In the evolving hospitality industry landscape, where vacation rental software has transitioned from luxury to necessity, a growing concern emerges regarding cybersecurity. This software, while primarily simplifying booking, guest interactions, and property management, stores sensitive data such as credit card…
Category: GBHackers – Latest Cyber Security News | Hacker News
Researchers Uncover Phishing Empire Attacking 56,000+ Microsoft 365 Accounts
Recent reports indicate that a new threat actor named “W3LL” has been discovered running a large phishing empire completely hidden until now. It was also found that this threat actor played a major role in compromising Microsoft 365 business email…
North Korean Hackers Use 0-Day Exploits to Attack Security Researchers
Google’s Threat Analysis Group (TAG) has issued an update regarding an ongoing campaign by North Korean threat actors targeting security researchers. This campaign, which first came to light in January 2021, involved using 0-day exploits to compromise the security of…
Hackers Steal NTLMv2 Hashes using Custom Powershell Scripts
A new sophisticated stealing campaign named “Steal-It” has been discovered that exfiltrates NTLMv2 hashes using customized versions of Nishang’s Start-CaptureServer PowerShell script. It is believed that the Steal-It campaign may be attributed to APT28 (aka Fancy Bear) based on its…
North Korean Hackers Actively Attacking Security Researchers
Google’s Threat Analysis Group (TAG) has issued an update regarding an ongoing campaign by North Korean threat actors targeting security researchers. This campaign, which first came to light in January 2021, involved using 0-day exploits to compromise the security of…
Apple Discloses 2 Zero-Day Flaws Exploited to Hack iPhones & Mac
Two Zero-Day flaws have been discovered on Apple Devices affecting macOS, iOS, and iPadOS. The vulnerabilities involve an arbitrary code execution and a buffer overflow. Reports indicate that these vulnerabilities are being actively exploited. This is considered a high-risk vulnerability…
SSO Implementation Flaw In Cisco Broadworks Let Attackers Forge Credentials
A single sign-on (SSO) implementation flaw in the Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform might make it possible for a remote, unauthenticated attacker to forge credentials to access a vulnerable system. This “Critical” severity vulnerability has…
Global Ticketing Giant Hacked: Attackers Accessed Customers’ Payment Data
A Global Ticketing Giant company, See Tickets, recently reported a data breach that exposed the payment card information of over 300,000 customers. See Tickets, owned by Vivendi Ticketing, revealed the latest breach in a complaint with Maine’s attorney general. The ticketing business…
Multiple ArubaOS vulnerabilities Let Attackers Execute Arbitrary Code
Multiple vulnerabilities have been discovered in Aruba 9200 and 9000 Series Controllers and Gateways running ArubaOS. The vulnerabilities related to Buffer Overflow and Hardware Root of Trust bypass. Aruba has released a security advisory for addressing these vulnerabilities. At the…
Internal discussions of a large ransomware-as-a-service Group Exposed
RaaS (Ransomware-as-a-service) is actively strengthening the ransomware attacks, but understanding their operations is restricted by illegality. That’s why ransomware attacks have surged in scale and complexity over the past decade, driven by RaaS models like Conti (formerly Ryuk). However, the…