Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Windows Minifilter drivers are a type of file system filter driver that operates within the Windows operating system to manage and modify I/O operations without direct access to the file system.  They utilize the Filter Manager, which simplifies their development…

Read more →

Microsoft has confirmed the exploitation of a Windows Kernel vulnerability, identified as CVE-2024-37985, in the wild. This vulnerability, first released on July 9, 2024, and last updated on September 17, 2024, poses a significant risk due to its potential for…

Read more →

UNC2970, a North Korean cyber espionage group, used customized SumatraPDF trojans to deliver MISTPEN backdoors to victims through phishing emails pretending to be job recruiters.  The group targeted the energy and aerospace industries, copying job descriptions and engaging with victims…

Read more →

Discord has introduced end-to-end encryption (E2EE) for audio and video chats. Known as the DAVE protocol, this new feature aims to provide users with a more secure communication experience without compromising the platform’s renowned quality and performance. A Commitment to…

Read more →

A threat actor has allegedly put up for sale a database belonging to Bharat Petroleum Corporation Limited (BPCL). This alarming news was first reported by DarkWebInformer on X, raising significant cybersecurity concerns for the corporation and its stakeholders. Details of…

Read more →

VMware has issued a critical security advisory (VMSA-2024-0019) addressing two significant vulnerabilities in its vCenter Server and VMware Cloud Foundation products. CVE-2024-38812 and CVE-2024-38813 vulnerabilities could allow attackers to execute remote code and escalate privileges. CVE-2024-38812: Heap-Overflow Vulnerability The first…

Read more →

The Chrome team has officially announced the release of Chrome 129, which is now available on the stable channel for Windows, Mac, and Linux. This update, which will be gradually rolled out over the coming days and weeks, addresses several…

Read more →

Two campaigns targeting Selenium Grid’s default lack of authentication are underway, as threat actors are exploiting this vulnerability to deploy malicious payloads, including exploit kits, cryptominers, and proxyjackers. Selenium Grid’s widespread use among developers, coupled with its default lack of…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding two critical vulnerabilities affecting Microsoft Windows MSHTML and Progress WhatsUp Gold. These vulnerabilities, identified as CVE-2024-43461 and CVE-2024-6670, are reportedly being exploited widely, posing significant risks to…

Read more →

Honeypots, decoy systems, detect and analyze malicious activity by coming in various forms and can be deployed on cloud platforms to provide insights into attacker behavior, enhancing security. The study proposes to create an interactive honeypot system using a Large…

Read more →

North Korean hackers have been identified as targeting LinkedIn users to deliver sophisticated malware known as RustDoor. This cyber threat underscores the evolving tactics of state-sponsored hacking groups, mainly from North Korea, which have increasingly turned to social engineering on…

Read more →

The Russian ransomware group Key Group, active since early 2023, is targeting organizations globally, as their modus operandi involves encrypting files and stealing data before demanding ransom via Telegram. The group utilizes the .NET-based Chaos ransomware builder to create their…

Read more →

Song Wu, a Chinese national, has been indicted on charges of wire fraud and aggravated identity theft. The charges stem from his alleged involvement in a sophisticated spear-phishing campaign targeting sensitive U.S. research and technology. This case highlights ongoing concerns…

Read more →

Millions of D-Link routers are at risk due to several critical vulnerabilities. Security researcher Raymond identified these vulnerabilities, which have been assigned multiple CVE IDs and pose severe threats to users worldwide. D-Link has issued urgent firmware updates to mitigate…

Read more →

Adobe released eight security updates in September 2024, addressing 28 vulnerabilities in various products, as ColdFusion received a critical patch to mitigate a code execution flaw rated at CVSS 9.8.  Other critical vulnerabilities were found in Photoshop, Illustrator, Premier Pro,…

Read more →

Medusa, a relatively new ransomware group, has gained notoriety for its dual-pronged online presence. Unlike its peers, Medusa maintains a visible profile on the surface web alongside its traditional dark web operations.  This unusual strategy has amplified its impact, with…

Read more →

A vulnerability in Azure API Management (APIM) has been identified. It allows attackers to escalate privileges and access sensitive information. This issue arises from a flaw in the Azure Resource Manager (ARM) API, which permits unauthorized access to critical resources.…

Read more →

A newly discovered vulnerability in the Spring Framework has been identified, potentially allowing attackers to access any file on the system. This vulnerability tracked as CVE-2024-38816, affects applications using the functional web frameworks WebMvc.fn or WebFlux.fn. It is classified as…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has called upon federal agencies and organizations to take immediate action concerning a critical vulnerability affecting Ivanti Cloud Services Appliance (CSA) 4.6. The vulnerability, CVE-2024-8190, poses a significant threat as it allows cyber…

Read more →

Cluster Bravo, despite its brief initial activity, subsequently targeted 11 organizations in the same region, as researchers found that these attackers used compromised environments within the same vertical for malware staging.  Cluster Charlie, after being disrupted, returned with new techniques,…

Read more →