Category: GBHackers

APT-C-60 Hackers Penetrate Org's Network Using a Weapanized Google Drive link
11
Dec
2024

APT-C-60 Hackers Penetrate Org’s Network Using a Weapanized Google Drive link

The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has confirmed an advanced cyber attack against organizations in Japan, believed…

Windows RDP Service Flaw let Hackers Execute Remote Code
11
Dec
2024

Windows RDP Service Flaw let Hackers Execute Remote Code

A critical security vulnerability (CVE-2024-49115) in Windows Remote Desktop Services (RDS) has been disclosed, potentially allowing hackers to execute arbitrary…

Ivanti CSA Vulnerabilities Let Attackers Gain Admin Access
11
Dec
2024

Ivanti CSA Vulnerabilities Let Attackers Gain Admin Access

 Ivanti has issued critical software updates to address several severe vulnerabilities in its Cloud Services Application (CSA). These vulnerabilities tracked…

Chrome Security Update, Patch For Multiple Vulnerabilities
11
Dec
2024

Chrome Security Update, Patch For Multiple Vulnerabilities

72 Hours to Audit-Ready API Security APIs present a unique challenge in this landscape, as risk assessment and mitigation are…

WPForms Vulnerability Let Users Issues Subscription Payments
11
Dec
2024

WPForms Vulnerability Let Users Issues Subscription Payments

A critical security vulnerability, tracked as CVE-2024-11205, was recently discovered in the popular WordPress plugin, WPForms, which boasts over 6 million…

Microsoft Patch Tuesday, December 2024, Patch for 16 Critical Security Flaws
10
Dec
2024

Microsoft Patch Tuesday, December 2024, Patch for 16 Critical Security Flaws

In its final Patch Tuesday of 2024, Microsoft has released a significant security update addressing a total of 71 vulnerabilities,…

Visual Studio Tunnels Abused For Stealthy Remote Access
10
Dec
2024

Visual Studio Tunnels Abused For Stealthy Remote Access

In an attack campaign dubbed “Operation Digital Eye,” a suspected China-nexus threat actor has been observed targeting business-to-business IT service…

RedLine Malware Weaponizing Pirated Corporate Softwares To Steal Logins
10
Dec
2024

RedLine Malware Weaponizing Pirated Corporate Softwares To Steal Logins

Attackers are distributing a malicious .NET-based HPDxLIB activator disguised as a new version, which is signed with a self-signed certificate,…

Black Basta Ransomware Leverages Microsoft Teams To Deliver Malicious Payloads
10
Dec
2024

Black Basta Ransomware Leverages Microsoft Teams To Deliver Malicious Payloads

In a resurgence since May 2024, the Black Basta ransomware campaign has exhibited a troubling escalation in its attack methods,…

Critical SAP Vulnerabilities Let Attackers Upload Malicious PDF Files
10
Dec
2024

Critical SAP Vulnerabilities Let Attackers Upload Malicious PDF Files

SAP has issued Security Note 3536965 to address multiple high-severity vulnerabilities in the Adobe Document Services of SAP NetWeaver AS for JAVA. These vulnerabilities, identified…

Hackers Target Android Users via WhatsApp to Steal Sensitive Data
10
Dec
2024

Hackers Target Android Users via WhatsApp to Steal Sensitive Data

Researchers analyzed a malicious Android sample created using Spynote RAT, targeting high-value assets in Southern Asia, which, likely deployed by…

Dell Warns of Critical Code Execution Vulnerability in Power Manager
10
Dec
2024

Dell Warns of Critical Code Execution Vulnerability in Power Manager

Dell Technologies has issued a security advisory, DSA-2024-439, to alert users of a critical vulnerability in its Dell Power Manager…