Category: GBHackers

Azure Data Factory And Apache Airflow Integration Flaws Let Attackers Gain Write Access
18
Dec
2024

Azure Data Factory And Apache Airflow Integration Flaws Let Attackers Gain Write Access

Researchers have uncovered vulnerabilities in Microsoft Azure Data Factory’s integration with Apache Airflow, which could potentially allow attackers to gain…

RiseLoader Attack Windows By Employed A VMProtect To Drop Multiple Malware Families
18
Dec
2024

RiseLoader Attack Windows By Employed A VMProtect To Drop Multiple Malware Families

RiseLoader, a new malware family discovered in October 2024, leverages a custom TCP-based binary protocol similar to RisePro for downloading…

New VIPKeyLogger Via Weaponized Office Documenrs Steals Login Credentials
18
Dec
2024

New VIPKeyLogger Via Weaponized Office Documenrs Steals Login Credentials

The VIPKeyLogger infostealer, exhibiting similarities to the Snake Keylogger, is actively circulating through phishing campaigns.  Delivered as attachments disguised as…

INTERPOL Urges to End 'Pig Butchering' & Replaces With "Romance Baiting"
18
Dec
2024

INTERPOL Urges to End ‘Pig Butchering’ & Replaces With “Romance Baiting”

INTERPOL has called for the term “romance baiting” to replace “pig butchering,” a phrase widely used to describe a manipulative…

New I2PRAT Malware Using encrypted peer-to-peer communication to Evade Detections
18
Dec
2024

New I2PRAT Malware Using encrypted peer-to-peer communication to Evade Detections

Cybersecurity experts are sounding the alarm over a new strain of malware dubbed “I2PRAT,” which leverages encrypted peer-to-peer (P2P) communication…

A legendary Threat Group Targets Windows By Deploy Microphone Recorder And Steal Files
18
Dec
2024

A legendary Threat Group Targets Windows By Deploy Microphone Recorder And Steal Files

Recent research has linked a series of cyberattacks to The Mask group, as one notable attack targeted a Latin American…

Earth Koshchei Employs RDP Relay, Rogue RDP server in Server Attacks
18
Dec
2024

Earth Koshchei Employs RDP Relay, Rogue RDP server in Server Attacks

 A new cyber campaign by the advanced persistent threat (APT) group Earth Koshchei has brought rogue Remote Desktop Protocol (RDP)…

1-Click RCE Attack In Kerio Control UTM Allow Attackers Gain Firewall Root Access Remotely
18
Dec
2024

1-Click RCE Attack In Kerio Control UTM Allow Attackers Gain Firewall Root Access Remotely

GFI Software’s Kerio Control, a popular UTM solution, was found to be vulnerable to multiple HTTP Response Splitting vulnerabilities, which…

Spring Framework Path Traversal Vulnerability (CVE-2024-38819) PoC Exploit Released
18
Dec
2024

Spring Framework Path Traversal Vulnerability (CVE-2024-38819) PoC Exploit Released

A Proof of Concept (PoC) exploit for the critical path traversal vulnerability identified as CVE-2024-38819 in the Spring Framework has…

Multiple SHARP Routers Vulnerabilities Let Attackers Execute Arbitrary Code
18
Dec
2024

Multiple SHARP Routers Vulnerabilities Let Attackers Execute Arbitrary Code

Multiple vulnerabilities have been identified in SHARP routers, potentially allowing attackers to execute arbitrary code with root privileges or compromise…

Hackers Attacking Linux SSH Servers DDoS bot cShell Using screen & hping3 Tools
18
Dec
2024

Hackers Attacking Linux SSH Servers DDoS bot cShell Using screen & hping3 Tools

The AhnLab Security Intelligence Center (ASEC) has detected a new strain of malware targeting poorly protected Linux SSH servers. This…

CISA Releases Secure Practices for Microsoft 365 Cloud Services
18
Dec
2024

CISA Releases Secure Practices for Microsoft 365 Cloud Services

The Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01: Implementing Secure Practices for Cloud Services,…