GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

The DrayTek Gateway devices, more specifically the Vigor2960 and Vigor300B models, are susceptible to a critical command injection vulnerability.  Exploitable via the /cgi-bin/mainfunction.cgi/apmcfgupload endpoint, attackers can inject arbitrary commands into the system by manipulating the session parameter within a crafted HTTP request.  The vulnerability impacts over 66,000 internet-connected devices, potentially allowing attackers to gain remote […]

The post DrayTek Devices Vulnerability Let Attackers Arbitrary Commands Remotely appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Researchers recently discovered a malicious campaign targeting Ukrainian military personnel through fake “Army+” application websites, which host a malicious installer that, upon execution, extracts the legitimate application alongside the Tor browser.  The installer includes a PowerShell script that indicates the Tor browser’s inclusion is not for legitimate use, suggesting it’s likely intended for covert communication […]

The post New Stealthy Malware Leveraging SSH Over TOR Attacking Ukrainian Military appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert on a critical vulnerability in Palo Alto Networks PAN-OS. Tracked as CVE-2024-3393, this flaw has been observed in active exploitation, putting systems at risk of remote disruption. CVE-2024-3393: Malformed DNS Packet Vulnerability This vulnerability stems from improper parsing and logging of malformed DNS […]

The post CISA Warns of Palo Alto Networks PAN-OS Vulnerability Exploited in Wild appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Biden administration confirmed that a Chinese state-sponsored hacking group breached the U.S. Treasury Department, gaining unauthorized access to employee workstations and unclassified documents. This revelation follows a string of sophisticated surveillance operations targeting key American institutions. The intrusion, attributed to a Chinese Advanced Persistent Threat (APT) actor, was identified on Dec. 8 by third-party […]

The post US Treasury Department Breach, Hackers Accessed Workstations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers Daan Keuper, Thijs Alkemade, and Khaled Nassar from Computest Sector 7 disclosed a critical vulnerability in TrueNAS CORE, a widely-used open-source storage operating system developed by iXsystems. The vulnerability, CVE-2024-11944, allows network-adjacent attackers to execute arbitrary code on affected installations without requiring authentication. This discovery was presented during the renowned cybersecurity competition Pwn2Own. 2024 […]

The post TrueNAS CORE Vulnerability Let Attackers Execute Remote Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Researchers observed a recent surge in activity from the “FICORA” and “CAPSAICIN,” both variants of Mirai and Kaiten, respectively, which exploit known vulnerabilities in D-Link routers, including those with outdated firmware like DIR-645, DIR-806, GO-RT-AC750, and DIR-845L.  Attackers leverage the HNAP protocol to execute malicious commands remotely on vulnerable devices, which, despite being known for […]

The post New Botnet Exploiting D-Link Routers To Gain Control Remotely appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The watering hole attack leverages a compromised website to deliver malware. When a user visits the infected site, their system downloads an LZH archive containing an LNK file, where executing this LNK file triggers a malware infection. An infected website utilizes JavaScript to stealthily download malware onto user systems when specific accounts with Basic authentication […]

The post Hackers Weaponize Websites With LNK File To Deliver Weaponized LZH File appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The NFS protocol offers authentication methods like AUTH_SYS, which relies on untrusted user IDs, and Kerberos, providing cryptographic verification.  While Kerberos offers strong security, its Linux configuration can be complex, where emerging standards like RPC over TLS aim to simplify secure NFS access by leveraging TLS for authentication and encryption, similar to HTTPS. NFS servers […]

The post NFS Protocol Security Bypassed To Access Files From Remote Server appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SquareX, an industry-first Browser Detection and Response (BDR) solution, leads the way in browser security. About a week ago, SquareX reported large-scale attacks targeting Chrome Extension developers aimed at taking over the Chrome Extension from the Chrome Store. On December 25th, 2024, a malicious version of Cyberhaven’s browser extension was published on the Chrome Store that […]

The post SquareX Researchers Uncover OAuth Vulnerability in Chrome Extensions Days Before Major Breach appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A previously unknown zero-day vulnerability in the popular file compression tool 7-Zip has been publicly disclosed by an anonymous user claiming to be an NSA employee. The disclosure, made on X (formerly Twitter), reveals a severe security flaw that could have far-reaching implications for both individual users and organizations globally. GBHackers recently reported a severe security vulnerability […]

The post New 7-Zip 0-Day Exploit Allegedly Leaked Online Via ‘X’ appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have warned that a Proof-of-Concept (PoC) exploit has been publicly released for a critical vulnerability affecting Oracle WebLogic Server. The flaw tracked as CVE-2024-21182, poses a significant risk to organizations using the server, as it allows an unauthenticated attacker with network access to compromise the targeted system. The vulnerability impacts Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0, […]

The post PoC Exploited Released for Oracle Weblogic Server Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has issued a warning about a significant issue impacting devices running Windows 11, version 24H2, that could block essential Windows Security updates. The problem arises when users install this version of the operating system using media—such as CDs or USB drives—containing either the October 2024 or November 2024 security updates. If affected, devices may […]

The post Microsoft Warns of Windows 11 24H2 Issue that Blocks Windows Security Updates appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A significant post-authentication vulnerability affecting Four-Faith industrial routers has been actively exploited in the wild. Assigned as CVE-2024-12856, this flaw allows attackers to execute unauthenticated remote command injections by leveraging the routers’ default credentials. Details of the Exploitation The vulnerability impacts at least two Four-Faith router models—F3x24 and F3x36. It involves leveraging the /apply.cgi endpoint over HTTP by […]

The post Four-Faith Industrial Routers Vulnerability Exploited in the Wild to Gain Remote Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Researchers observed Lumma Stealer activity across multiple online samples, including PowerShell scripts and a disguised EXE installer, as analysis revealed a parent-child relationship between these samples, all of which communicated with the same C2 server. The Lumma Stealer Trojan, observed in the provided sample, employs advanced techniques to exfiltrate sensitive data from popular browsers and […]

The post Lumma Stealer Attacking Users To Steal Login Credentials From Browsers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated attack targeting various organizations, unlike typical nation-sponsored attacks.  While primarily associated with BeaverTail and InvisibleFerret malware, SOCs have recently observed OtterCookie deployed within this campaign.  OtterCookie exhibits distinct behavior from its predecessors, demonstrating the campaign’s evolution and expanding threat landscape, which […]

The post New ‘OtterCookie’ Malware Attacking Software Developers Via Fake Job Offers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The recent discovery of the NjRat 2.3D Professional Edition on GitHub has raised alarms in the cybersecurity community. This notorious Remote Access Trojan (RAT), also known as Bladabindi, has long been a tool of choice for cybercriminals due to its extensive capabilities and ease of use. The availability of its latest version on an open-source […]

The post NjRat 2.3D Pro Edition Shared on GitHub: A Growing Cybersecurity Concern appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability, CVE-2024-3393, has been identified in the DNS Security feature of Palo Alto Networks’ PAN-OS software. This flaw allows unauthenticated attackers to exploit firewalls through specially crafted packets, causing denial-of-service (DoS) conditions. The issue has been actively exploited, prompting urgent mitigation measures. Details of the Vulnerability The vulnerability stems from improper handling of […]

The post Palo Alto Networks Vulnerability Puts Firewalls at Risk of DoS Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat Analysts have reported alarming findings about the “Araneida Scanner,” a malicious tool allegedly based on a cracked version of Acunetix, a renowned web application vulnerability scanner. The tool has been linked to illegal activities, including offensive reconnaissance, scraping user data, and identifying vulnerabilities for exploitation. The “Araneida Scanner” is being sold on platforms like […]

The post Araneida Scanner – Hackers Using Cracked Version Of Acunetix Vulnerability Scanner appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which involves the systematic collection and exploitation of genuine identity documents and images.  Attackers utilize these resources to develop and sell techniques for bypassing identity verification systems, presenting a significant database and evolving threats to businesses and individuals alike.  Researchers have identified […]

The post A Dark Web Operation Acquiring KYC Details TO Bypass Identity Verification Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Adobe has issued a critical security update for ColdFusion versions 2023 and 2021 to address a major vulnerability that could lead to an arbitrary file system read. The identified vulnerability, CVE-2024-53961, has a known proof-of-concept exploit, making the updates crucial for users. This release underscores Adobe’s commitment to ensuring the security and integrity of its […]

The post Adobe Warns of ColdFusion Vulnerability Allows Attackers Read arbitrary files appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.