Recent reports indicate that threat actors have been using a new type of Linux-targeted backdoor that has never been seen before. This new backdoor has been named SprySOCKS, which uses the strings of Trochilus (Windows backdoor) and the new Socket…
Category: GBHackers – Latest Cyber Security News | Hacker News
Over 80% of Juniper Firewalls Vulnerable to Unauthenticated Code Execution
At the end of August 2023, Juniper Networks released a security advisory mentioning the CVE-2023-36845 vulnerability affecting SRX and EX series firewalls. The vulnerability was categorized as a Medium (5.3) severity vulnerability. Following this, security researchers at watchtowr published a…
BlackCat Ransomware Leveraging Remote Monitoring Tools to Encrypt Azure Storage
BlackCat Ransomware variant Sphynx has been newly identified with additional features used for encrypting Azure Storage accounts. This Sphynx variant of BlackCat was first discovered in March and was upgraded in May, which added the Exmatter exfiltration tool. Another version…
Hackers Are Using AI For Cyberattacks. How Can We Stop Them?
The use of AI has greatly increased over the past few months, with programs like ChatGPT and Bing AI making the technology freely available to all. It has been used to create beautiful works of art and poetry and for…
AMBERSQUID: Novel Cryptojacking Attack Leverages AWS Services
Cryptojacking is a malicious cyberattack in which an attacker stealthily utilizes a victim’s computer or device to mine cryptocurrencies such as Bitcoin or Monero without the victim’s knowledge or agreement. This usually entails infecting the victim’s PC with malware that…
Pro-Russian Actors Initiated A DDoS Attack Against Canadian Organizations
The Canadian government, banking, and transportation industries have recently been the targets of many distributed denial of service (DDoS) attacks. This criminal activity is linked to state-sponsored cyber threat actors from Russia. Since March 2022, NoName057(16), a pro-Russian hacktivist operator…
Iranian Hackers Attack Thousands of Organizations Using Password Spraying
Peach Sandstorm, an Iranian Hackers group that targets organizations globally, aligns with the following threat groups:- Besides this, in the following sectors, the Iranian group, Peach Sandstorm pursued its targets most in the past attacks:- The cybersecurity researchers at Microsoft…
8 XSS Vulnerabilities in Azure HDInsight Allow Attackers to Deliver Malicious Payloads
Azure HDInsight has been identified with multiple Cross-Site Scripting – XSS vulnerabilities related to Stored XSS and Reflected XSS. The severity for these vulnerabilities ranges between 4.5 (Medium) and 4.6 (Medium). These vulnerabilities have affected multiple products, including Azure Apache…
Windows11 Themes vulnerability Let Attackers Execute Arbitrary Code
An Arbitrary code execution vulnerability has been found in Windows 11. This vulnerability is a result of several factors, such as a Time-of-Check Time-of-Use (TOCTOU) race condition, malicious DLL, cab files, and the absence of Mark-of-the-Web validation. This particular vulnerability…
Memory Corruption Flaw in ncurses API Library Exposes Linux and macOS Systems
Multiple memory corruption vulnerabilities have been discovered in the ncurses library, which various programs use on multiple operating systems like Portable Operating System Interface (POSIX) OS, Linux OS, macOS, and FreeBSD. Threat actors can chain these vulnerabilities with environment variable…