In response to a recent data breach at Sisense, a provider of data analytics services, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) advised customers to reset their login credentials. Sisense’s AI and machine learning-driven analytics platform is used for data…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Cyber Attack Surge by 28%:Education Sector at High Risk
In Q1 2024, Check Point Research (CPR) witnessed a notable increase in the average number of cyber attacks per organization per week, reaching 1308. This marked a 5% increase from Q1 2023 and a 28% increase from the last quarter…
Midnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive concerning a breach in Microsoft’s corporate email system. The directive, ED 24-02, outlines the urgent steps required to mitigate the risks posed by Midnight Blizzard, a nation-state-sponsored cyber…
Taxi App Vendor Data Leak: 300K Passengers Data Exposed
Around 300,000 taxi passengers’ personal information was left exposed on the internet, causing concern in the UK and Ireland. Cybersecurity researcher Jeremiah Fowler discovered the breach involving Dublin-based taxi dispatch system provider iCabbi and subsequently reported it to vpnMentor. Fowler…
Taxi Software Vendor Data Leak: 300K Passengers Data Exposed
Around 300,000 taxi passengers’ personal information was left exposed on the internet, causing concern in the UK and Ireland. Cybersecurity researcher Jeremiah Fowler discovered the breach involving Dublin-based taxi dispatch system provider iCabbi and subsequently reported it to vpnMentor. Fowler…
TA547 Hackers Launching AI-Powered Cyber Attacks Targeting Organizations
TA547 has been targeting German organizations with an email campaign delivering the Rhadamanthys malware. Proofpoint has observed TA547 using Rhadamanthys, an information stealer that is utilized by multiple cybercriminal threat actors. The emails, which impersonated the German retail company Metro,…
CISA Opens Its Internal Malware Analysis Tool for Public Use
The Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its latest initiative: opening its advanced malware analysis system, Malware Next-Gen, to the public. Malware Next-Gen represents a paradigm shift in analyzing and countering cyber threats and malware. With scalability and…
Client-Side Exploitation: Poisoning WebDAV+URL+LNK to Deliver Malicious Payloads
WebDAV incidents simulate an offensive attack employing a WebDAV server to distribute malware to a client PC. Attackers store malicious payloads and attract users into downloading and executing them. It then analyzes a real-world scenario involving AsyncRat/Purelogs malware to understand…
Hackers Manipulate GitHub Search To Deliver Clipboard-Hijacking Malware
In a sophisticated cyberattack campaign uncovered on April 10, 2024, cybercriminals are exploiting GitHub’s search functionality to distribute a particularly insidious form of malware, known as “Keyzetsu clipper,” targeting cryptocurrency wallets. This new wave of attacks highlights cybercriminals’ evolving tactics…
Fortra For Windows Vulnerability Let Attackers Escalate Privilege
Fortra’s Robot Schedule Enterprise Agent permits a low-privileged user to elevate privileges to the local system level. The problem arises from the agent’s failure to adequately secure its service executable, which an attacker can exploit by swapping out the executable…