Aggregator

本期，一位学术界创业者为我们分享其企业特色和市场心得。

2024年9月最值得关注的安全动态

Теперь пользователи смогут контролировать установку новых версий.

The RansomHub ransomware group tracked as Water Bakunawa, employs targeted spear-phishing to exploit the Zerologon vulnerability, allowing them to gain unauthorized access to networks, affecting various industries and critical infrastructure sectors, demanding ransom payments for data release.  The group’s recent integration of EDRKillShifter, a tool designed to evade detection and disrupt security processes, poses a […]

The post RansomHub Ransomware Using Multiple Techniques To Disable EDR And Antivirus appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

民宿秘密安装摄像头偷拍再次引发了广泛关注，民宿经营者偷拍不是为了满足自己的欲望，而是整个产业链的关键组成部分。一位前民宿经营者称，在 2017 年，她还经营民宿的时候，就有不少民宿同行在装修毛坯房屋时，主动在房间里安装摄像头，每个房间至少有 3-5 个摄像头，并会同步云端，进行直播。“低价高质”的房型是民宿老板们吸引客流的常用手段。一些民宿店老板通常会对房屋进行精致的装潢，并将房间价格定得极低。而学校和景区附近的情趣房、网红房、各类主题房是偷拍的重灾区。对于这些民宿老板，盈利的主要方式并非依靠房费，而是依靠售卖偷拍视频与直播收费观看。有些民宿老板通过售卖偷拍视频或直播观看权的每日收入高达五位数。这些人通常都有团队，形成成熟的产业链——民宿老板负责提供拍摄的视频以及直播资源，并由其他人在网络上进行售卖。一名前民宿从业者告诉记者，为了规避风险，这些卷入偷摄黑色产业链的民宿老板在营业一年后就会将民宿低价转让给外行，但在原民宿房间没有被查出的摄像头依旧可以继续拍摄牟利。

The original threat actor behind the Octo malware family has released a new variant, Octo2, with enhanced stability for remote action capabilities to facilitate Device Takeover attacks.  This new variant targets European countries and employs sophisticated obfuscation techniques, including the Domain Generation Algorithm (DGA), to evade detection and ensure the Trojan remains undetected. The Exobot […]

The post Octo2 Android Malware Attacking To Steal Banking Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Страны G7 призвали финансовый сектор подготовиться к рискам квантовых технологий.

Kryptina RaaS, a free and open-source RaaS platform for Linux, initially struggled to attract attention. Still, after a Mallox affiliate’s staging server was leaked in May 2024, Kryptina’s modified version, branded Mallox v1.0, gained prominence.  The research examines the data exposed in the leak, highlighting differences between the original Kryptina RaaS (v2.2) and Mallox v1.0 […]

The post New Mallox Ransomware Linux Variant Attacking Enterprise Linux Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

ESET Research has conducted a comprehensive technical analysis of Gamaredon’s toolset used to conduct its cyberespionage activities focused in Ukraine

Ведомство рекомендует пользователям создавать резервные копии данных.

Researchers observed two distinct instances where users were inadvertently led to malicious websites after conducting Google searches for video streaming services. These victims were redirected to malicious URLs that employed a deceptive tactic while attempting to access sports or movie content. The victims were presented with a prompt requesting human verification, which, upon completion, executed […]

The post Beware Of Fake Verify You Are A Human Request That Delivers Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Advanced File Manager Plugin up to 5.2.8 on WordPress and classified as problematic. This issue affects the function fma_locale. The manipulation leads to file inclusion. The identification of this vulnerability is CVE-2024-8704. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability has been found in Form Maker Plugin up to 1.15.27 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-8633. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Themedy Toolbox Plugin up to 1.0.15 on WordPress. This affects an unknown part of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-9177. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Advanced File Manager Plugin up to 5.2.8 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2024-8126. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in Advanced File Manager Plugin up to 5.2.8 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to unrestricted upload. This vulnerability is known as CVE-2024-8725. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Nippon Telegraph and Telephone East Hikari Denwa router RT-400MI, Hikari Denwa router PR-400MI, Hikari Denwa router RV-440MI, Home GateWay, Hikari Denwa router PR-500MI, RS-500MI, RT-500MI, Hikari Denwa router PR-600MI and RX-600MI. Affected is an unknown function of the component Device Setting Page. The manipulation leads to clickjacking. This vulnerability is traded as CVE-2024-47044. It is possible to launch the attack remotely. There is no exploit available.

North Korean IT workers, disguised as non-North Koreans, infiltrate various industries to generate revenue for their regime, evading sanctions and funding WMD programs by exploiting privileged access to enable cyber intrusions.  Facilitators, often non-North Koreans, assist these workers by laundering money, hosting company laptops, using stolen identities, and accessing international financial systems, which help the […]

The post Google Warns Of North Korean IT Workers Have Infiltrated The U.S. Workforce appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

用户需定期检查“记忆”功能，查看是否有不信任的内容被植入。