Hertz, a well-known car rental company, has inadvertently exposed over 60,000 insurance claim reports. This breach has raised serious concerns about the company’s data security practices and left customers questioning the safety of their personal information. Discovery of the Breach…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
GitLab Urges Organization to Patch for Authentication Bypass Vulnerability
GitLab has issued an urgent call to action for organizations using its platform to patch a critical authentication bypass vulnerability. This security flaw, CVE-2024-45409, affects instances configured with SAML-based authentication. The vulnerability could potentially allow unauthorized access to sensitive data.…
SambaSpy Using Weaponized PDF Files to Attack Windows Users
SambaSpy Attacking Windows Users With Weaponized PDF FilesResearchers discovered a targeted cybercrime campaign in May 2024 that exclusively focused on Italian victims, which was unusual as attackers typically aim for broader targets to increase profits. However, this campaign implemented checks…
Threat Actors Forcing victims Into Entering Login Credentials For Stealing
Recent intelligence indicates a new technique employed by stealers to trick victims into entering credentials directly into a browser, enabling subsequent theft from the browser’s credential store. This method, used in conjunction with StealC malware, was first observed in August…
Hackers Using Supershell Malware To Attack Linux SSH Servers
Researchers identified an attack campaign targeting poorly secured Linux SSH servers, where the attack leverages Supershell, a cross-platform reverse shell backdoor written in Go, granting attackers remote control of compromised systems. Following the initial infection, attackers are suspected to have…
Researchers Detailed Raptor Train Botnet That 60,000+ Compromised Devices
Researchers discovered a large, Chinese state-sponsored IoT botnet, “Raptor Train,” that compromised over 200,000 SOHO and IoT devices. Operated by Flax Typhoon, the botnet leveraged a sophisticated control system, “Sparrow,” to manage its extensive network. The botnet posed a significant…
Webdav Malicious File Hosting Powering Stealthy Malware Attacks
A new method of attack has emerged that leverages WebDAV technology to host malicious files. This approach, which facilitates the distribution of the Emmenhtal loader—also known as PeakLight—has been under scrutiny since December 2023. The loader is notorious for its…
PoC Exploit Released for CVE-2024-7965 Zero-Day Chrome Vulnerability
A proof-of-concept (PoC) exploit has been released for a critical zero-day vulnerability identified as CVE-2024-7965, affecting Google’s Chrome browser. This vulnerability explicitly targets the V8 JavaScript engine and is exclusive to ARM64 architectures. The release of this PoC has raised…
Threat Actor Allegedly Claims Breach of Federal Bank Customer Data
A threat actor on a well-known dark web forum has allegedly claimed responsibility for a significant data breach involving the Indian financial institution, Federal Bank. The breach reportedly exposes sensitive information of hundreds of thousands of customers, raising serious concerns…
Tor Claims Network is Safe Following Enforcement Infiltration to Expose Criminals
The anonymity of the Tor network has been scrutinized in a recent investigation by German law enforcement agencies. Despite these revelations, the Tor Project maintains that its network remains secure for users. This article delves into the details of the…