Aggregator

在今年5月6日结束的线上初赛中，Straw Hat以全球第四的成绩成功晋级DEFCON CTF 32

Researchers have uncovered a sophisticated phishing marketplace, the ONNX Store, which provides cybercriminals with advanced tools to hijack Microsoft 365 accounts. Alarmingly, these tools include methods for bypassing two-factor authentication (2FA), a critical security measure that many organizations rely on to protect sensitive information. This discovery underscores the urgent need for corporate information security teams […]

The post ONNX Bot Tool Hijacks Microsoft 365 accounts & Even Bypass 2FA appeared first on Cyber Security News.

US citizens play middleman between US companies and the North Korean government agents they unwittingly hire.

Twilio обвиняется в незаконном сборе пользовательских данных.

19-летний Билл придумал, как выявить множество уязвимостей за один раз, а затем исправить их.

The United Kingdom and France will soon launch a consultation on how to tackle “the proliferation a

Criminal IP, an expanding Cyber Threat Intelligence (CTI) search engine from AI SPERA, has recently completed its technology integration with Maltego, a global all-in-one investigation platform that specializes in visualized analysis of combined cyber data. This collaboration integrates Criminal IP’s comprehensive database of malicious IPs, domains, and CVEs directly into Maltego’s unified user interface and […]

The post Criminal IP and Maltego Collaborate to Broaden Threat Intelligence Data Search appeared first on Cyber Security News.

Hackers attack AWS as it hosts a vast number of high-value targets, including sensitive data, business applications, and cloud resources for organizations worldwide. In February 2024, six AWS services were found to have some critical vulnerabilities. The services include CloudFormation, Glue, EMR, SageMaker, ServiceCatalog and CodeStar. Cybersecurity analysts at Aquasec identified grave dangers associated with […]

The post Critical AWS Services Vulnerability Let Attackers Execute Remote Code appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Evolution Mining Limited, a prominent global player in the gold mining industry, has reported a ransomware attack that impacted its IT systems. The company, which operates several mines across Australia and Canada, discovered the breach on August 8, 2024. This incident highlights the growing threat of cyberattacks on critical industries worldwide. Incident Details and Response […]

The post Australian Gold Mining Company Reports Ransomware Attack appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Explore how Cloudflare's JA4 fingerprinting and inter-request signals provide robust and scalable insights for advanced web security and threat detection

2024-08-1216 min readFor many years, Cloudflare has used advanced fingerprinting techniques to help

The world has changed – and by a lot. Over the last several years, global companies have rapidly ac

Many stakeholders said the future UN convention could allow authoritarian countries to stifle political opposition and violate human rights

Корпорация реагирует на закон DMA очередным повышением комиссий.

A global survey of 300 IT and security professionals suggests that while security budgets are incre

A global survey of 300 IT and security professionals suggests that while security budgets are increasing the way funding is being allocated is shifting as organizations look to automate workflows.

The post Survey: Cybersecurity Teams Investing in Automation to Reduce Noise Levels appeared first on Security Boulevard.

Head Mare, a hacktivist group targeting Russia and Belarus, leverages phishing campaigns distributing WinRAR archives to exploit CVE-2023-38831 for initial access. By deploying LockBit and Babuk ransomware, they encrypt victim systems and publicly disclose stolen data.  The group shares similarities with other anti-Russian hacktivists in tactics but employs more advanced access methods, as their operations, […]

The post Hackers Exploiting WinRAR Flaw To Attacks Windows & Linux(ESXi) Machines appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

In the beginning of August 2024, Sonos released a security advisory in which they fixed two security vulnerabilities that were associated with Remote Code Execution. These vulnerabilities have been assigned with CVE-2023-50810 and CVE-2023-50809.  These vulnerabilities were existing in Sonos One and Sonos Era-100 Bluetooth speakers which could allow a threat actor to record the […]

The post Sonos Smart Speaker Vulnerability Let Attackers Execute Remote Code appeared first on Cyber Security News.

A vulnerability classified as critical has been found in FIWARE Keyrock up to 8.4. Affected is the function generate_app_certificates of the file controllers/saml2/saml2.js. The manipulation leads to os command injection. This vulnerability is traded as CVE-2024-42167. It is possible to launch the attack remotely. There is no exploit available.

Сервис аренды превратился в сеть конспиративных квартир.