GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Hackers have been exploiting vulnerabilities in iOS and Google Chrome to target government websites, particularly in Mongolia. Google’s Threat Analysis Group (TAG) observed these attacks, which have been linked to the Russian government-backed actor APT29. The hackers have repeatedly used the same exploits, initially developed by commercial surveillance vendors, to breach security defenses. This article […]

The post Hackers Repeatedly Using Same iOS & Chrome Exploits to Attack Government Websites appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading cybersecurity solutions provider, has announced a definitive agreement to acquire Cyberint Technologies Ltd. This acquisition aims to bolster Check Point’s Security Operations Center (SOC) capabilities and expand its managed threat intelligence offerings. Integrating Cyberint’s advanced capabilities into the Check Point Infinity Platform will enhance collaborative threat […]

The post Check Point to Acquire Cyberint Technologies to Enhance Operations appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

The Wireshark Foundation has announced the release of Wireshark 4.4.0, marking a significant update to the popular open-source network protocol analyzer. This latest version introduces a range of new features, improvements, and bug fixes, enhancing the tool’s capabilities in network analysis. Enhanced Graphing Capabilities One of the standout features of Wireshark 4.4.0 is the comprehensive […]

The post Wireshark 4.4.0 Released – What’s New! appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability has been identified in App::cpanminus (cpanm), a widely used tool for downloading and installing Perl modules. This vulnerability, CVE-2024-45321, exposes users to potential cyber threats. It allows attackers to intercept and manipulate traffic during module installation. CVE-2024-45321 – Vulnerability Details App::cpanminus, known for its lightweight and efficient handling of Perl module installations, […]

The post Critical Vulnerability in Perl Module Installer Let Attackers Intercept Traffic appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

A new cybersecurity threat, known as Styx Stealer, has emerged. It targets users by stealing sensitive data such as saved passwords, cookies, and autofill information from popular web browsers. This malware affects Chromium and Gecko-based browsers and extends its reach to browser extensions, cryptocurrency wallets, and even messaging platforms like Telegram and Discord. According to […]

The post New Styx Stealer Attacking Users to Steal Login Passwords appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Digital wallets enable users to securely store their financial information on smart devices and perform financial transactions without any hassle. These wallets offer enhanced security compared to traditional payment methods, as these wallets encrypt payment data. Since smartphone adoption has grown significantly, digital wallets are becoming increasingly popular for their convenience. Cybersecurity analysts at Usenix […]

The post Digital Wallets Bypassed To Allow Purchase With Stolen Cards appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Researchers analyze the security of MIFARE Classic cards, focusing exclusively on card-only attacks. They uncover multiple new attack vectors by examining the CRYPTO-1 algorithm, existing vulnerabilities, and a novel countermeasure.  Through a combination of reverse engineering, cryptanalysis, and experimental analysis, they demonstrate the ability to extract card data and keys, clone cards, and ultimately compromise […]

The post Backdoor MIFARE Smart Cards Exposes User-Defined Keys On Cards appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

RipperSec, a pro-Palestinian, pro-Muslim Malaysian hacktivist group, has rapidly grown since its Telegram inception in June 2023.  Leveraging a community of over 2,000 members, they conduct cyberattacks, including data breaches, defacements, and DDoS attacks, and their primary tool is MegaMedusa, which is a publicly accessible, easily deployable DDoS tool employing 10 randomization techniques to evade […]

The post MegaMedusa, Highly Scalable Web DDoS Attack Tool Used By Hacker Groups appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Raspberry Pi has announced the launch of a new 2GB variant of the Raspberry Pi 5, priced at an affordable $50. This release makes powerful computing accessible to a wider audience, fulfilling the original Raspberry Pi dream of providing an affordable, general-purpose desktop computer. A New Era in Affordable Computing The Raspberry Pi 5, launched […]

The post 2GB variant of Raspberry Pi Launched for Just $50 appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability has been discovered in the GiveWP plugin, a popular WordPress donation and fundraising platform. This vulnerability, CVE-2024-5932, exposes over 100,000 WordPress sites to potential remote code execution (RCE) attacks. The vulnerability was responsibly disclosed by a security researcher named villu164 through the Wordfence Bug Bounty Program. CVE-2024-5932 – The Vulnerability Explained PHP […]

The post Unauthenticated RCE in WordPress Plugin Exposes 100,000 WordPress Sites appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Autodesk has disclosed a critical vulnerability in its AutoCAD software, which could allow malicious actors to execute arbitrary code. This vulnerability, CVE-2024-7305, identified in the AdDwfPdk.dll component, is triggered when a specially crafted DWF (Design Web Format) file is parsed. The flaw has been classified as an Out-of-Bounds Write, a vulnerability that can lead to […]

The post Autodesk AutoCAD Vulnerability Let Attackers Execute Arbitrary Code appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

AI SPERA, a leading Cyber Threat Intelligence (CTI) company, has announced a strategic partnership with Hackers Central, a major cybersecurity management service provider in Mexico. The announcement marks a significant step in AI SPERA’s strategy to broaden its international footprint. Hackers Central, a prominent cybersecurity management firm in Mexico, offers comprehensive security services including vulnerability […]

The post AI SPERA and Hackers Central Partner to Expand Mexico’s Security Market with ‘Criminal IP ASM’ appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

The notorious Lazarus hacker group has been identified as exploiting a zero-day vulnerability in Microsoft Windows, specifically targeting the Windows Ancillary Function Driver for WinSock (AFD.sys). This vulnerability, cataloged as CVE-2024-38193, was discovered by researchers Luigino Camastra and Milanek in early June 2024. The flaw allowed the group to gain unauthorized access to sensitive system […]

The post Lazarus Hacker Group Exploited Microsoft Windows Zero-day appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Researchers have uncovered a critical vulnerability within the Linux kernel’s dmam_free_coherent() function. This flaw, identified as CVE-2024-43856, stems from a race condition caused by the improper order of operations when freeing Direct Memory Access (DMA) allocations and managing associated resources. The vulnerability poses a significant risk, as it could allow attackers to bypass CPU protections and gain […]

The post Linux Kernal Vulnerability Let Attackers Bypass CPU & Gain Read/Write Access appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Researchers from the University of Rochester have unveiled a novel technique to defend against cache side-channel attacks, a prevalent threat in modern computing systems. The new method, named RollingCache, promises to enhance the security of shared systems by dynamically altering the cache access patterns, making it difficult for attackers to exploit cache contention. Cache Side […]

The post Researchers Found a New Technique to Defend Cache Side Channel Attacks appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Researchers uncovered a new malware campaign dubbed BeaverTail, a North Korean cyber espionage malware family primarily focusing on job seekers. Initially identified as a JavaScript-based info stealer, it has since morphed into a native macOS version that pretends to be legitimate software like the MiroTalk video call service. This malware is designed to steal confidential […]

The post BeaverTail Malware Attacking Windows Users Via Weaponized Games appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

The imminent release of Cisco HyperShield this month marks a pivotal evolution in the cybersecurity landscape. As an “AI-native” security architecture, HyperShield promises to redefine traditional security protocols through its automated proactive cybersecurity measures and AI-driven security solutions. However, the effectiveness of this sophisticated technology heavily relies on the skilled deployment by IT and Information […]

The post Why Training is Critical to Implementing Cisco HyperShield appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

APT42 is an APT group that is believed to be backed by the Iranian government, and this group primarily focuses on cyber espionage. Besides this, APT42 is also well-known for other illicit activities. Apart from cyber espionage, they also conduct phishing campaigns, and data exfiltration against a wide range of entities. However, specifically, they target […]

The post Iranian APT42 Group Launch A Massive Phishing Campaign To Attack U.S. Presidential Election appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

A ransomware group known as RansomHub has been found deploying a new tool designed to disable endpoint detection and response (EDR) systems. This tool, EDRKillShifter, represents a significant advancement in the tactics used by cybercriminals to bypass security measures and execute ransomware attacks. Although a recent attack using this tool was thwarted, the discovery underscores […]

The post Ransomware Group Added a New EDR Killer Tool to their arsenal appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers have uncovered a sophisticated malspam campaign targeting unsuspecting users through email and phone calls. Attackers are leveraging popular platforms like AnyDesk and Microsoft Teams to gain unauthorized access to victims’ computers, raising alarms about cybercriminals’ evolving tactics. The Attack Methodology The campaign begins with an email bombardment, commonly referred to as an “email […]

The post News Malspam Attacks AnyDesk and Microsoft Teams appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.