Tinyproxy Flaw Let Attackers Execute Remote Code
A security flaw has been identified in Tinyproxy, a lightweight HTTP/HTTPS proxy daemon widely used in small network environments. The vulnerability, cataloged under CVE-2023-49606, allows…
Category: GBHackers
Ex-Cybersecurity Consultant Jailed For Trading Confidential Data
Vincent Cannady, a professional who used to work as a consultant in the cybersecurity field, has been taken into custody for allegedly trying to extort…
68% of Data Breach Occurs Due to Social Engineering Attacks
In the latest edition of Verizon’s Data Breach Investigations Report (DBIR) for 2024, a concerning trend has been highlighted, a significant 68% of data breaches…
ApacheMQ Authentication Flaw – Unauthorized Perform Actions
Apache ActiveMQ is a Java based communication management tool for communicating with multiple components in a server. It is an open-source widely used messaging service…
Mal.Metrica Malware Hijacks 17,000+ WordPress Sites
Infected websites mimic legitimate human verification prompts (CAPTCHAs) to trick users, who often request seemingly innocuous clicks, resembling past CAPTCHA challenges. Clicking initiates a malicious…
Hackers Exploit Microsoft Graph API For C&C Communications
An emerging threat leverages Microsoft’s Graph API to facilitate command-and-control (C&C) communications through Microsoft cloud services. Recently, security analysts at Symantec discovered a previously undocumented…
U.S. Govt Warns of Engineering Attack from North Korean Hackers
The United States government has issued a stark warning about a new wave of social engineering attacks orchestrated by North Korean hackers. The Department of…
Threat Actors Renting Out Compromised Routers
APT actors and cybercriminals both exploit proxy anonymization layers and VPN nodes to mask their malicious activities, while Pawn Storm, a well-known APT group, infiltrated…
Cisco IP Phone Vulnerability Let Attackers Trigger DoS Attack
Cisco has disclosed multiple vulnerabilities in its IP Phone firmware that could severely impact users by allowing unauthenticated, remote attackers to perform denial of service…
New “Goldoon” Botnet Hijacking D-Link Routers to for Other Attacks
Security researchers at FortiGuard Labs discovered a new botnet in April that exploits a weakness in D-Link devices. Dubbed “Goldoon,” this botnet has been observed…
VNC Is The Hacker’s New Remote Desktop Tool For Cyber Attacks
While facilitating remote work, remote desktop software presents security challenges for IT teams due to the use of various tools and ports. The multitude of…
ArubaOS Critical Vulnerability Let Attackers Execute Remote Code
Multiple vulnerabilities have been discovered in ArubaOS that affect HPE Aruba Networking devices, including Mobility Conductor, Mobility Controllers WLAN Gateways, and SD-WAN Gateways managed by…