Aggregator

Страх репутационных потерь превращает школы в соучастников киберпреступлений.

网络安全研究人员近日发现了一起针对Go生态系统的软件供应链攻击，攻击者通过一个恶意包，能够在受感染的系统中实现远程访问。

Вебинар состоится 6 февраля в 14:00.

Amazon Web Services (AWS) has announced significant updates to its popular data warehousing service, Amazon Redshift, with the introduction of enhanced security features aimed at minimizing data leaks and unauthorized access. These new default settings strengthen the security posture of newly created Redshift clusters and align with industry best practices for safeguarding sensitive data. The […]

The post Amazon Introduces Redshift Security Features to Prevent Data Leaks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Шпионский скандал с детищем NSO Group набирает новые обороты.

Texas Governor Greg Abbott announced a Cyber Command, designed to combat surging attacks on the state by nation-states and cybercriminals

Japanese electronics maker Casio has had its UK website injected with a web skimmer that collected buyers’ personal and payment card information, Jscrambler has discovered. The company says that the same skimmer has been added to at least seventeen (and possibly more) websites, but refrained from disclosing the names. “All the victims were loading a skimmer script from the same hosting provider in Russia. It was also observed that even though the skimming domains could … More →

The post Casio UK site compromised, equipped with web skimmer appeared first on Help Net Security.

Apple, one of the most trusted technology brands in the world, recently faced a critical security exposure in its service ticket portal. The vulnerability, discovered by a tech enthusiast while submitting a repair request uncovered severe flaws in Apple’s system that could have resulted in a massive breach of customer data. The Vulnerability Explained This […]

The post Apple Service Ticket Portal Vulnerability Leaks Sensitive Information appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Decentralized identity (DCI) is emerging as a solution to the significant challenges in verifying identities, managing credentials and ensuring data privacy.

The post Decentralized Identity: Revolutionizing Identity Verification in The Digital World appeared first on Security Boulevard.

As cloud security evolves in 2025 and beyond, organizations must adapt to both new and evolving realities, including the increasing reliance on cloud infrastructure for AI-driven workflows and the vast quantities of data being migrated to the cloud. But there are other developments that could impact your organizations and drive the need for an even more robust security strategy. Let’s take a

Нигерийский аферист, таиландские счета и украденные миллионы стали частью крупнейшего мошенничества в истории.

Пекин ответил на пошлины США.

In a significant finding, Forcepoint’s X-Labs research team has uncovered a new malware campaign that uses AsyncRAT, a notorious remote access trojan (RAT), along with Python scripting and TryCloudflare tunnels to deliver malicious payloads with enhanced stealth. This campaign highlights an evolving trend of adversaries exploiting legitimate infrastructure to cloak their attacks, reinforcing predictions from […]

The post AsyncRAT Abusing Python and TryCloudflare For Stealthy Malware Delivery appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability classified as very critical was found in Zyxel VMG4325-B10A up to 1.00(AAFR.4)C0_20170615. Affected by this vulnerability is an unknown functionality of the component Management Interface. The manipulation leads to improper authentication. This vulnerability is known as CVE-2025-0890. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in Zyxel VMG4325-B10A up to 1.00(AAFR.4)C0_20170615. Affected is an unknown function. The manipulation leads to os command injection. This vulnerability is traded as CVE-2024-40890. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Zyxel VMG4325-B10A up to 1.00(AAFR.4)C0_20170615. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to os command injection. The identification of this vulnerability is CVE-2024-40891. The attack may be initiated remotely. There is no exploit available.

A new variant of malware, known as FlexibleFerret, has been identified targeting macOS users while evading detection by Apple’s XProtect tool. This malware is part of a broader campaign attributed to North Korean threat actors, who have been using sophisticated tactics to lure victims into installing malicious software. The Ferret family of malware, including variants […]

The post FlexibleFerret Malware Attacking macOS Users, Evading XProtect Detections appeared first on Cyber Security News.

A newly identified zero-day vulnerability in the widely used 7-Zip archiving software, designated as CVE-2025-0411. This critical flaw, which was exploited in the wild, is enabling threat actors to bypass vital Windows security protections and deploy SmokeLoader malware. The campaign has predominantly targeted Ukrainian organizations, with experts suspecting links to Russian cybercrime groups amid the […]

The post Hackers Exploiting 7-Zip Zero-Day Vulnerability to Deploy SmokeLoader Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

История блестящего взлома и глупого провала.