BIND DNS system Flaws Let Attacker Launch DoS Attacks
In a recent disclosure, BIND 9, a widely-used DNS (Domain Name System) server software, has been found vulnerable to two critical security flaws, labeled CVE-2023-4236…
Category: GBHackers
OilRig C#/.NET Backdoor to Attack Wide Range of Industries
OilRig (APT34) is an Iranian cyberespionage group active since 2014, targeting Middle Eastern governments and various industries like:- Chemical Energy Finance Telecom OilRig launched DNSpionage…
Cryptojacking Campaign Infected Online Thesaurus
Students, authors, and anybody else wishing to improve their vocabulary and language abilities frequently utilize Thesaurus, one of the well-known platforms with 5 million monthly…
Gold Melody Group Attacking Organizations
The financially motivated GOLD MELODY threat group has been active at least since 2017, attacking organizations by taking advantage of flaws in unpatched internet-facing servers.…
MOVEit Transfer SQL Injection Let the Attacker Gain Unauthorized Access
MOVEit transfer service pack has been discovered with three vulnerabilities associated with SQL injections (2) and a Reflected Cross-Site Scripted (XSS). The severity for these…
LUCR-3 Attacking Fortune 2000 Companies Using Victims’ Own Tools
A new financially motivated threat group named “LUCR-3” has been discovered targeting organizations to steal intellectual property for extortion. This threat actor surpasses Scatter Spider,…
Is QakBot Malware Officially Dead?
Only a few malware families can claim to have persisted for nearly twenty years, and QakBot (also referred to as QBot) stands among them as…
System Admin Pleads Guilty for Selling Pirated Business Phone
For taking part in a large international scheme to earn millions of dollars by selling pirated business telephone system software licenses, a computer system admin and…
Trend Micro Zero-day Vulnerability Let Attackers Run Arbitrary Code
If you use Trend Micro Apex One, you should know that the third-party Antivirus uninstaller feature may have a security hole. This flaw could make…
T-Mobile App Glitch Exposes Other User’s Sensitive Data
The mobile application of T-Mobile has recently been a cause of concern among its customers due to issues concerning privacy. Users have reported accessing sensitive…
Bumblebee Abuses WebDAV Protocol to Attack Organizations
In recent cybersecurity news, the notorious Bumblebee loader has made a resurgence in a new campaign, posing a significant threat to organizations’ digital security. This…
Nagios Monitoring Tool Vulnerabilities Let Attackers SQL Queries
Nagios XI is a prominent and frequently used commercial monitoring system for IT infrastructure and network monitoring. Vulnerability Research Engineer Astrid Tedenbrant found four distinct…