NIST Finalizes 3 Algorithms to Combat Future Quantum Cyber Threats
The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has taken a step in safeguarding digital security against future quantum threats. By…
Category: GBHackers
Critical Vulnerabilities in IBM QRadar- Execute Arbitrary Code
IBM recently disclosed critical vulnerabilities affecting its QRadar Suite Software and IBM Cloud Pak for Security. These vulnerabilities, if exploited, could allow attackers to execute…
Face Check With Microsoft Entra Verified ID Is Now Generally Available, Microsoft
Microsoft announced that Face Check with Microsoft Entra Verified ID is now generally accessible. It is available standalone and as part of the Microsoft Entra…
Earth Baku Using Customized Tools To Maintain Persistence And Steal Data
Earth Baku, an APT actor who initially focused on the Indo-Pacific region, has grown its activities extensively since late 2022. The group has increased its…
Iranian APT42 Actors Conducting World Wide Surveillance Operations
APT42 (aka Damselfly, UNC788, CALANQUE, Charming Kitten) is a sophisticated Iranian state-sponsored cyber espionage group. This Advanced Persistent Threat (APT) group is known for its…
A New Exploit That Is Bypassing LSASS Protection
In July 2022, Microsoft patched a well-known PPL bypass flaw, initially discovered by Ionescu and Forshaw. This allowed protection circumvention without kernel code execution, and…
Hackers Exploited by GraphQL Vulnerabilities to Compromise Organizations
Cyberattacks have highlighted vulnerabilities in GraphQL APIs, leading to significant security breaches in various organizations. GraphQL, a query language for APIs, allows clients to request…
Hackers Toolkit Unveiled, Comprehensive Tools For Various Cyber Attacks
Hackers always keep updating their tools and add new ones to adapt to evolving security measures, bypass defenses, and exploit newly discovered vulnerabilities. Staying ahead…
0-Click Outlook RCE Vulnerability Triggered When Email is Clicked
NetSPI discovered that Microsoft Outlook is vulnerable to authenticated remote code execution (CVE-2024-21378) due to improper validation of synchronized form objects. By manipulating a configuration…
Dark Web Marketplace Admins Busted Following Luxury Life
Two men living a life of luxury in Florida have been charged with cyber fraud after authorities became suspicious of their extravagant spending habits. Russian…
Clickbait PDFs, An Entry point For Multiple Web Based Attacks
Researchers studied the infrastructure behind clickbait PDF attacks by analyzing a large dataset of real-world PDFs to identify clickbait ones and their linked infrastructure and…
Zoom Fixes Critical Vulnerabilities Allowing Privilege Escalation
Zoom Video Communications has recently disclosed several critical vulnerabilities affecting its Workplace Apps, SDKs, and Rooms Clients. These vulnerabilities, identified in multiple security bulletins, pose…