Researchers discovered an Office document with a VBA script intended to spread the Phobos ransomware known as FAUST. The FAUST version can sustain persistence in a given environment and generates multiple threads for efficient execution. A well-known family of malicious…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
GitLab Flaw Let Attackers Write Files to Arbitrary Locations
GitLab releases security updates addressing several critical vulnerabilities, urging all users to upgrade immediately. This release is crucial for ensuring the security of GitLab instances, as it patches vulnerabilities that could allow attackers to: Document Run Free ThreatScan on Your…
Control D Launches Control D for Organizations: Democratizing Cybersecurity for Organizations of All Sizes
In an era where online threats no longer discriminate by business size, Control D, powered by Windscribe VPN‘s robust security expertise, announced today the launch of ‘Control D for Organizations‘. This cutting-edge DNS service brings cybersecurity within reach for businesses…
Exploit Released for Critical Jenkins RCE Flaw
Jenkins has been discovered with a critical vulnerability that is associated with arbitrary code execution that threat actors can exploit for malicious purposes. The vulnerability is tracked as CVE-2024-23898, and the severity is yet to be categorized. However, Jenkins has…
Russian TrickBot Malware Developer Pleaded Guilty
Vladimir Dunaev, a resident of Amur Blast and aged 40, has confessed to creating and distributing Trickbot malware. The purpose of the malware was to launch cyberattacks against various American hospitals and companies. Trickbot has a collection of malware tools…
What are the Common Security Challenges CISOs Face?
Chief Information Security Officers (CISOs) hold a critical and challenging role in today’s rapidly evolving cybersecurity landscape. Here are the common security challenges CISOs face. As organizations increasingly rely on technology to drive their operations, CISOs face complex security challenges…
Chinese Hackers Hijack Software Updates to Install Malware Since 2005
In order to obtain unauthorized access and control, hackers take advantage of software vulnerabilities by manipulating updates. By corrupting the updates, hackers can disseminate malware, compromise user data, and build backdoors for future attacks. This enables hackers to compromise a…
Pure Malware Tools Pose As Legitimate Software to Bypass AV Detections
An extensive examination of the growing danger posed by the Pure malware family has been released, providing the industry with more insightful information about PureCrypter, PureLogs, and PureMiner. ANY. RUN has disclosed that Pure tools are disguised as legitimate software designed…
Google Kubernetes Flaw Let Any Google User Control the Cluster
Researchers have discovered a new loophole in Google Kubernetes Engine (GKE), which threat actors can utilize with a Google account to take over the misconfigured Kubernetes Cluster. Threat actors can further use these compromised clusters for crypto mining, DoS (denial…
198% Surge in Browser Based zero-hour Phishing Attacks
The digital landscape is under siege. Surging browser-based phishing attacks, a 198% increase in just the second half of 2023, paint a chilling picture of cyber threats outsmarting traditional security. Menlo Security’s 2023 State of Browser Security Report unveils this…