Texas Dow Employees Credit Union (TDECU) has disclosed that the personal information of over 500,000 members was exposed due to a security compromise involving a third-party vendor, MOVEit. The breach, which occurred between May 29 and 31, raised concerns about…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Research Unveils Eight Android And iOS That Leaks Users Sensitive Data
The eight Android and iOS apps fail to adequately protect user data, which transmits sensitive information, such as device details, geolocation, and credentials, over the HTTP protocol instead of HTTPS. It exposes the data to potential attacks like data theft,…
Pootry EDR Killer Malware Wipes Out Security Tools From Windows Machine
Windows drivers can be abused to bypass security measures. Attackers can exploit vulnerabilities in legitimate drivers or use stolen or forged digital signatures to load malicious drivers into the operating system’s kernel. These drivers can then interfere with security software,…
Versa Director Zero-day Vulnerability Let Attackers Upload Malicious Files
Versa Networks specializes in successful business. It offers Secure Access Service Edge (SASE), consolidating networking and security services in a single, cloud-based platform. Enterprises and service providers can redesign their networks to achieve new levels of business success with the…
Airtags Locator Device used to Grab the Stolen Parcel
Two suspects have been apprehended for mail theft after being tracked using an AirTag locator device. The incident unfolded on August 19, 2024, when deputies responded to a theft report at the Los Alamos Post Office. This innovative use of…
Patchwork Actors Using Weaponized Encrypted Zip Files to Attack Orgs
The cyber espionage group Patchwork, also known by various aliases, has been active since 2009, primarily targeting Asian organizations in sectors such as government, military, and industry. Based in South Asia, the group has been conducting cyber-espionage campaigns for over…
Researchers Disclosed 20 Vulnerabilities Exploited To Attack ML Used In Orgs
The MLOps pipeline automates the machine learning lifecycle, from model training to deployment, which involves defining the pipeline using Python code, monitoring for dataset or model parameter changes, training new models, evaluating them, and deploying successful models to production. Model…
Rockwell Automation ThinManager Flaw Let Attackers Execute Remote Code
Rockwell Automation’s ThinManager ThinServer has been found to contain multiple critical vulnerabilities that could allow attackers to execute remote code. Nicholas Zubrisky of Trend Micro Security Research discovered the flaws, identified as CVE-2024-7986, CVE-2024-7987, and CVE-2024-7988, and published a detailed…
Microsoft 365 Flags Emails with Images as Malware: A Growing Concern for Users
Microsoft 365 users have reported a troubling issue in which email messages containing images are incorrectly flagged as malware and subsequently quarantined. This incident, identified as Issue ID: EX873252, has sparked widespread concern among businesses and individual users who rely…
Microsoft Copilot Prompt Injection Vulnerability Let Hackers Exfiltrate Sensitive Data
A security researcher revealed a critical vulnerability in Microsoft Copilot, a tool integrated into Microsoft 365, which allowed hackers to exfiltrate sensitive data. The exploit, disclosed to Microsoft Security Response Center (MSRC) earlier this year, combines several sophisticated techniques that…