Web3 and DeFi have been appealing to many threat actors, and there has been a significant boost in heists that have become larger than any they have experienced in more traditional finance. Mandiant’s investigation into the 2016 Bangladesh Bank heist…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Veeam Backup & Replication Vulnerabilities Let Attackers Execute Remote Code
Multiple critical vulnerabilities have been identified in Veeam Backup & Replication, a widely-used data protection and disaster recovery solution. These vulnerabilities, discovered during internal testing, pose serious risks, including remote code execution (RCE), privilege escalation, and data interception. The issues…
Tor Browser 13.5.3 Released, What’s New?
The Tor Project has unveiled Tor Browser 13.5.3, a significant update that brings crucial security enhancements and usability improvements. This latest version is now available for download from the official Tor Browser website and distribution directory. Important security updates to…
Cisco Smart Licensing Utility Vulnerability Let Attackers Gain Admin Control
Cisco has issued a security advisory (Advisory ID: cisco-sa-cslu-7gHMzWmw) regarding critical vulnerabilities in the Cisco Smart Licensing Utility. These vulnerabilities could allow unauthenticated, remote attackers to gain administrative control over affected systems. The advisory was first published on September 4,…
Warning: New Emansrepo Malware Uses HTML Files to Target Windows Users
Emansrepo, a Python infostealer, is distributed via phishing emails containing fake purchase orders and invoices, where the attacker initially sent a phishing email with an HTML file redirecting to the Emansrepo download link. In recent months, the attack flow has…
Security Flaw Allows Attackers to Clone YubiKeys by Extract Private Key
Secure elements consist mainly of tiny microcontrollers, which provide service by generating and storing secrets and performing cryptographic operations. Thomas Roche of NinjaLab finds a major security flaw in the crypto library of Infineon Technologies affecting a diverse range of…
ToddyCat APT Abuses SMB, Exploits IKEEXT A Exchange RCE To Deploy ICMP Backdoor
ToddyCat is an APT group that has been active since December 2020, and primarily it targets the government and military entities in Europe and Asia. The group is known for its sophisticated cyber-espionage tactics and has been involved in multiple…
Halliburton Confirms that Hackers Stolen Data in Cyber Attack
Halliburton Company has confirmed that a cyber attack led to unauthorized access and data theft from its systems. The incident, which came to light on August 21, 2024, has prompted the company to initiate a comprehensive cybersecurity response plan. Immediate…
PoC Exploit Released For 0-Day Windows Kernel Privilege Escalation Vulnerability
Microsoft released several patches for multiple vulnerabilities during the Patch Tuesday for August 2024. One of the vulnerabilities listed by Microsoft was the CVE-2024-38106. This vulnerability is associated with Windows Kernel Privilege Escalation affecting multiple Microsoft Windows OSes including Windows…
Google Patches Actively Exploited Android 0-day Privilege Escalation Vulnerability
Google has released a patch addressing a critical zero-day vulnerability that has been actively exploited. This vulnerability, CVE-2024-32896, is a privilege escalation flaw within the Android Framework component. The patch, part of the Android Security Bulletin for September 2024, underscores…