Aggregator
CVE-2024-9478 | upKeeper Solutions upKeeper Instant Privilege Access up to 1.1 privileges management
Helldown 勒索软件出现了 Linux 变种
FreeCAD 释出 1.0 版本
Wget 漏洞 (CVE-2024-10524) 为 SSRF 攻击敞开大门
CVE-2011-5025 | Yaws Web Server 1.88 text cross site scripting (EDB-17111 / BID-51276)
К 2026 году в России появится единая система защиты от мошенников
Gabagool: 利用 Cloudflare R2 的复杂网络钓鱼工具包
'Water Barghest' Sells Hijacked IoT Devices for Proxy Botnet Misuse
Rekoobe Backdoor In Open Directories Possibly Attacking TradingView Users
APT31, using the Rekoobe backdoor, has been observed targeting TradingView, a popular financial platform, as researchers discovered malicious domains mimicking TradingView, suggesting a potential interest in compromising the platform’s user community. By analyzing shared SSH keys, investigators identified additional infrastructure linked to this campaign and another open directory, highlighting the evolving tactics employed by APT31 […]
The post Rekoobe Backdoor In Open Directories Possibly Attacking TradingView Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Bluesky 用户数突破 2000 万
Water Barghest Botnet Comprised 20,000+ IoT Devices By Exploiting Vulnerabilities
Water Barghest, a sophisticated botnet, exploits vulnerabilities in IoT devices to enlist them in a residential proxy marketplace by leveraging automated scripts to identify vulnerable devices from public databases like Shodan. When the device is compromised, the Ngioweb malware is installed in a stealthy manner, thereby establishing a connection to command-and-control servers. The infected device […]
The post Water Barghest Botnet Comprised 20,000+ IoT Devices By Exploiting Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
North Korean IT Worker Using Weaponized Video Conference Apps To Attack Job Seakers
North Korean IT workers, operating under the cluster CL-STA-0237, have been implicated in recent phishing attacks leveraging malware-infected video conference apps. The group, likely based in Laos, has demonstrated a sophisticated approach, infiltrating a U.S.-based SMB IT services company to gain access to sensitive information and secure a position at a major tech company. It […]
The post North Korean IT Worker Using Weaponized Video Conference Apps To Attack Job Seakers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Black Friday Scammers are Hard at Work: Security Experts
Scammers are using everything from fraudulent deals and fake ads to spoofed websites and brand impersonation to target online shoppers who are gearing up for Black Friday as the holiday buying season gets underway, according to cybersecurity firms.
The post Black Friday Scammers are Hard at Work: Security Experts appeared first on Security Boulevard.
一个辅助测试ssrf的有意思的工具
Hackers Hijacked Misconfigured Servers For Live Streaming Sports
Recent threat hunting activities focused on analyzing outbound network traffic and binaries within containerized environments. By cross-referencing honeypot data with threat intelligence platforms, researchers identified suspicious network events linked to the execution of the benign tool ffmpeg. Although this particular instance was not inherently malicious, it did raise concerns due to the unusual context in […]
The post Hackers Hijacked Misconfigured Servers For Live Streaming Sports appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
索尼有意收购角川股份
Amazon and Audible flooded with 'forex trading' and warez listings
Volt Typhoon Attacking U.S. Critical Infra To Maintain Persistent Access
Volt Typhoon, a Chinese state-sponsored threat actor, targets critical infrastructure sectors like communications, energy, transportation, and water systems by pre-positions itself in target networks, often exploiting vulnerabilities in operational technology (OT) environments. Known for persistence and patient operations, Volt Typhoon has been tracked under various aliases, including BRONZE SILHOUETTE, Voltzite, Insidious Taurus, DEV-0391, UNC3236, and […]
The post Volt Typhoon Attacking U.S. Critical Infra To Maintain Persistent Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.