Cacti, the widely utilized network monitoring tool, has recently issued a critical security update to address a series of vulnerabilities, with the most severe being CVE-2024-25641. This particular vulnerability has been assigned a high severity rating with a CVSS score…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Nmap 7.95 released – What’s New!
Nmap’s version 7.95 emerges as a testament to the relentless efforts of its development team, spearheaded by the renowned Gordon Fyodor Lyon. The update showcases the remarkable processing of over 6,500 new OS and service detection fingerprints, underscoring the tool’s…
Microsoft Edge Zero-Day Vulnerability Exploited in the Wild
A zero-day vulnerability in Microsoft Edge, which has been tagged as CVE-2024-4671, has been aggressively exploited by evil organizations, according to reports. This security flaw originates from the Chromium engine that underpins the browser. Chromium is also the foundation for…
Passwordless Authentication Standard FIDO2 Flaw Let Attackers Launch MITM Attacks
FIDO2 (Fast Identity Online) is a passwordless authentication method developed by FIDO Alliance to prevent Man-in-the-Middle (MiTM) attacks, Phishing attacks, and session hijacking attacks. This FIDO2 authentication works using a physical or embedded key. However, this secure passwordless authentication method…
Apache OFBiz RCE Flaw Let Attackers Execute Malicious Code Remotely
Many businesses use enterprise resource planning (ERP) systems like Apache OFBiz. However, it has been found to have significant security holes that let attackers run harmful code from afar without being verified. Businesses that depend on Apache OFBiz for budgeting,…
Ohio Lottery Hacked: 500,000+ Customers Data Exposed
A major cybersecurity breach happened at the Ohio Lottery, letting people into its private systems without permission. The breach wasn’t found until April 5, 2024, so the information of about 538,959 people was out in the open for months. People’s…
Hackers Exploiting Vulnerabilities 50% Faster, Within 4.76 Days
Cybersecurity researchers are sounding the alarm that hackers are exploiting software vulnerabilities faster than ever before. A new report from Fortinet found that in the second half of 2023, the average time between a vulnerability being disclosed and actively exploited…
Hackers Moving To AI But Lacking Behind The Defenders In Adoption Rates
Hackers were actively exploiting the generative AI for cyber attacks; not only that, even threat actors are also exploring new ways to exploit other advanced LLMs like ChatGPT. They could leverage Large Language Models (LLMs) and generative AI for several…
PoC Released for Critical PuTTY Private Key Recovery Vulnerability
Security researchers have published a Proof-of-Concept (PoC) exploit for a critical vulnerability in the widely used PuTTY SSH and Telnet client. The flaw, CVE-2024-31497, allows attackers to recover private keys generated with the NIST P-521 elliptic curve in PuTTY versions…
HackCar – Attack AND Defense Playground For Automotive System
Modern cars have microcontrollers that use the Controller Area Network (CAN) to perform safety and luxury functions. However, vehicle hijacking can occur through message injection attacks because the CAN network lacks the security of drive-by-wire systems such as speed control,…