Hackers have been found exploiting Google search ads to distribute malware through MSI (Microsoft Installer) packages. This campaign, involving the malware loader known as FakeBat, targets unsuspecting users by masquerading as legitimate software downloads. The Infection Chain: From Ad to…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Veeam RCE Flaws Let Hackers Gain Access To VSPC Servers
Veeam Service Provider console has been discovered with two critical vulnerabilities that were associated with Remote Code Execution. A CVE for these vulnerabilities is yet to be assigned. These vulnerabilities exist in version 7.x and version 8.x of the Veeam…
Critical PDF.js & React-PDF Vulnerabilities Threaten Millions Of PDF Users
A new critical vulnerability has been discovered in PDF.js, which could allow a threat actor to execute arbitrary code when opening a malicious PDF. PDF.js allows browsers to render PDF files without any plugins or external software. This vulnerability affects…
Hackers Employing Steganography Methods to Deliver Notorious RemcosRAT
Hackers are now using steganography techniques to distribute the notorious Remote Access Trojan (RAT) known as RemcosRAT. This method, which involves hiding malicious code within seemingly innocuous image files, marks a concerning evolution in malware delivery tactics. The Initial Breach:…
Hackers Actively Exploiting Ivanti Pulse Secure Vulnerabilities
Juniper Threat Labs has reported active exploitation attempts targeting vulnerabilities in Ivanti Pulse Secure VPN appliances. These vulnerabilities, identified as CVE-2023-46805 and CVE-2024-21887, have been exploited to deliver the Mirai botnet, among other malware, posing a significant threat to network…
Google Simplifies Two-Factor Authentication Setup Process
Google has announced an update to its two-factor authentication (2FA) process, also known as 2-step Verification (2SV), aimed at simplifying the setup and making it easier for users to secure their accounts. The changes rolled out on Monday, May 6,…
NCA Unmasks and Sanctions Leader of Notorious LockBit Ransomware Group
In collaboration with US and Australian authorities, the UK’s National Crime Agency (NCA) has unmasked and sanctioned the leader of the notorious LockBit ransomware group, once considered the world’s most harmful cybercrime operation. Russian national Dmitry Khoroshev, who went by…
Weaponized Windows Shortcut Files Deploying Fileless RokRat Malware
Hackers target LNK (Windows shortcut) files to disseminate malware because they can embed malicious code that automatically executes when the shortcut is clicked. LNK files appear harmless but can stealthily trigger malware downloads or other malicious actions, making them an…
Trend Micro Antivirus One Let Attacker Inject Malicious Code Into Application
A significant update for Trend Micro’s Antivirus One software has been released. The update addresses a critical vulnerability that may have enabled attackers to inject malicious code. The vulnerability, called custom dynamic library injection vulnerability CVE-2024-34456, may enable an attacker…
Multiple Samsung Mobile Devices Flaw Let Attackers Execute Arbitrary Code
In a cybersecurity update, Samsung announced the patching of 25 vulnerabilities in its mobile devices, aiming to fortify them against potential code execution and privilege escalation attacks. This move is part of Samsung’s ongoing efforts to enhance the security of…