly exploited in the wild. CVE-2024-43572: Microsoft Windows…
LemonDuck Malware Exploiting SMB Vulnerabilities To Attack Windwos Servers
The attackers exploited the EternalBlue vulnerability to gain initial access to the observatory farm, creating a hidden administrative share and executing a malicious batch file named p.bat. This batch file performed various malicious actions like creating and executing malicious executables,…
Critical Automative 0-Day Flaws Let Attackers Gain Full Control Over Cars
Recent discoveries in the automotive cybersecurity landscape have unveiled a series of critical zero-day vulnerabilities that could allow attackers to gain full control over vehicle systems. These vulnerabilities, highlighted in a presentation by security researcher Amit Geynis of PlaxidityX, underscore…
Likho Hackers Using MeshCentral For Remotely Managing Victim Systems
The Awaken Likho APT group launched a new campaign in June of 2024 with the intention of targeting Russian government agencies and businesses by targeting them. The group has abandoned its previous use of the UltraVNC module for remote access…
Hackers Gained Unauthorized Network Access to Casio Networks
Casio Computer Co., Ltd. has confirmed that a third party illegally accessed its network on October 5th, leading to significant disruptions in its services. The company disclosed the breach after conducting an internal investigation. The investigation revealed that the unauthorized…
Open-Source Scanner Released to Detect CUPS Vulnerability
A new open-source scanner has been released to detect a critical vulnerability in the Common Unix Printing System (CUPS), explicitly targeting CVE-2024-47176. This vulnerability and others in the chain pose significant risks as it can allow remote code execution on…
Comcast Cyber Attack Impacts 237,000+ Users Personal Data
Comcast Cable Communications LLC has reported that over 237,000 users’ data has been compromised. The breach, which occurred on February 14, 2024, was discovered on July 17, 2024, and has raised concerns about the company’s cybersecurity measures. Details of the…