Hackers have reportedly infiltrated and extracted a vast 82 GB of sensitive data from the Indonesian government’s Regional Financial Management Information System (Sistem Informasi Pengelolaan Keuangan Daerah, or SIPKD). This system is operated by the Badan Pendapatan, Pengelolaan Keuangan, dan Aset…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
IBM AIX TCP/IP Vulnerability Lets Attackers Exploit to Launch Denial of Service Attack
IBM has issued a security bulletin warning of two vulnerabilities in its AIX operating system that could potentially lead to denial-of-service (DoS) attacks. The affected kernel extensions—perfstat and TCP/IPmpresent risks to systems running on AIX 7.2, AIX 7.3, VIOS 3.1,…
USA Launched Cyber Attack on Chinese Technology Firms
The Chinese National Internet Emergency Center (CNIE) has revealed two significant cases of cyber espionage targeting Chinese technology companies and research institutions. These attacks, suspected to be orchestrated by U.S. intelligence agencies, aimed to steal sensitive commercial secrets and intellectual…
Apache Auth-Bypass Vulnerability Lets Attackers Gain Control Over HugeGraph-Server
The Apache Software Foundation has issued a security alert regarding a critical vulnerability in Apache HugeGraph-Server. The flaw, identified as CVE-2024-43441, could potentially allow authentication bypass due to an issue with assumed-immutable data in JWT tokens. The vulnerability impacts versions…
Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks
A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing millions of systems to potential remote code execution (RCE) and privilege escalation attacks. The vulnerability, assigned CVE-2024-56334, highlights the importance of secure coding practices when dealing with…
BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques
An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the initial sample (MD5 14f6c034af7322156e62a6c961106a8c) provided valuable insights into its version and development timeline. A second suspicious sample on the same machine, while exhibiting similar functionality to…
Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware
Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer through malicious packages disguised as legitimate tools. The threat actor, “k303903,” compromised hundreds of machines before the packages were removed. Subsequent analysis revealed that “k303903” likely…
Hackers Exploiting PLC Controllers In US Water Management System To Gain Remote Access
A joint Cybersecurity Advisory (CSA) warns of ongoing exploitation attempts by Iranian Islamic Revolutionary Guard Corps (IRGC)-affiliated cyber actors using the online persona “CyberAv3ngers.” These actors are targeting and compromising Unitronics Vision Series programmable logic controllers (PLCs), specifically those manufactured…
DigiEver IoT Devices Exploited To Deliver Mirai-based Malware
A new Mirai-based botnet, “Hail Cock Botnet,” has been exploiting vulnerable IoT devices, including DigiEver DVRs and TP-Link devices with CVE-2023-1389. The botnet, active since September 2024, leverages a variant of Mirai malware with enhanced encryption. A recent uptick in…
New Python NodeStealer Attacking Facebook Business To Steal Login Credentials
NodeStealer, initially a JavaScript-based malware, has evolved into a more sophisticated Python-based threat that targets Facebook Ads Manager accounts, stealing sensitive financial and business data in addition to credit card details and browser information. The malware is delivered through spear-phishing…