Hackers exploit Zero-Days because these vulnerabilities are unknown to software developers, making them valuable for launching attacks before developing patches. Zero-day exploits provide an opportunity to:- Cybersecurity researchers at Securelist recently discovered a malicious operation dubbed “Triangulation,” in which threat…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Chinese Hackers Exploit New Zero-Day in Barracuda’s ESG to Deploy Backdoor
Barracuda Email Security Gateway (ESG) Appliance has been discovered with an Arbitrary code Execution vulnerability exploited by a China Nexus threat actor tracked as UNC4841. Additionally, the vulnerability targeted only a limited number of ESG devices. However, Barracuda has deployed…
Critical Apache OfBiz Zero-Day Let Attackers Bypass Authentication
A new vulnerability has been discovered in Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. Apache OfBiz is used as a part of the software supply chain in Atlassian’s JIRA, which is predominantly used in several organizations. This vulnerability…
10 Prominent Cybersecurity Acquisitions of 2023
The cybersecurity domain is undergoing rapid changes owing to the rise in frequency and complexity of cyber threats. As the digital world expands, the risk of cyberattacks is increasing, and security experts must stay vigilant to safeguard against potential breaches.…
Hackers Stolen Over $58 Million in Crypto Via Malicious Google and X Ads
Threat actors targeting crypto wallets for illicit transactions have been in practice for quite some time. Threat actors have been using Wallet Drainers for such cybercrime activities, which have seen great success in recent years. Several techniques were used for…
Ubisoft Investigates Cyber Attack: Possible Data Exfiltration by Hackers
Ubisoft, the renowned video game developer behind iconic franchises like Assassin’s Creed and Far Cry, narrowly escaped a potentially devastating data breach. On December 20th, an unidentified threat actor infiltrated their systems, gaining access for approximately 48 hours before Ubisoft’s…
New Nim-Based Malware Delivered via Weaponized Word Document
Hackers use weaponized Word documents to deliver malicious payloads through social engineering. By embedding malware or exploiting vulnerabilities in these documents, attackers trick users into opening them and leading to the execution of malicious code. While leveraging the familiarity and…
Cisco to Acquire Cloud Networking and Security Startup Isovalent
In a strategic move destined to fortify its dominance in the ever-evolving realm of cloud security, Cisco has officially declared its intent to acquire Isovalent, a trailblazer in open-source cloud-native networking and security. This bold acquisition underscores Cisco’s steadfast commitment…
Android Malware Actively Infecting Devices to Take Full Control
Android malware infects devices to take full control for various illicit purposes like:- By gaining complete control, threat actors can exploit the device for their illicit activities, posing significant threats to:- Cybersecurity analysts at McAfee Mobile Research recently found an…
How Do You Protect Your APIs from Bot Attacks?
Organizations face an escalating threat of bot attacks in the rapidly evolving digital landscape. As revealed in our latest AppSec report, there has been a staggering 56% increase in bot attacks compared to Q2 2023. Previously associated with DDoS attacks,…