A new zero-day Local Privilege Escalation (LPE) exploit has been put up for sale on a notorious hacker forum. This exploit, which has not yet been assigned a Common Vulnerabilities and Exposures (CVE) reference, is said to be capable of…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Palo Alto ZeroDay Exploited in The Wild Following PoC Release
Palo Alto Networks has disclosed a critical vulnerability within its PAN-OS operating system, identified as CVE-2024-3400. This zero-day flaw, found in the GlobalProtect Gateway, is currently under active exploitation by attackers. CVE-2024-3400 allows attackers to execute arbitrary OS commands on…
Russian APT44 – The Most Notorious Cyber Sabotage Group Globally
As Russia’s invasion of Ukraine enters its third year, the formidable Sandworm (aka FROZENBARENTS, APT44) cyber threat group remains highly active and increasingly integrated with Russian conventional military operations in support of Moscow’s war aims. However, Sandworm’s disruptive operations now…
FIN7 Hackers Attacking IT Employees Of Automotive Industry
IT employees in the automotive industry are often targeted by hackers because they have access to sensitive information such as customer data, intellectual property, and critical systems. The connected technologies’ dependence on the automotive industry and the value of their…
SoumniBot Exploiting Android Manifest Flaws to Evade Detection
A new banker, SoumniBot, has recently been identified. It targets Korean users and is incredible by using an unusual method to evade investigation and detection, notably obfuscating the Android manifest. In addition to its unique obfuscation, SoumniBot stands out for…
LeSlipFrancais Data Breach: Customers’ Personal Information Exposed
LeSlipFrancais, the renowned French underwear brand, has confirmed a data breach impacting its customer base. The breach, first reported by the online security platform Have I Been Pwned, has compromised the sensitive personal information of thousands of customers. The breach…
Cisco Hypershield: AI-Powered Hyper-Distributed Security for Data Center
Cisco has unveiled its latest innovation, Cisco Hypershield, marking a milestone in cybersecurity. This groundbreaking product, described as Cisco’s most consequential security solution, introduces a cloud-native, AI-powered approach to securing highly distributed, AI-scale data centers. Integrated directly into the network’s…
What is Encryption in Malware? – Understand From Basics to XOR
Malware commonly encrypts its traffic (stolen data sent to a command-and-control server) and internal strings (like URLs and configurations) to prevent security systems from recognizing malicious content. Cryptography fundamentals, classical ciphers, bitwise operations, XOR functions, and XOR cipher detection and…
Phishing-as-a-Service Platform LabHost Seized by Authorities
Authorities have dismantled LabHost, a notorious cybercrime platform that facilitated widespread phishing attacks across the globe. The crackdown on LabHost, which was founded in the UK in 2021, marks a significant victory against cybercriminal networks that have long exploited digital…
Armis Acquires AI-based Vulnerability Detection Firm Silk Security
Armis, a leading cybersecurity company, has acquired Silk Security, an AI-powered vulnerability detection firm. The acquisition comes when organizations grapple with a surge of security findings, with no scalable and automated way to prioritize and operationalize remediation. Ineffective processes and…