Category: GBHackers

DrayTek Devices Vulnerability Let Attackers Arbitrary Commands Remotely
01
Jan
2025

DrayTek Devices Vulnerability Let Attackers Arbitrary Commands Remotely

The DrayTek Gateway devices, more specifically the Vigor2960 and Vigor300B models, are susceptible to a critical command injection vulnerability.  Exploitable…

Microsoft Warns of Windows 11 24H2 Issue that Blocks Windows Security Updates
31
Dec
2024

Microsoft Warns of Windows 11 24H2 Issue that Blocks Windows Security Updates

Microsoft has issued a warning about a significant issue impacting devices running Windows 11, version 24H2, that could block essential…

PoC Exploited Released for Oracle Weblogic Server Vulnerability
31
Dec
2024

PoC Exploited Released for Oracle Weblogic Server Vulnerability

Security researchers have warned that a Proof-of-Concept (PoC) exploit has been publicly released for a critical vulnerability affecting Oracle WebLogic…

7-Zip 0-Day Exploit Leaked Online Allows Attackers Control Victim Devices Remotely
31
Dec
2024

7-Zip 0-Day Exploit Leaked Online Allows Attackers Control Victim Devices Remotely

A previously unknown zero-day vulnerability in the popular file compression tool 7-Zip has been publicly disclosed by an anonymous user…

SquareX Researchers Uncover OAuth Vulnerability in Chrome Extensions Days Before Major Breach
31
Dec
2024

SquareX Researchers Uncover OAuth Vulnerability in Chrome Extensions Days Before Major Breach

SquareX, an industry-first Browser Detection and Response (BDR) solution, leads the way in browser security. About a week ago, SquareX reported…

CISA Warns of Palo Alto Networks PAN-OS Vulnerability Exploited in Wild
31
Dec
2024

CISA Warns of Palo Alto Networks PAN-OS Vulnerability Exploited in Wild

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert on a critical vulnerability in Palo Alto…

NFS Protocol Security Bypassed To Access Files From Remote Server
31
Dec
2024

NFS Protocol Security Bypassed To Access Files From Remote Server

The NFS protocol offers authentication methods like AUTH_SYS, which relies on untrusted user IDs, and Kerberos, providing cryptographic verification.  While…

Hackers Weaponize Websites With LNK File To Deliver Weaponized LZH File
31
Dec
2024

Hackers Weaponize Websites With LNK File To Deliver Weaponized LZH File

The watering hole attack leverages a compromised website to deliver malware. When a user visits the infected site, their system…

US Treasury Department Breach, Hackers Accessed Workstations
31
Dec
2024

US Treasury Department Breach, Hackers Accessed Workstations

The Biden administration confirmed that a Chinese state-sponsored hacking group breached the U.S. Treasury Department, gaining unauthorized access to employee…

New Botnet Exploiting D-Link Routers To Gain Control Remotely
31
Dec
2024

New Botnet Exploiting D-Link Routers To Gain Control Remotely

Researchers observed a recent surge in activity from the “FICORA” and “CAPSAICIN,” both variants of Mirai and Kaiten, respectively, which…

TrueNAS CORE Vulnerability Let Attackers Execute Remote Code
31
Dec
2024

TrueNAS CORE Vulnerability Let Attackers Execute Remote Code

Security researchers Daan Keuper, Thijs Alkemade, and Khaled Nassar from Computest Sector 7 disclosed a critical vulnerability in TrueNAS CORE,…

Palo Alto Networks Vulnerability Puts Firewalls at Risk of DoS Attacks
27
Dec
2024

Palo Alto Networks Vulnerability Puts Firewalls at Risk of DoS Attacks

A critical vulnerability, CVE-2024-3393, has been identified in the DNS Security feature of Palo Alto Networks’ PAN-OS software. This flaw…