Researchers have uncovered a critical vulnerability within the Linux kernel’s dmam_free_coherent() function. This flaw, identified as CVE-2024-43856, stems from a race condition caused by the improper order of operations when freeing Direct Memory Access (DMA) allocations and managing associated resources. The vulnerability…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Researchers Found a New Technique to Defend Cache Side Channel Attacks
Researchers from the University of Rochester have unveiled a novel technique to defend against cache side-channel attacks, a prevalent threat in modern computing systems. The new method, named RollingCache, promises to enhance the security of shared systems by dynamically altering…
BeaverTail Malware Attacking Windows Users Via Weaponized Games
Researchers uncovered a new malware campaign dubbed BeaverTail, a North Korean cyber espionage malware family primarily focusing on job seekers. Initially identified as a JavaScript-based info stealer, it has since morphed into a native macOS version that pretends to be…
Iranian APT42 Group Launch A Massive Phishing Campaign To Attack U.S. Presidential Election
APT42 is an APT group that is believed to be backed by the Iranian government, and this group primarily focuses on cyber espionage. Besides this, APT42 is also well-known for other illicit activities. Apart from cyber espionage, they also conduct…
Ransomware Group Added a New EDR Killer Tool to their arsenal
A ransomware group known as RansomHub has been found deploying a new tool designed to disable endpoint detection and response (EDR) systems. This tool, EDRKillShifter, represents a significant advancement in the tactics used by cybercriminals to bypass security measures and…
News Malspam Attacks AnyDesk and Microsoft Teams
Cybersecurity researchers have uncovered a sophisticated malspam campaign targeting unsuspecting users through email and phone calls. Attackers are leveraging popular platforms like AnyDesk and Microsoft Teams to gain unauthorized access to victims’ computers, raising alarms about cybercriminals’ evolving tactics. The…
NIST Finalizes 3 Algorithms to Combat Future Quantum Cyber Threats
The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has taken a step in safeguarding digital security against future quantum threats. By finalizing a set of three encryption algorithms, NIST aims to protect sensitive information from the…
Critical Vulnerabilities in IBM QRadar Allow Attackers to Execute Arbitrary Code Remotely
IBM recently disclosed critical vulnerabilities affecting its QRadar Suite Software and IBM Cloud Pak for Security. These vulnerabilities, if exploited, could allow attackers to execute arbitrary code remotely, potentially leading to severe security breaches. The company has addressed these issues…
Face Check With Microsoft Entra Verified ID Is Now Generally Available, Microsoft
Microsoft announced that Face Check with Microsoft Entra Verified ID is now generally accessible. It is available standalone and as part of the Microsoft Entra Suite, a comprehensive identity solution that combines network access, identity protection, governance, and identity verification…
Earth Baku Using Customized Tools To Maintain Persistence And Steal Data
Earth Baku, an APT actor who initially focused on the Indo-Pacific region, has grown its activities extensively since late 2022. The group has increased its presence in Europe, the Middle East, and Africa (MEA), having also confirmed engagements in Italy,…