NTT Docomo Hit by DDoS Attack, Services Disrupted for 11 Hours
NTT Docomo, one of Japan’s leading telecommunications and IT service providers, experienced a massive disruption on January 2, 2025, after a Distributed Denial of Service…
Category: GBHackers
Apple Agrees to $95M Settlement Over Siri Privacy Lawsuit
Apple Inc. has agreed to pay $95 million to settle a proposed class-action lawsuit alleging that its Siri voice assistant infringed on users’ privacy by…
iTerm2 Emulator Vulnerability Let Attackers Access Sensitive User Data
A critical vulnerability discovered in the popular macOS terminal emulator iTerm2 has raised concerns among cybersecurity experts and software users. The flaw, which could allow…
Researchers Uncover Phishing-As-A-Service Domains Associated With Tycoon 2FA
The Tycoon 2FA platform is a Phishing-as-a-Service (PhaaS) tool that enables cybercriminals to easily launch sophisticated phishing attacks targeting two-factor authentication (2FA). It provides a…
New PLAYFULGHOST Malware Hacking Devices To Remotely Capture Audio Recordings
PLAYFULGHOST, a Gh0st RAT variant, leverages distinct traffic patterns and encryption, which spread via phishing emails and SEO poisoning of bundled applications, enabling keylogging, screen…
PoC Exploit Released For Critical Windows LDAP RCE Vulnerability
The CVE-2024-49112 vulnerability in Windows LDAP allows remote code execution on unpatched Domain Controllers, as a zero-click exploit leverages this by crafting malicious LDAP requests,…
Windows 11 BitLocker Encryption Bypassed to Extract Full Volume Encryption Keys
A cybersecurity researcher has demonstrated a method to bypass BitLocker encryption on Windows 11 (version 24H2) by extracting full volume encryption keys (FVEK) from memory.…
Trend Micro Apex One Vulnerabilities Let Escalate Privilege
72 Hours to Audit-Ready API Security APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API…
Browser Extension to Detect HTML Smuggling Attacks
SmuggleShield, a recently launched browser extension, is gaining attention in the cybersecurity space for its innovative approach to mitigating HTML smuggling attacks. With its stable…
EC2 Grouper Hackers Using AWS Tools To Exploit Compromised Credentials
Cloud security researchers have uncovered alarming trends in identity compromises within Amazon Web Services (AWS) environments. Among the most prolific threat actors is a group…
US Army soldier Arrested for Allegedly Selling Customer Call Records From AT&T & Verizon
A 20-year-old U.S. Army soldier, Cameron John Wagenius, has been arrested and indicted by federal authorities for allegedly selling confidential customer call records stolen from…
D-Link Warns of Botnets Exploiting End-of-Life Routers
D-Link warned users of several legacy router models about known vulnerabilities actively exploited by botnets. These devices, which have reached End-of-Life (EOL) and End-of-Service (EOS),…