A new high-severity vulnerability has been discovered in multiple Cisco products, which could potentially allow HTTP/2 Rapid Reset Attack. This vulnerability enables a novel distributed denial of service (DDoS) attack technique. This vulnerability was assigned with CVE-2023-44487 and a severity…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Windows Hello Fingerprint Authentication Exploited on Microsoft, Dell, & Lenovo Laptops
Microsoft Windows Hello Fingerprint authentication was evaluated for security over its fingerprint sensors embedded in laptops. This led to the discovery of multiple vulnerabilities that would allow a threat actor to bypass the Windows Hello Authentication completely. The research was…
117 Vulnerabilities Discovered in Microsoft 365 Apps
Microsoft 365 Apps is a suite of productivity tools that includes the following apps and services offered by Microsoft through a subscription service:- Hackers often target these applications because they are widely used in business environments, providing a large potential…
Million-Dollar Crypto Scam that Leaves Investors Empty-handed
In the fast-paced world of cryptocurrency, the ever-looming threat of Rug Pulls has once again taken center stage. Check Point’s Threat Intel Blockchain system, a vigilant guardian of the blockchain realm, recently uncovered a meticulously executed scheme that swindled nearly…
North Korean Hackers Posed as Job Recruiters and Seekers
Two ongoing efforts, Contagious Interview and Wagemole, have been identified to target job-seeking activities connected to North Korean Hackers and state-sponsored threat actors. Threat actors use the interview process in “Contagious Interview” to trick developers into installing malware by posing…
Poloniex Offered $10 Million Reward to Hacker for Return of $120 Million
Poloniex is a popular cryptocurrency exchange platform headquartered in the United States that provides a diverse range of digital assets for trading. The platform was established in January 2014 by Tristan D’Agosta, with a vision to make cryptocurrency trading easier…
DarkGate Gained Popularity for its Covert Nature and Antivirus Evasion
DarkGate, a sophisticated Malware-as-a-Service (MaaS) offered by the enigmatic RastaFarEye persona, has surged in prominence. The malware is known for abusing Microsoft Teams and MSI files to compromise target systems. This Sekoia report delves into its ominous capabilities, examining its…
New Phishing Attack Hijacks Email Thread to Inject Malicious URL
Researchers discovered a new campaign delivering DarkGate and PikaBot that employs strategies similar to those employed in QakBot phishing attempts. This operation sends out a large number of emails to a variety of industries, and because the malware transmitted has…
Former Infosec COO Pleads Guilty for Hacking Hospitals
Former COO of the Atlanta-based cybersecurity company Securolytics, Vikas Singla, launched a series of cyberattacks on the non-profit healthcare organization Gwinnett Medical Center (GMC), which has locations in Lawrenceville and Duluth, Georgia. GMC suffered a financial loss of $817,804.12 as…
Hackers Abusing WhatsApp Messages to Install Android Malware
Embarking on a journey into the realm of cyber threats, Microsoft recently uncovered a series of mobile banking trojan campaigns meticulously designed to exploit unsuspecting users in India. This expose delves into the sophisticated strategies employed by cybercriminals utilizing social…
Hackers Exploit Asset Management Program to Deploy Malware
The Andariel group has been identified in recent reports as distributing malware through asset management programs. This group has been previously discovered to be in a relationship with the Lazarus group. The Andariel group is known to launch supply chain,…
FCC Implemented New Rules to Stop SIM Swapping Attacks
In a pivotal decision on November 15, 2023, the Federal Communications Commission (FCC) orchestrated a formidable defensive strategy against insidious scams targeting consumers’ cell phone accounts. This comprehensive report delves into the intricacies of the newly adopted rules, designed to…
FCC Implemented new Rules to Stop SIM swapping Attacks
In a pivotal decision on November 15, 2023, the Federal Communications Commission (FCC) orchestrated a formidable defensive strategy against insidious scams targeting consumers’ cell phone accounts. This comprehensive report delves into the intricacies of the newly adopted rules, designed to…
Yamaha Ransomware Attack: Employees Personal Information Exposed
A ransomware attack targeted Yamaha Motor Co., Ltd., resulting in a partial disclosure of the personal information maintained by the company. Notably, a third party gained unauthorized access to one of the servers run by Yamaha Motor Philippines, Inc. (YMPH),…
Threat Intelligence with Sandbox Analysis: Security Analyst Guide – 2024
Threat intelligence (TI) is critical to organizations’ cybersecurity infrastructure, allowing them to keep track of the evolving threat landscape and ensure timely detection. However, TI Solutions’ information frequently lacks the specifics required for thorough security measures. One way to address…
AMIDES – Open-source Detection System to Uncover SIEM Blind Points
Cyberattacks pose a significant risk, and prevention alone isn’t enough, so timely detection is crucial. That’s why most organizations use SIEM (Security Information and Event Management) systems to centrally collect and analyze security events with expert-written rules for detecting intrusions.…
Critical AI Tool Vulnerabilities Let Attackers Execute Arbitrary Code
Multiple critical flaws in the infrastructure supporting AI models have been uncovered by researchers, which raise the risk of server takeover, theft of sensitive information, model poisoning, and unauthorized access. Affected are platforms that are essential for hosting and deploying large language models, including Ray,…
‘123456’ Crackable in seconds, 2023’s Most Prevalent Password
For half a decade, NordPass has delved into the realm of password habits, uncovering familiar tunes that persist. However, this year’s narrative is layered with intriguing patterns, particularly within distinct platform categories. Amidst the discourse on passkeys, a question lingers:…
Gang of 5 Employees Stole The Customer Data at Late Night in Office
The sequence of events sounds like it was taken straight from a movie script. Five software programmers were working late into the night, chatting on their phones while they worked. During the wee hours of October 9, between 1:00 am…
Dark Effects of Bot Attacks that Drive 73% of Internet Traffic
In a chilling revelation, the cybercrime economy is projected to soar to $10.5 trillion by 2025, driven by financially motivated bad actors orchestrating dark enterprises. Uncover the intricate web of these malicious activities and the alarming surge in cyber threats.…
Kubernetes Security on AWS: A Practical Guide
Kubernetes security is safeguarding your Kubernetes clusters, the applications they host, and the infrastructure they rely on from threats. As a container orchestration platform, Kubernetes is incredibly powerful but presents a broad attack surface for potential adversaries. Kubernetes security encompasses…
FortiSIEM Injection Flaw: Let Attackers Execute Malicious Commands
Fortinet notifies users of a critical OS command injection vulnerability in the FortiSIEM report server that might enable an unauthenticated, remote attacker to execute malicious commands via crafted API requests. FortiSIEM is Fortinet’s security information and event management (SIEM) solution,…
20+ Companies Hacked in Massive Cyber Attack on Critical Infrastructure
In an alarming development, Denmark faced its most extensive cyber attack in May 2023, targeting crucial components of its energy infrastructure. A total of 22 companies fell victim to a meticulously coordinated attack, breaching their industrial control systems and prompting…
Hacker Receives 18-Month Prison for Running Dark Web Forum
In a momentous development in cybersecurity, Thomas Kennedy McCormick, alias “fubar,” a resident of Cambridge, Massachusetts, has been sentenced to 18 months imprisonment for masterminding a racketeering conspiracy within the infamous Darkode hacking forum. The intricate web of cybercrime unraveled…
Ransomware Gang Files an SEC Complaint for Victim Not Disclosing Data Breach
Alphv Ransomware gang filed an SEC complaint against MeridianLink for not disclosing a data breach. BlackCat, also known as ALPHV, BlackCat operates on the ransomware as a service (RaaS) model, with developers offering the malware for use by affiliates and…
Toyota Financial Hack Claimed by Medusa Ransomware
The biggest manufacturer of automobiles, Toyota, has discovered unauthorized activity on systems in a few of its Europe & African services. The ‘Medusa ransomware gang allegedly took data from Toyota Financial Services.’ The group offered the business ten days to…
Beware! Hackers Can Now Exploit a Security Flaw in Zoom Client
The popular video messaging platform Zoom has discovered multiple vulnerabilities affecting Zoom Clients. These vulnerabilities might allow an unauthorized user to carry out denial-of-service, privilege escalation, and information disclosure attacks. To receive the most recent security updates and bug fixes, Zoom…
ManageEngine Information Disclosure Flaw Exposes Encryption Keys
ManageEngine, one of the most widely used IT infrastructure management platforms that offers more than 60 Enterprise IT management tools, has been discovered with an Information Disclosure vulnerability which is tracked as CVE-2023-6105. This vulnerability affects multiple ManageEngine products, including…
Wireshark 4.2.0 Released: What’s New!
Wireshark, a leading network packet analyzer, has released version 4.2.0, which brings bug fixes, protocol updates, major API changes, codec support, and several new features. It is still a widely used and popular tool for network protocol analysis. Network administrators and security experts use packet…
Samsung Hacked: Customers Personal Information Exposed
Samsung Electronics (U.K.) Limited has announced a cybersecurity incident, corroborating the exposure of customer data that originated in July 2019. The disclosure comes as the tech behemoth contends with the repercussions of illicit access to personal information. Sequence of the…
Reptar – A New CPU Vulnerability Affects Intel and AMD CPUs
A critical CPU vulnerability can pose a significant threat by allowing:- Exploitation of such vulnerabilities can lead to widespread cyberattacks and significant disruptions. Recently, Google noted a rise in CPU vulnerabilities this year, as August disclosures reveal the following vulnerabilities…
TA402 Group using Weaponized XLL and RAR Files to Deliver Malware
Researchers have discovered a new phishing campaign that targets Middle Eastern and North African Government Entities to deliver a new initial access downloader termed “IronWind.” This downloader is followed by additional payload stages, which downloads a shellcode. Most campaigns were…
Hackers Abuse Google Forms to Bypass Anti-spam Filters
Cybersecurity researchers at Talos have discovered that spammers are taking advantage of Google Forms quizzes to disseminate various types of online scams to unsuspecting victims. Since Google’s servers are where the emails are coming from, it could be simpler for…
Ddostf DDoS Malware Attacking MySQL Servers in Windows Environments
Researchers found that vulnerable MySQL servers are being deployed with the Ddostf DDoS bot, which is capable of launching Distributed Denial of Service (DDoS) attacks. Ddostf, which was first identified around 2016, is well-known for supporting both Windows and Linux platforms…
SystemBC, a SWISS KNIFE Proxy Malware, Used by Numerous Ransomware Groups
SystemBC (aka Coroxy or DroxiDat) is a multifunctional malware known as Proxy, Bot, Backdoor, and RAT, adapting to attackers’ needs. Since 2018, this multifunctional malware has been active, and it remains popular in underground markets, with consistent annual incidents. Cybersecurity…
LogShield: A New Framework that Detects the APT Attack Patterns
There have been several cases of GPT model-based detection for various attacks from system logs. However, there has been no dedicated framework for detecting APTs as they use a low and slow approach to compromise the systems. Security researchers have…
What Does PCI DSS 4.0 Mean for API?
Payment Card Industry Data Security Standard or PCI DSS 4.0 was released in May 2022 by the PCI Security Standards Council (PCI SSC). After using PCI DSS 3.2.1 for several years, PCI DSS 4.0 is the latest security standard version…
Hackers Exploiting Create2 to Bypass Wallet Security Alerts
Recently, hackers have used the Ethereum network’s CREATE2 opcode to bypass wallet security alarms in certain wallets. Using Create2’s pre-calculation feature, the Drainers can produce unique addresses for every malicious signature. After the victim signs the malicious signature, these addresses are deployed.…
Hackers Selling Exploits for Critical Vulnerabilities on the Dark Web
Dark forums and Telegram channels have become great places for threat actors to sell critical vulnerabilities and exploits. These vulnerabilities and exploits were associated with the Elevation of Privilege, Authentication Bypass, SQL Injection, and Remote Code Execution in products like…
Intel is Being Sued Over the ‘Downfall’ CPU Vulnerability for $10K per Plaintiff
A class-action lawsuit had been filed against Intel due to a critical “Downfall” vulnerability in Intel CPUs, a defect that Intel was aware of since 2018 but neglected to report. According to Intel, the only way to “fix” it is to apply…
Authorities Took Down Massive Phishing-as-a-service Provider
A notorious phishing service that supplied cybercriminals with phishing kits, scam pages, and stolen credentials has been disrupted by a joint operation involving Malaysian, Australian, and U.S. authorities. BulletProftLink, also known as a phishing-as-a-service (PhaaS) platform, had been operating for…
Authorities Took Down Massive Phishing-as-a-service Provider BulletProftLink
A notorious phishing service that supplied cybercriminals with phishing kits, scam pages, and stolen credentials has been disrupted by a joint operation involving Malaysian, Australian, and U.S. authorities. BulletProftLink, also known as a phishing-as-a-service (PhaaS) platform, had been operating for…
Imperial Kitten Attacking Tech Firms with SQLi & Scanning Tools
Researchers detected IMPERIAL KITTEN, an adversary with ties to Iran, conducting strategic web compromise (SWC) operations with a focus on transportation, logistics, and technology firms. The adversary, who has been operating since at least 2017, has been reported to have…
10 Best Unified Endpoint Management Tools – 2024
Managing a diverse range of devices, including desktops, mobile devices, and Internet of Things (IoT) devices, is an essential aspect of modern businesses. To efficiently handle these devices, a set of best Unified Endpoint Management Tools (UEM) technologies provide an…
Serbian National Pleads Guilty For Operating a Darknet Website
After being apprehended by the US government, a Serbian citizen confessed to placing multiple orders on the Monopoly drugs market, which operates on the darknet. The individual in question has admitted to engaging in the illicit purchase of drugs through…
Chinese APT Infrastructure Mimics Cloud Backup Services
Cambodian government entities were discovered to be targeted and compromised by Chinese APT actors. The threat actors are using the infrastructure to masquerade as a cloud backup service. The infrastructure also exhibits several malicious nature and persistent connections. China has…
Microsoft Authenticator New Feature Blocks Malicious Notification by Default
In an age where online threats loom large, safeguarding our personal and professional accounts has never been more critical. With hackers tirelessly attempting to breach security barriers, the need for robust identity verification methods has become paramount. In response to…
IBM Unveils Cloud-Native QRadar SIEM to Maximize Power of SOC Professionals
IBM has recently announced the launch of its Cloud-Native SIEM solution, which is designed to enhance the scale, speed, and flexibility of security teams. With this new offering, organizations can benefit from improved threat detection and response capabilities, empowering them…
Burp Suite 2023.10.3.4 Released – What’s New!
Burp Suite 2023.10.3.4 is the name of the newest version of Burp Suite, which was just published by the PortSwigger developers. The Burp Suite is a cybersecurity tool that is used for evaluating the security of online applications. It performs…
Sapphire Sleet Hackers Attacking LinkedIn Users Based on Their Expertise
In a recent development, cybersecurity experts have identified a significant shift in the tactics employed by Sapphire Sleet, a notorious threat actor known for cryptocurrency theft through social engineering. Microsoft’s threat intelligence team has been closely monitoring Sapphire Sleet, a…
Sapphire Sleet Hackers Attacking Linkedin Users Based on their Expertise
In a recent development, cybersecurity experts have identified a significant shift in the tactics employed by Sapphire Sleet, a notorious threat actor known for cryptocurrency theft through social engineering. Microsoft’s threat intelligence team has been closely monitoring Sapphire Sleet, a…
SysAid IT Service Software 0-day Exploited to Deploy Cl0p Ransomware
SysAid On-Prem software has been reported with a 0-day vulnerability determined during an incident response investigation. According to Microsoft, attackers are exploiting this zero-day vulnerability to infiltrate corporate servers, to steal sensitive data and deploy the notorious Clop ransomware. This…
Russian Hackers Hijacked Power Station Circuit Breakers Using LotL Technique
In a recent and alarming development, the notorious Russia-linked threat actor Sandworm executed a sophisticated cyber-physical attack targeting a critical infrastructure organization in Ukraine. The incident, responded to by cybersecurity firm Mandiant, unfolded as a multi-event assault, showcasing a novel…
BlueNoroff Hackers Attacking Apple Users with New macOS Malware
A new malware variant is distributed by BlueNordoff APT group, a financially motivated threat group targeting cryptocurrency exchanges, venture capital firms, and banks. This new campaign has similar characteristics to their RustBucket campaign. BlueNoroff was first discovered in early 2014…
Hackers Actively Exploiting Big-IP and Citrix Vulnerabilities
Experts issued security alerts concerning the ongoing exploitation of Big-IP (CVE-2023-46747, CVE-2023-46748) and Citrix (CVE-2023-4966) vulnerabilities. The publicly available Proof of Concepts (POCs) for these vulnerabilities were rapidly circulated in cybercrime forums. Over 20,000 “Netscaler” instances and 1,000 “Big IP”…
Buffer Overflow Flaws in Trusted Platform Modules Allow Malicious Commands
Trusted Computing Group’s Trust Platform Module 2.0 reference library specification has been discovered with two buffer overflow vulnerabilities that threat actors can exploit to access read-only sensitive data or overwrite normally protected data, which is only available to the TPM.…
New Gootloader Malware Abuses RDP to Spread Rapidly
Hackers target Remote Desktop Protocol (RDP) via malware because it provides them with remote access to a victim’s computer or network, allowing them to:- Cybersecurity researchers at IBM X-Force affirmed recently that in place of conventional frameworks like CobaltStrike, the…
WhatsApp New Privacy Feature Let Users Hide Location During Calls
WhatsApp has begun to roll out the ‘Protect IP Address in Calls’ feature, which conceals your IP address during calls. Upon using this feature, all your calls will be relayed through WhatsApp’s servers, protecting your IP address and preventing other…
Hackers Exploiting Confluence Flaw to Deploy Ransomware
Hackers actively target Confluence flaws because it is a widely used collaboration and documentation platform, making it a valuable target for gaining unauthorized access to sensitive information or spreading malware. Exploiting vulnerabilities in Confluence can lead to:- These things make…
Storage And Backup Cyber Resiliency – CISOs Guide 2024
CISOs rely on information about security from across the organization, particularly from the various IT departments. Unfortunately, the information being fed to CISOs about cybersecurity risk is incomplete. There is a blind spot present—a gaping hole. Data about the security…
Ransomware Actors Exploiting Legitimate System Tools to Gain Access – FBI
Ransomware attacks are on the rise, causing organizations to lose millions of dollars, restricting them from accessing their data, and possibly disclosing personal information. According to the FBI Private Industry Notification, ransomware attackers have recently been taking advantage of flaws in…
Android Security Updates: 2023 – 37 Vulnerabilities Patched Including RCE, DOS
Android has fixed 37 vulnerabilities that were impacting its devices with the release of its November 2023 security updates. Most of the flaws included information disclosure, elevation of privilege, denial of service, and remote code execution. These updates address major…
Iranian APT Hackers Attacking Education & Tech Sectors to Steal Sensitive Data
Cybersecurity researchers link attackers to the Iranian-backed APT group “Agonizing Serpens,” which has upgraded its capabilities and uses various tools to bypass security measures. Hackers target and steal sensitive data for various reasons, including: They may sell the stolen data…
QNAP OS Command Injection Vulnerability Let Attackers Execute Malicious Commands
Two critical OS command injection flaws have been discovered in multiple QNAP products, which include QTS, Multimedia Console, Media Streaming add-on, QuTS Hero, and QuTScloud. These vulnerabilities existed in the QTS operating system and applications on network-attached storage (NAS) devices,…
What is Network Detection and Response (NDR)?
In the ever-evolving digital world, organizations must safeguard their networks and sensitive data against sophisticated cyber threats. Have you ever heard NDR in relation to cybersecurity? Whether you have or not, do you know what is network detection and response?.…
Veeam Critical Flaws Let Attackers Execute Remote Code and Steal NTLM Hashes
Veeam, a Global Leader in Data Protection, issued hotfixes to address four vulnerabilities affecting the Veeam ONE IT infrastructure monitoring and analytics platform. Two vulnerabilities are classified as ‘critical,’ while the other two are classified as ‘medium severity’ flaws. The critical flaws allow remote…
Top 6 Cybersecurity Incident Response Phases – 2024
Modern security tools continue to improve in their ability to defend organizations’ networks and endpoints against cybercriminals. But the bad actors still occasionally find a way in. Security teams must be able to stop threats and restore normal operations as…
Hackers Actively Exploiting Linux Privilege Escalation Flaw to Attack Cloud Environments
Linux Privilege Escalation flaw is one of the highly critical flaws as it can allow an attacker to gain elevated privileges on a system, potentially leading to full control. Hackers typically exploit these vulnerabilities by crafting malicious code or commands…
Corrupt Police Imprisoned for Revealing Investigation Secrets to Criminal
Natalie Mottram, a 25-year-old intelligence analyst who worked for Cheshire Police and the North West Regional Organised Crime Unit (ROCU), has been given a prison sentence of three years and nine months for her role in a serious security breach. …
Socks5Systemz Proxy Hacked 10,000+ Systems World Wide
Proxy services let users rent IP addresses and provide online anonymity by disguising their traffic as regular IP addresses while hiding the true source or origin. Bitsight researchers recently found a new malware sample distributed by the following two loaders:-…
Arid Viper Steals Sensitive Data From Android’s & Deploy Other Malware
According to recent reports, Arabic-speaking Android users have been targeted with spyware by the “Arid Viper” threat actor, also known as APT-C-23, Desert Falcon, or TAG-63). This threat actor has been using counterfeit dating apps designed to exfiltrate data from…
‘Crypto King’ Sam Bankman-Fried Pleads Guilty Multi-billion Dollar Fraud
Sam Bankaman-Fried, the founder and CEO of the largest cryptocurrency exchange, has recently pleaded guilty to charges of fraud and money laundering. This news has sent shockwaves through the cryptocurrency community, as Bankaman-Fried was highly regarded and his exchange was…
Arid Viper Steals Sensitive data From Android Phones and Deploy other Malware
According to recent reports, Arabic-speaking Android users have been targeted with spyware by the “Arid Viper” threat actor, also known as APT-C-23, Desert Falcon, or TAG-63). This threat actor has been using counterfeit dating apps designed to exfiltrate data from…
Top 5 Kubernetes Vulnerabilities – 2023
Kubernetes is a popular open-source platform for managing containerized workloads and services. It’s a system that simplifies a wide array of deployment, scaling, and operations tasks, but it’s not without its risks. Just as any other software or platform, Kubernetes…
Hackers Hijacking Facebook Accounts with Malware via Facebook Ads
Social media platforms offer financially motivated threat actors opportunities for large-scale attacks by providing a vast user base to target with:- These platforms allow attackers to exploit trust and personal information shared by users, making it easier to craft convincing…
New Common Vulnerability Scoring System (CVSS) v4.0 Released – What’s New!
CVSS (Common Vulnerability Scoring System) is vital for supplier-consumer interaction, offering a numerical score to assess security vulnerabilities’ technical severity that helps in guiding the following entities:- CVSS scores interpret the following qualitative ratings for prioritizing vulnerability management and enhancing…
Accenture Acquires Leading Spanish Cybersecurity Firm Innotec Security
Accenture, the global technology services and consulting giant, has announced the acquisition of Innotec Security, a leading cybersecurity-as-a-service provider based in Spain. The deal, which was made public on November 2, 2023, is a strategic move by Accenture to enhance…
DarkGate, Which Abused Microsoft Teams, Now Leverages MSI Files
A new wave of cyberattacks has been discovered by Netskope Threat Labs, involving the use of SharePoint as a delivery platform for the notorious DarkGate malware. This alarming trend is driven by an attack campaign that exploits vulnerabilities in Microsoft…
Multiple Cisco Services Engine Flaws Let Attackers Upload Arbitrary Files
Multiple vulnerabilities have been discovered in the Cisco Services Engine associated with Arbitrary File Upload and Denial of Service assigned with CVEs CVE-2023-20195, CVE-2023-20196, and CVE-2023-20213. The severity for these vulnerabilities ranges between 4.3 (Medium) and 4.7 (Medium). These vulnerabilities…
Why Storage And Backup Are Cybersecurity’s Weakest Links? – Top 5 Reasons
A lot of money is being spent to protect the enterprise against intrusion. Ransomware protection is currently in the spotlight – and with good reason. But organizations also invest heavily in technologies such as Zero Trust Network Access (ZTNA), Secure…
Cisco AnyConnect SSL VPN Flaw Let Remote Attacker Launch DoS Attack
A vulnerability of medium severity, identified as CVE-2023-20042, with a CVSS score of 6.8, was found in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defence (FTD) Software. This vulnerability could potentially…
Top 3 Cyber Threats That Attack Banks in 2023 – Counter Them With Any.Run Sandbox
Bank robbers of today are nothing like their counterparts of the past. Modern-day Bonnie and Clyde operate remotely, carrying out their operations from hundreds of miles away, simply using their laptops. On top of that, every year, the barrier of…
Hackers Attacking Blockchain Engineers with Novel macOS Malware
The frequency of hackers exploiting macOS flaws varies over time, but Apple continuously releases security updates to patch vulnerabilities. While macOS is generally considered more secure than some other operating systems but, it is not immune to exploitation, and hackers…
Uncovering Prolific Puma, Massive Domain Generator & URL Shortener
Hackers can exploit Massive Domain Generator and URL Shortener services by creating large numbers of deceptive or malicious domains and using URL shorteners to hide the true destination of links. This can be used for the following illicit purposes:- Recently,…
Hackers Deliver Malicious DLL Files Chained With Legitimate EXE Files
Hackers opt for DLL hijacking as a technique to exploit vulnerable applications because it allows them to load malicious code by tricking a legitimate application into loading a malicious DLL. This can give them unauthorized access and control over a…
Hackers Weaponize HWP Documents to Attack National Defense and Press Sectors
HWP documents are primarily associated with the Hangul Word Processor software used in South Korea. Hackers may opt for HWP documents to target National Defense and Press Sectors because they exploit vulnerabilities in this specific file format and software, which…
F5 Warns of Active Attacks Targeting BIG-IP SQL injection vulnerability
F5 Networks has issued a security alert about a severe vulnerability in its BIG-IP Configuration utility, identified as CVE-2023-46748. This vulnerability is an authenticated SQL injection flaw that allows attackers with network access to execute arbitrary system commands. F5 Networks…
CitrixBleed Vulnerability Widely Exploited, Primarily by a Ransomware Gang
At the end of October, AssetNote released a proof-of-concept for the CVE-2023–4966 associated with sensitive information disclosure for Citrix Netscaler ADC devices and was given a severity rating of 9.4 (Critical). After the release of PoC, there seems to be…
Hackers Abuse NuGet Packages to Deliver SeroXen RAT
The NuGet package manager, which .NET developers widely use, has been under attack by a series of malicious activities, according to a report by cybersecurity firm ReversingLabs. The report, which follows previous investigations on npm, PyPI, and RubyGems ecosystems, shows…
Atlassian Urged Customers to Fix Critical Confluence Security Flaw Right Away!
Atlassian has been reported with a critical vulnerability in their Confluence Software, which several organizations have widely adopted. The CVE for this vulnerability has been assigned as CVE-2023-22518, and the severity has been given as 9.1 (Critical). Atlassian has addressed…
Prepare Your Employees to Withstand a Zero-Day Cyber Attack: 5 Key Strategies
Imagine walking into work one morning to find your company’s network completely crippled. Servers are down, workstations display ransomware notices, and critical data has been encrypted or deleted. Total operational paralysis. This is the potential aftermath of a devastating zero-day…
Hackers Abuse Google Search Ads to Deploy Bonanza Malware
Cybercriminals are resorting to unscrupulous tactics to deploy Bonanza malware by exploiting Google Search Ads. The hackers are taking advantage of the search engine’s advertising mechanism to spread the malicious software, putting unsuspecting users at risk of cyber attacks. This…
Hacker Jailed for Stealing $1 Million Via SIM Swapping Attacks
A young man from Orlando, Florida, has been handed a 30-month prison sentence for his role in a cybercrime scheme that stole nearly $1 million in cryptocurrency from unsuspecting victims. As part of a group of hackers, Jordan Dave Persad,…
Proofpoint to Acquire AI Email Security Firm Tessian
Proofpoint, an enterprise security company, has entered into a definitive agreement to acquire Tessian, a leading provider of email security solutions. The acquisition is aimed at enhancing the existing email security offerings of Proofpoint and preventing misdirected emails and data…
ServiceNow Misconfigurations Lead to Leak of Sensitive Data
ServiceNow has been alerted to a potential misconfiguration concern that might impact the security of its platform. The company is actively addressing the issue and working towards a resolution. The issue involves Access Control Lists (ACLs), which are used to…
The Risk of RBAC Vulnerabilities – A Prevention Guide
Role-Based Access Control (RBAC) is a security paradigm focused on assigning system access to users based on their organizational role. It’s a sophisticated approach of ensuring that only the right people can access the right information at the right time.…
Hackers Deliver Remcos RAT as Weaponized PDF Payslip Document
AhnLab Security Emergency Response Center (ASEC) has recently revealed a disturbing case of Remcos RAT, a malicious software that can remotely access and manipulate infected machines. The attackers behind this malware used a clever email scam that pretended to be…
F-Secure Eyes $9.5M in Cost Savings With Layoffs
F-Secure has recently implemented organizational changes in order to pursue strategic growth initiatives and meet its financial targets. These changes likely involve adjustments to the company’s structure, processes, and resources to ensure they are better aligned with their goals and…
Hackers Abusing OAuth Token to Take Over Millions of Accounts
A new OAuth vulnerability has been discovered in three of the major extensions such as Grammarly, Vidio, and Bukalapak. These applications use the OAuth protocol for their authentication, which is vulnerable to an authentication token-stealing attack. OAuth is an authentication…
XWorm Sold Malware-as-a-service Opens Vast Hacking Opportunities
XWorm is a RAT (Remote Access Trojan), a malware-as-a-service. It was first discovered in July 2022 and is known to have originated from the ex-USSR. The malware is capable of multiple things, such as stealing sensitive data and cryptocurrency, launching…