A proof-of-concept (PoC) exploit for a critical zero-day vulnerability (CVE-2024-4947) in Google Chrome has been made public. The potential for exploitation of this vulnerability, which impacts the V8 JavaScript engine, has generated considerable apprehension among members of the cybersecurity community.…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Kinsing Malware Attacking Apache Tomcat Servers To Deploy Cryptominers
Kinsing malware, known for exploiting vulnerabilities on Linux cloud servers to deploy backdoors and cryptominers, has recently expanded its target to include Apache Tomcat servers. The malware utilizes novel techniques to evade detection by hiding itself within seemingly innocuous system…
Sonicwall SSL-VPN exploit Advertised on the Dark web
The dark web has seen the release of a new vulnerability that targets SonicWALL SSL-VPN devices. Recently, the exploit, which lets people enter private networks without permission, was sold on a well-known dark web market. The news was first shared…
Hackers Exploiting Docusign With Phishing Attack To Steal Credentials
Hackers prefer phishing as it exploits human vulnerabilities rather than technical flaws which make it a highly effective and low-cost attack method. Phishing attacks can be easily scaled to target a large number of individuals, increasing the likelihood of success.…
ViperSoftX Malware Uses Deep Learning Model To Execute Commands
ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine, to target infected systems, which extracts text from images, and the malware scans these extracted strings for phrases related to passwords or cryptocurrency wallets. If a…
New Linux Backdoor Attacking Linux Users Via Installation Packages
Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices, which makes it an attractive target for gaining unauthorized access or spreading malware. Besides this, its open-source nature allows threat actors to study the code and…
Norway Recommends Replacing SSLVPN/WebVPN to Stop Cyber Attacks
A very important message from the Norwegian National Cyber Security Centre (NCSC) says that Secure Socket Layer/Transport Layer Security (SSL/TLS) based VPN solutions, like SSLVPN and WebVPN, should be replaced with safer options. Bad people are still taking advantage of…
Santander Data Breach: Hackers Accessed Company Database
Santander has confirmed that there was a major data breach that affected its workers and customers in Spain, Uruguay, and Chile. Concerns have been made about data security and privacy following the breach, which was found to have started with…
U.S. Govt Announces Rewards up to $5 Million for North Korean IT Workers
The U.S. government has offered a prize of up to $5 million for information that leads to the arrest and severance of North Korean IT workers working around the world. This plan, which was announced on Thursday, is meant to…
Russian APT Hackers Attacking Critical Infrastructure
Russia leverages a mix of state-backed Advanced Persistent Threat (APT) groups and financially motivated cybercriminals to achieve its strategic goals, as APT groups conduct espionage to gather valuable political and economic information. The Russian government may recruit financially motivated groups,…