Researchers discovered a large, Chinese state-sponsored IoT botnet, “Raptor Train,” that compromised over 200,000 SOHO and IoT devices. Operated by Flax Typhoon, the botnet leveraged a sophisticated control system, “Sparrow,” to manage its extensive network. The botnet posed a significant threat to various sectors, including military, government, and IT, with the potential for DDoS attacks […]
The post Researchers Detailed Raptor Train Botnet That 60,000+ Compromised Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Researchers identified an attack campaign targeting poorly secured Linux SSH servers, where the attack leverages Supershell, a cross-platform reverse shell backdoor written in Go, granting attackers remote control of compromised systems. Following the initial infection, attackers are suspected to have deployed scanners to identify additional vulnerable targets and then likely launched dictionary attacks on these […]
The post Hackers Using Supershell Malware To Attack Linux SSH Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Recent intelligence indicates a new technique employed by stealers to trick victims into entering credentials directly into a browser, enabling subsequent theft from the browser’s credential store. This method, used in conjunction with StealC malware, was first observed in August 2024 and is primarily deployed by Amadey. The technique involves forcing victims to interact with […]
The post Threat Actors Forcing victims Into Entering Login Credentials For Stealing appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
SambaSpy Attacking Windows Users With Weaponized PDF FilesResearchers discovered a targeted cybercrime campaign in May 2024 that exclusively focused on Italian victims, which was unusual as attackers typically aim for broader targets to increase profits. However, this campaign implemented checks at different stages of the infection chain to ensure only Italian users were affected, which […]
The post SambaSpy Using Weaponized PDF Files to Attack Windows Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Authors/Presenters:Peixuan Gao, Anthony Dalleggio, Jiajin Liu, Chen Peng, Yang Xu, H. Jonathan Chao
Our sincere thanks to USENIX, and the Presenters & Authors for publishing their superb 21st USENIX Symposium on Networked Systems Design and Implementation (NSDI '24) content, placing the organizations enduring commitment to Open Access front and center. Originating from the conference’s events situated at the Hyatt Regency Santa Clara; and via the organizations YouTube channel.
The post USENIX NSDI ’24 – Sifter: An Inversion-Free and Large-Capacity Programmable Packet Scheduler appeared first on Security Boulevard.
Critical Security Vulnerabilities (CVE-2024-38856 and CVE-2024-45195) in Apache OFBiz Expose Enterprise Systems to Potential Data Breaches and Disruption of Critical Business Functions Affected Platform Apache OFBiz is an open-source framework designed for enterprise resource planning (ERP). It supports a range of web applications necessary for various business functions, including human resources, accounting, inventory management, customer...
The post CVE-2024-38856 and CVE-2024-45195 – Apache OFBiz Security Vulnerabilities – August 2024 appeared first on TrueFort.
The post CVE-2024-38856 and CVE-2024-45195 – Apache OFBiz Security Vulnerabilities – August 2024 appeared first on Security Boulevard.