Tor Network Suffers IP Spoofing Attack Via Non-Exit Relays
In late October 2024, a coordinated IP spoofing attack targeted the Tor network, prompting abuse complaints and temporary disruptions. While the attack affected non-exit relays…
Category: GBHackers
Metasploit Framework Released with New Features
The Metasploit Framework, a widely used open-source penetration testing tool maintained by Rapid7, has introduced an exciting new release packed with cutting-edge features. The latest…
CISA Warns of Critical Palo Alto Networks Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns organizations of a critical vulnerability in Palo Alto Networks’ Expedition tool, which could lead to severe…
Cisco Desk Phone Series Vulnerability Let Remote Attacker Access sensitive information
A significant vulnerability (CVE-2024-20445) has been discovered in Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 that could…
Cisco Flaw Let Attackers Run Command as Root User
A critical vulnerability has been discovered in Cisco Unified Industrial Wireless Software, which affects Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points. This flaw tracked as…
HookBot Malware Use Overlay Attacks Impersonate As Popular Brands To Steal Data
The HookBot malware family employs overlay attacks to trick users into revealing sensitive information by impersonating various brands and apps to gain trust. It also…
CRON#TRAP Campaign Attacks Windows Machine With Weaponized Linux Virtual Machine
Weaponized Linux virtual machines are used for offensive cybersecurity purposes, such as “penetration testing” or “exploiting vulnerabilities.” These setups often use the tools and frameworks…
North Korean Hackers Employing New Tactic To Acruire Remote Jobs
North Korean threat actors behind the Contagious Interview and WageMole campaigns have refined their tactics, enhancing the obfuscation of their scripts to evade detection. InvisibleFerret…
Rise Of Ransomware-As-A-Service Leads To Decline Of Custom Tools
Ransomware-as-a-Service (RaaS) platforms have revolutionized the ransomware market. Unlike traditional standalone ransomware sales, RaaS offers a subscription-based model where attackers can access pre-built ransomware tools…
Researchers Detailed Credential Abuse Cycle
The United States Department of Justice has unsealed an indictment against Anonymous Sudan, a hacking group responsible for distributed denial-of-service attacks. LameDuck, a new threat…
ToxicPanda Banking Malware Attacking Banking Users To Steal Logins
Recent research has uncovered a new strain of malware developed for Android devices, initially misidentified as TgToxic. Despite sharing some bot command similarities, this malware,…
Azure API Management vulnerabilities Let Attackers Escalate Privileges
Recent discoveries by Binary Security have revealed critical vulnerabilities in Azure API Management (APIM) that could allow attackers with minimal privileges to escalate their access and take…