Beware Of Weaponized Excel Document That Delivers Fileless Remcos RAT
A recent advanced malware campaign leverages a phishing attack to deliver a seemingly benign Excel file that exploits CVE-2017-0199. By exploiting this vulnerability in Microsoft…
Category: GBHackers
Hackers Exploiting Apache OFBiz RCE Vulnerability in the Wild
A critical vulnerability in the Apache OFBiz framework has been actively exploited by hackers. The flaw designated CVE-2024-45195, allows for unauthenticated remote code execution (RCE),…
Docker Desktop Vulnerabilities Let Attackers Execute Remote Code
Docker has addressed critical vulnerabilities in Docker Desktop that could allow attackers to execute remote code. These vulnerabilities, identified as CVE-2024-8695 and CVE-2024-8696, highlight the…
Fortinet Confirms Data Breach Following Hacker’s Claim of 440GB Data Theft
Fortinet, a leading cybersecurity firm, has confirmed a data breach involving a third-party cloud service after a hacker, known by the alias “Fortibitch,” claimed to…
SquareX, Awarded Rising Star Category in CybersecAsia Readers’ Choice Awards 2024 – GBHackers Security
SquareX has been named a winner of the prestigious Rising Star category in CybersecAsia Readers’ Choice Awards 2024 Awards, due to its outstanding achievements in…
Threat Actors Using New Malware Toolkit That Involves IIS Backdoor, DNS Tunneling
The Iranian threat actor APT34, also known as GreenBug, has recently launched a new campaign targeting Iraqi government entities by employing a custom toolset, including…
Mastercard to Acquire Recorded Future for $2.65 Billion
In a strategic move to bolster its cybersecurity capabilities, Mastercard has announced an agreement to acquire Recorded Future, a leading global threat intelligence company, for…
Critical Vulnerabilities in JPEG 2000 Library Let Attackers Execute Remote Code
Exploiting memory corruption vulnerabilities in server-side software often requires knowledge of the binary and environment, which limits the attack surface, especially for unknown binaries and…
Hackers Exploiting Progress WhatsUp RCE Vulnerability In The Wild
RCE attacks on WhatsUp Gold exploited the Active Monitor PowerShell Script to execute malicious code, as the vulnerabilities CVE-2024-6670 and CVE-2024-6671, patched on August 16,…
CosmicBeetle Exploiting Old Vulnerabilities To Attacks SMBs All Over The World
CosmicBeetle, a threat actor specializing in ransomware, has recently replaced its old ransomware, Scarab, with ScRansom, a custom-built ransomware that continues to evolve. The threat…
New Loki Backdoor Attacking macOS Systems
Cody Thomas developed Apfell, an open-source macOS post-exploitation framework, in 2018 and evolved into Mythic, a cross-platform framework that addresses the limitations of existing tools. …
Hackers Mimic Google, Microsoft & Amazon Domains for Phishing Attacks
Phishing remains a significant concern for both individuals and organizations. Recent findings from ThreatLabz have highlighted the alarming prevalence of phishing attacks targeting major brands,…