Fortigate SSLVPN Vulnerability exploited-in-the-wild
A critical vulnerability in Fortinet’s FortiGate SSLVPN appliances, CVE-2024-23113, has been actively exploited in the wild. This format string flaw vulnerability has raised significant concerns…
Category: GBHackers
Splunk Enterprise Vulnerabilities let Attackers Execute Remote Code
Splunk has disclosed multiple vulnerabilities affecting its Enterprise product, which could allow attackers to execute remote code. These vulnerabilities, primarily affecting Windows installations, highlight the…
CoreWarrior Malware Attacking Windows Machines From Dozens Of IP Address
Researchers recently analyzed a CoreWarrior malware sample, which spreads aggressively by creating numerous copies and connecting to various IP addresses. It establishes multiple backdoor connections…
OilRig Hackers Exploiting Microsoft Exchange Server To Steal Login Details
Earth Simnavaz, an Iranian state-sponsored cyber espionage group, has recently intensified its attacks on critical infrastructure in the UAE and wider Gulf region. The group…
TrickMo Malware Attacking Android Devices To Steal Unlock Patterns And PINs
The recent discovery of the TrickMo Banking Trojan variant by Cleafy has prompted further investigation, where researchers have identified 40 variants, 16 droppers, and 22…
Beware of Fake AI Scam Calls that Takeover Your Gmail Account
Scammers use sophisticated AI technology to impersonate tech giants like Google, aiming to take over unsuspecting users’ Gmail accounts. A recent incident highlights these fraudsters’…
pac4j Java Framework Vulnerable to RCE Attacks
A critical security vulnerability has been discovered in the popular Java framework pac4j. The vulnerability specifically affects versions before 4.0 of the pac4j-core module. This…
Zendesk Email Spoofing Flaw Let Attackers Access Support Tickets
A security vulnerability in Zendesk, a widely used customer service tool, has been uncovered. This flaw allowed attackers to access support tickets from any company…
18 Individuals Charged for Widespread Manipulation Cryptocurrency Markets
18 individuals and entities have been charged with widespread fraud and manipulation within the cryptocurrency markets. The charges, unsealed in Boston, target leaders of four…
Threat Actor ProKYC Selling Tools To Bypass Two-Factor Authentication
Threat actors are leveraging a newly discovered deepfake tool, ProKYC, to bypass two-factor authentication on cryptocurrency exchanges, which is designed specifically for NAF (New Account…
SpyCloud Embeds Identity Analytics in Cybercrime Investigations Solution to Accelerate Insider and Supply Chain Risk Analysis & Threat Actor Attribution
IDLink, SpyCloud’s new automated digital identity correlation capability, is now core to its industry-leading Investigations solution used by CTI teams, security operations, fraud and risk…
Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks
A critical use-after-free vulnerability affecting Firefox and Firefox Extended Support Release (ESR) is being actively exploited in cyberattacks. With a CVSS base score of 9.8,…