GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Researchers reported a phishing attack on December 4th, 2024, where malicious emails purportedly from the Ukrainian Union of Industrialists and Entrepreneurs were distributed, inviting recipients to a NATO standardization conference.  The emails aimed to compromise systems by delivering malware, and CERT-UA warns users to be cautious of unsolicited emails, especially those with attachments or links […]

The post Hackers Deploy Weaponized LNK Files for Malicious Payload Delivery appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has confirmed an advanced cyber attack against organizations in Japan, believed to have been conducted by the cyber espionage group APT-C-60. The attackers used phishing techniques, masquerading as a job applicant to infiltrate the victim’s system and deploy advanced malware. Details of the Attack: Initial Penetration […]

The post APT-C-60 Hackers Penetrate Org’s Network Using a Weapanized Google Drive link appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical security vulnerability (CVE-2024-49115) in Windows Remote Desktop Services (RDS) has been disclosed, potentially allowing hackers to execute arbitrary remote code via the network. The flaw, assigned the highest severity classification, was officially confirmed by Microsoft on December 10, 2024, and underscores the constant need for vigilance in securing remote desktop environments. Details of […]

The post Windows RDP Service Flaw let Hackers Execute Remote Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

 Ivanti has issued critical software updates to address several severe vulnerabilities in its Cloud Services Application (CSA). These vulnerabilities tracked as CVE-2024-11639, CVE-2024-11772, and CVE-2024-11773, affect CSA versions 5.0.2 and earlier. Without mitigation, these flaws could allow malicious attackers to bypass authentication, execute remote code, and manipulate databases, posing significant risks to organizations relying on […]

The post Ivanti CSA Vulnerabilities Let Attackers Gain Admin Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Google has released a new update on the Stable channel for its Chrome browser, addressing a series of security vulnerabilities. The update has been rolled out as version 131.0.6778.139/.140 for Windows and Mac, and 131.0.6778.139 for Linux. Users can expect the patch to become available over the coming days and weeks. A comprehensive list of changes in this build […]

The post Chrome Security Update, Patch For Multiple Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical security vulnerability, tracked as CVE-2024-11205, was recently discovered in the popular WordPress plugin, WPForms, which boasts over 6 million active installations globally. This flaw, identified by researcher villu164 through the Wordfence Bug Bounty Program, allows authenticated users with at least subscriber-level permissions to issue unauthorized refunds for Stripe payments and cancel Stripe subscriptions. The vulnerability, categorized […]

The post WPForms Vulnerability Let Users Issues Subscription Payments appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In its final Patch Tuesday of 2024, Microsoft has released a significant security update addressing a total of 71 vulnerabilities, including 16 critical vulnerabilities and 1 zero-day. This December update marks a crucial milestone in Microsoft’s ongoing efforts to enhance the security of its products and protect users from potential cyber threats. Critical Zero-Day Vulnerability […]

The post Microsoft Patch Tuesday December 2024, 71 Vulnerabilities Fixed Including 1 Zero-day appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Attackers are distributing a malicious .NET-based HPDxLIB activator disguised as a new version, which is signed with a self-signed certificate, and targets entrepreneurs automating business processes and aims to compromise their systems. They are distributing malicious activators on forums targeting business owners and accountants, deceptively promoting them as legitimate license bypass tools with update functionality […]

The post RedLine Malware Weaponizing Pirated Corporate Softwares To Steal Logins appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In an attack campaign dubbed “Operation Digital Eye,” a suspected China-nexus threat actor has been observed targeting business-to-business IT service providers in Southern Europe.  The attack operation lasted roughly three weeks, from late June to mid-July 2024. The intrusions could have allowed the attackers to gain a strategic foothold and compromise downstream entities.  In particular, […]

The post Visual Studio Tunnels Abused For Stealthy Remote Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SAP has issued Security Note 3536965 to address multiple high-severity vulnerabilities in the Adobe Document Services of SAP NetWeaver AS for JAVA. These vulnerabilities, identified as CVE-2024-47578, CVE-2024-47579, and CVE-2024-47580, allow attackers to manipulate or upload malicious PDF files, potentially compromising internal systems and exposing sensitive data. Details of the Vulnerabilities CVE-2024-47578: Server-Side Request Forgery (SSRF) This flaw allows attackers with administrative privileges to send specially crafted […]

The post Critical SAP Vulnerabilities Let Attackers Upload Malicious PDF Files appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Dell Technologies has issued a security advisory, DSA-2024-439, to alert users of a critical vulnerability in its Dell Power Manager software. The vulnerability, identified as CVE-2024-49600, could allow malicious attackers to execute arbitrary code and gain elevated privileges on the affected systems. Users are urged to update immediately to mitigate potential risks. The vulnerability has been […]

The post Dell Warns of Critical Code Execution Vulnerability in Power Manager appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers have unveiled an advanced technique to uncover hackers’ operational infrastructure using passive DNS data. This groundbreaking method sheds light on how attackers establish and maintain their networks to perpetrate malicious activities while remaining resilient to detection. By leveraging passive DNS analysis, experts have made significant strides in identifying threats before they wreak havoc, […]

The post Researchers Uncovered Hackers Infrastructre Using Passive DNS Technique appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Let’s Encrypt has officially announced its timeline to phase out support for the Online Certificate Status Protocol (OCSP). The nonprofit Certificate Authority (CA) plans to fully transition to Certificate Revocation Lists (CRLs) by mid-2025, citing privacy concerns and efficiency gains as primary reasons for the change. Phased Timeline for Transition Let’s Encrypt rolled out a […]

The post Let’s Encrypt to End Support for Online Certificate Status Protocol (OCSP) appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybercriminals online take advantage of well-known events to register malicious domains with keywords related to the event, with the intention of tricking users through phishing and other fraudulent schemes.  The analysis examines event-related abuse trends across domain registrations, DNS and URL traffic, active domains, verdict change requests, and domain textual patterns, with specific examples from […]

The post Hackers Attacking Global Sporting Championships Via Fake Domains To Steal Logins appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated crypto-stealing malware, Realst, has been targeting Web3 professionals, as the threat actors behind this campaign have employed AI-generated content to create fake companies, such as “Meetio,” to appear legitimate.  By tricking victims into participating in video calls, cybercriminals can convince them to download a malicious meeting application from a compromised website.  Once installed, […]

The post New Meeten Malware Attacking macOS And Windows Users To Steal Logins appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Apache ActiveMQ server is vulnerable to remote code execution (CVE-2023-46604), where attackers can exploit this vulnerability by manipulating serialized class types in the OpenWire protocol to load malicious class configurations from external sources.  Successful exploitation allows attackers to execute arbitrary code on the vulnerable server, leading to potential system compromise, which has been actively […]

The post Mauri Ransomware Leverages Apache ActiveMQ Vulnerability to Deploy CoinMiners appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Researchers analyzed a malicious Android sample created using Spynote RAT, targeting high-value assets in Southern Asia, which, likely deployed by an unknown threat actor, aims to compromise sensitive information.  Although the target’s precise location and nature have not been disclosed, its high-value nature suggests that advanced persistent threat (APT) groups may be interested in it.  […]

The post Hackers Target Android Users via WhatsApp to Steal Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

An international cybercrime network responsible for stealing millions of euros across at least ten European countries has been dismantled in a joint operation by the Rotterdam Police Cybercrime Team and the Belgian police. The sophisticated criminal group employed phishing schemes and bank helpdesk fraud to exploit vulnerable victims, with call centers set up in luxury […]

The post Authorities Dismantled Hackers Who Stolen Millions Using AirBnB appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Gamaredon, a persistent threat actor since 2013, targets the government, defense, diplomacy, and media sectors of their victims, primarily through cyberattacks, to gain sensitive information and disrupt operations. It continues to employ sophisticated tactics, leveraging malicious LNK and XHTML files alongside intricate phishing schemes to carry out cyberattacks. Phishing emails with four distinct attack payloads […]

The post APT-C-53 Weaponizing LNK Files To Deploy Malware Into Target Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Kurita America Inc. (KAI), the North American subsidiary of Tokyo-based Kurita Water Industries Ltd., has confirmed it was the victim of a ransomware attack that compromised multiple servers and potentially leaked sensitive data. The attack was detected on Friday, November 29, 2024, and has raised concerns worldwide among customers and business partners. Incident Overview KAI’s security […]

The post U.S. Subsidiary of a Japanese water Treatment Company Hit By Ransomware Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.