Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

SonicWall disclosed a critical remote code execution vulnerability (CVE-2024-40766) in SonicOS on August 22nd, 2024. While no active exploitation was initially confirmed, the advisory was updated on September 6th to indicate potential active attacks.  The vulnerability, affecting both management access…

Read more →

As the new school year begins, students are gearing up for new classes and friendships and diving back into the digital world of video games. However, this virtual playground is not as safe as it seems. Cybercriminals are increasingly targeting…

Read more →

Critical vulnerabilities have been identified, potentially exposing systems to arbitrary command execution. These vulnerabilities, cataloged under the Common Vulnerabilities and Exposures (CVE) system, highlight significant security risks that demand immediate attention. Overview of Vulnerabilities IBM’s webMethods Integration Server, a widely…

Read more →

IBM has issued a security bulletin addressing critical vulnerabilities in its MQ Operator and Queue Manager container images. These vulnerabilities, including denial of service and privilege escalation, could allow attackers to bypass security restrictions and disrupt operations. Summary of Vulnerabilities…

Read more →

Recent research indicates that the Predator spyware, once thought to be inactive due to US sanctions, has resurfaced with enhanced evasion techniques.  Despite efforts to curb its use, Predator continues to be employed in countries like the DRC and Angola,…

Read more →

Cybercriminals in Latin America have increased their use of phishing scams targeting business transactions and judicial-related matters.  By leveraging trust and fear, respectively, these attacks often involve malicious links or file attachments that lead to malware infections, which include common…

Read more →

SonicWall has issued an urgent advisory regarding a critical vulnerability in its SonicOS management access and SSLVPN. The flaw, identified as CVE-2024-40766, is actively exploited in the wild. It potentially allows unauthorized access to resources and, under certain conditions, causes…

Read more →

The Fog Ransomware group, known for targeting education and recreation sectors, has expanded its scope to attack financial services organizations, where the attackers exploited compromised VPN credentials to deploy the ransomware, targeting both Windows and Linux endpoints.  It has detected…

Read more →

NoiseAttack is a new method of secretly attacking deep learning models. It uses triggers made from White Gaussian Noise to create several targeted classes in the model, rather than just one, like most current methods.  This approach also helps avoid…

Read more →

Tropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group, and it has been active since 2011. This APT group primarily targets government institutions, military agencies, healthcare, transportation, and high-tech industries in Taiwan, the Philippines, and…

Read more →

A series of vulnerabilities affecting Apache OFBiz has come to light, raising significant cybersecurity concerns. These vulnerabilities, identified as Common Vulnerabilities and Exposures (CVEs), enable unauthenticated remote code execution on both Linux and Windows platforms. This article delves into the…

Read more →

Russian military hackers, identified as Unit 29155, have been actively targeting critical infrastructure in the United States and globally. This unit, known for its sophisticated cyber operations, has been linked to attacks aimed at disrupting and compromising vital sectors. The…

Read more →

FIN7 (aka Carbon Spider, ELBRUS, Sangria Tempest) is a Russian APT group that is primarily known for targeting the U.S. retail, restaurant, and hospitality sectors since mid-2015.  In their attacks, the FIN7 group primarily uses several tactics and techniques like…

Read more →

The Lazarus Group is one of the most notorious hacker groups linked to the North Korean government. The group is known for its cyberattacks and has been active since 2010.  However, Group-IB cyber security researchers recently discovered that Lazarus was actively…

Read more →

Earth Lusca is a suspected China-based cyber espionage group active since at least April 2019. Besides this, hackers often target Windows and Linux machines primarily due to their widespread use and potential for financial gain. Trend Micro security experts recently…

Read more →

Web3 and DeFi have been appealing to many threat actors, and there has been a significant boost in heists that have become larger than any they have experienced in more traditional finance. Mandiant’s investigation into the 2016 Bangladesh Bank heist…

Read more →

Multiple critical vulnerabilities have been identified in Veeam Backup & Replication, a widely-used data protection and disaster recovery solution. These vulnerabilities, discovered during internal testing, pose serious risks, including remote code execution (RCE), privilege escalation, and data interception. The issues…

Read more →

The Tor Project has unveiled Tor Browser 13.5.3, a significant update that brings crucial security enhancements and usability improvements. This latest version is now available for download from the official Tor Browser website and distribution directory. Important security updates to…

Read more →

Cisco has issued a security advisory (Advisory ID: cisco-sa-cslu-7gHMzWmw) regarding critical vulnerabilities in the Cisco Smart Licensing Utility. These vulnerabilities could allow unauthenticated, remote attackers to gain administrative control over affected systems. The advisory was first published on September 4,…

Read more →

Emansrepo, a Python infostealer, is distributed via phishing emails containing fake purchase orders and invoices, where the attacker initially sent a phishing email with an HTML file redirecting to the Emansrepo download link.  In recent months, the attack flow has…

Read more →