The threat actors distributed malicious JS scripts disguised as legitimate business documents, primarily in ZIP archives with names like “Purchase request” or “Request for quote.” They enriched their phishing emails with authentic-looking documents like passports, tax registrations, and company cards,…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Hackers Exploit Docker Remote API Servers To Inject Gafgyt Malware
Attackers are exploiting publicly exposed Docker Remote API servers to deploy Gafgyt malware by creating a Docker container using a legitimate “alpine” image to deploy the malware and infect the victim system with Gafgyt botnet malware. It allows attackers to…
Cloudflare Developer Domains Abused For Cyber Attacks
Cloudflare Pages, a popular web deployment platform, is exploited by threat actors to host phishing sites, as attackers leverage Cloudflare’s trusted infrastructure, global CDN, and free hosting to quickly set up and deploy convincing phishing sites. Automatic SSL/TLS encryption enhances…
New TLDs Such as .shop, .top and .xyz Leveraged by Phishers
Phishing attacks have surged nearly 40% in the year ending August 2024, with a significant portion of this increase linked to new generic top-level domains (gTLDs) like .shop, .top, and .xyz. These domains, known for their minimal registration requirements and…
PEFT-As-An-Attack, Jailbreaking Language Models For Malicious Prompts
Federated Parameter-Efficient Fine-Tuning (FedPEFT) is a technique that combines parameter-efficient fine-tuning (PEFT) with federated learning (FL) to improve the efficiency and privacy of training large language models (PLMs) on specific tasks. However, this approach introduces a new security risk called…
CISA Releases Advisory to Monitor Networks to Detect Malicious Cyber Actors
The National Security Agency (NSA) has partnered with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and other entities to release a critical advisory. This initiative comes in response to the exploitation of major global…
MobSF XSS Vulnerability Let Attackers Inject Malicious Scripts
A critical vulnerability has been identified in the Mobile Security Framework (MobSF) that allows attackers to inject malicious scripts into the system. This vulnerability, CVE-2024-53999 is a Stored Cross-Site Scripting (XSS) flaw found in the “Diff or Compare” functionality, which…
Progress WhatsUp Gold RCE Vulnerability – PoC Exploit Released
A registry overwrite remote code execution (RCE) vulnerability has been identified in NmAPI.exe, part of the WhatsUp Gold network monitoring software. This vulnerability, present in versions before 24.0.1, allows an unauthenticated remote attacker to execute arbitrary code on affected systems,…
Google Chrome Security Update, Patch for High-severity Vulnerability
Google has released a significant security update for its Chrome browser, aiming to address several vulnerabilities and enhance user safety. The Stable channel has been updated to version 131.0.6778.108/.109 for Windows, and Mac, and version 131.0.6778.108 for Linux. These updates…
Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely
A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious actors to remotely compromise affected devices. The vulnerability, identified as CVE-2024-11237, affects TP-Link VN020 F3v(T) routers running firmware version TT_V6.2.1021, which are primarily deployed through Tunisie…
Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitary Code Remotely
A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious actors to remotely compromise affected devices. The vulnerability, identified as CVE-2024-11237, affects TP-Link VN020 F3v(T) routers running firmware version TT_V6.2.1021, which are primarily deployed through Tunisie…
Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores
The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to malicious e-commerce websites, leveraging multiple SEO malware families to achieve their goal. Three distinct threat actor groups were identified, each employing a unique malware family, with…
Chinese SilkSpecter Hackers Attacking Black Friday Shoppers
SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce shoppers in Europe and the USA during the Black Friday shopping season. The campaign leveraged the legitimate payment processor Stripe to steal victims’ Cardholder Data (CHD)…
Black Basta Ransomware Leveraging Social Engineering For Malware Deployment
Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in 2022 by employing sophisticated social engineering techniques to infiltrate target networks, often leveraging advanced malware to compromise systems undetected. Once inside, Black Basta extorts victims with…
Critical Laravel Vulnerability CVE-2024-52301 Allows Unauthorized Access
CVE-2024-52301 is a critical vulnerability identified in Laravel, a widely used PHP framework for building web applications. The vulnerability allows unauthorized access by exploiting improperly validated inputs, potentially leading to privilege escalation, data tampering, or full system compromise. Given Laravel’s…
CISA Warns of Actors Exploiting Two Palo Alto Networks Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert and added two new vulnerabilities related to Palo Alto Networks to its Known Exploited Vulnerabilities Catalog. These vulnerabilities, CVE-2024-9463 and CVE-2024-9465, are reportedly actively exploited by malicious cyber…
4M+ WordPress Websites to Attacks, Following Plugin Vulnerability
A critical vulnerability has been discovered in the popular “Really Simple Security” WordPress plugin, formerly known as “Really Simple SSL,” putting over 4 million websites at risk. The flaw, identified as CVE-2024-10924, exposes websites using the plugin to potential remote attacks,…
Chinese National Faces 20 Years of Jail Time for Laundering Millions in Crypto
Daren Li, 41, a dual citizen of China and St. Kitts and Nevis, and a resident of China, Cambodia, and the United Arab Emirates, pleaded guilty today to one count of conspiracy to commit money laundering for his role in…
Google Unveils New Intelligent, Real-Time Protections for Android Users
Google has once again raised the bar for mobile security by introducing two new AI-powered real-time protection features for Android users. With a strong commitment to user privacy and safety, these innovative tools aim to shield users from scams, fraud,…
Google to Issue CVEs for Critical Cloud Vulnerabilities
Google Cloud has announced a significant step forward in its commitment to transparency and security by stating it will begin issuing Common Vulnerabilities and Exposures (CVEs) for critical vulnerabilities found in its cloud services. This move, which underscores Google’s dedication…