Hackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative targets. Outlook vulnerabilities offer:- WinRAR vulnerabilities provide an entry point to manipulate compressed files, potentially executing malicious code on a victim’s system. Cybersecurity researchers at Proofpoint…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Bluetooth keystroke-injection Flaw: A Threat to Apple, Linux & Android Devices
An unauthenticated Bluetooth keystroke-injection vulnerability that affects Android, macOS, and iOS devices has been discovered. This vulnerability can be exploited by tricking the Bluetooth host state machine into pairing with a fake keyboard without authentication. This vulnerability affects Android devices…
Atlassian Patches RCE Flaw that Affected Multiple Products
Atlassian has been discovered with four new vulnerabilities associated with Remote Code Execution in multiple products. The CVEs for these vulnerabilities have been assigned as CVE-2023-22522, CVE-2023-22523, CVE-2023-22524, and CVE-2022-1471. Atlassian has patched these vulnerabilities and has released security advisories…
SLAM Attack Gets Root Password Hash in 30 Seconds
Spectre is a class of speculative execution vulnerabilities in microprocessors that can allow threat actors unauthorized access to sensitive data. Hackers exploit Spectre because it enables them to extract confidential information by manipulating the speculative execution capabilities of CPUs, bypassing…
SLAM Attack Gets Root Password Hash in 30 Seconds by Exploiting Hardware Security
Spectre is a class of speculative execution vulnerabilities in microprocessors that can allow threat actors unauthorized access to sensitive data. Hackers exploit Spectre because it enables them to extract confidential information by manipulating the speculative execution capabilities of CPUs, bypassing…
Akira Ransomware Exploiting Zero-day Flaws For Organization Network Access
The Akira ransomware group, which first appeared in March 2023, has been identified as a serious threat to data security. It encrypts data and demands a ransom for decryption, affecting both Windows and Linux devices. The group has about 140…
Hackers Deliver AsyncRAT Through Weaponized WSF Script Files
The AsyncRAT malware, which was previously distributed through files with the .chm extension, is now being disseminated via WSF script format. The WSF file was found to be disseminated in a compressed file (.zip) format through URLs included in emails. AsyncRAT spreads…
Serpent Stealer Acquire Browser Passwords and Erases Intrusion Logs
Beneath the surface of the cyber realm, a silent menace emerges—crafted with the precision of the .NET framework, the Serpent Stealer slithers undetected through security measures, leaving traces of its intrusion. Researchers at K7 Labs have analyzed the malware called…
BlueNoroff: New Malware Attacking MacOS Users
Researchers have uncovered a new Trojan-attacking macOS user that is associated with the BlueNoroff APT group and their ongoing RustBucket campaign. As a subgroup of Lazarus, BlueNoroff possesses reverse engineering expertise because they spend time analyzing and patching SWIFT Alliance software as well…
Doppelgänger: Hackers Employ AI to Launch Highly sophistication Attacks
It has been observed that threat actors are using AI technology to conduct illicit operations on social media platforms. These malicious actors employ several tactics and automated bots to achieve their nefarious goals, which can pose a serious threat to…