Microsoft released multiple product security patches on their April 2024 Patch Tuesday updates. One of the vulnerabilities addressed was CVE-2024-26218, associated with the Windows Kernel Privilege Escalation vulnerability, which had a severity of 7.8 (High). This vulnerability relates to a…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
KageNoHitobito Ransomware Attacking Windows Users Around the Globe
A new ransomware named KageNoHitobito has been targeting Windows users across various countries. It encrypts their data and demands a ransom through sophisticated means. This article delves into the mechanics of the KageNoHitobito ransomware and its attack methodology and provides…
1,200+ Vulnerabilities Detected In Microsoft Products In 2023
Hackers often focus on flaws in Microsoft products since they are commonly employed in various institutions and personal computers, which means they have a bigger area to attack. This is because these systems could be used as an entry point…
Android Malware Brokewell With Complete Device Takeover Capabilities
A new family of mobile malware known as “Brokewell” has been found to have a wide range of device takeover capabilities. This seriously threatens the banking sector by giving attackers remote access to all the resources made available via mobile…
Okta Warns of Credential Stuffing Attacks Using Proxy Services
Okta has issued a warning about the increasing prevalence of credential-stuffing attacks. These attacks, which leverage stolen user credentials to gain unauthorized access to accounts, are facilitated by the widespread use of residential proxy services. This alarming trend underscores the…
Fileless .NET Based Code Injection Attack Delivers AgentTesla Malware
A recent malware campaign used a VBA macro in a Word document to download and execute a 64-bit Rust binary. This binary employs fileless injection techniques to load a malicious AgentTesla payload into its memory space. The malware leverages CLR…
NETGEAR buffer Overflow Vulnerability Let Attackers Bypass Authentication
Some router models have identified a security vulnerability that allows attackers to bypass authentication. To exploit this vulnerability, an attacker must know the WiFi password or have an Ethernet connection to a device on the victim’s network. Firmware updates that…
5000+ CrushFTP Servers Hacked Using Zero-Day Exploit
Hackers often target CrushFTP servers as they contain sensitive data and are used for file sharing and storage. This makes them attractive targets for data theft and ransomware attacks for the threat actors. Besides this, the vulnerabilities in CrushFTP servers…
13,142,840 DDoS Attacks Targeted Organization Around The Globe
DDoS attacks are a significant and growing risk that can overpower websites, crash servers, and block out authorized users with never-ending waves of offensive traffic. More than 13 million DDoS attacks were recorded in 2023 alone, which reveals the real…
Hackers Exploit Old Microsoft Office 0-day to Deliver Cobalt Strike
Hackers have leveraged an old Microsoft Office vulnerability, CVE-2017-8570, to deploy the notorious Cobalt Strike Beacon, targeting systems in Ukraine. It has been closely monitoring the situation and has successfully detected all stages of the attack. CVE-2017-8570: The Initial Vector…