The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding two critical vulnerabilities affecting Microsoft Windows MSHTML and Progress WhatsUp Gold. These vulnerabilities, identified as CVE-2024-43461 and CVE-2024-6670, are reportedly being exploited widely, posing significant risks to…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Creating An AI Honeypot To Engage With Attackers Sophisticatedly
Honeypots, decoy systems, detect and analyze malicious activity by coming in various forms and can be deployed on cloud platforms to provide insights into attacker behavior, enhancing security. The study proposes to create an interactive honeypot system using a Large…
North Korean Hackers Attacking LinkedIn Users to Deliver RustDoor Malware
North Korean hackers have been identified as targeting LinkedIn users to deliver sophisticated malware known as RustDoor. This cyber threat underscores the evolving tactics of state-sponsored hacking groups, mainly from North Korea, which have increasingly turned to social engineering on…
Key Russian Hacker Group Attacking Users With .NET Built Ransomware
The Russian ransomware group Key Group, active since early 2023, is targeting organizations globally, as their modus operandi involves encrypting files and stealing data before demanding ransom via Telegram. The group utilizes the .NET-based Chaos ransomware builder to create their…
Chinese Hackers Charged for Multi-Year Spear-Phishing Attacks
Song Wu, a Chinese national, has been indicted on charges of wire fraud and aggravated identity theft. The charges stem from his alleged involvement in a sophisticated spear-phishing campaign targeting sensitive U.S. research and technology. This case highlights ongoing concerns…
Critical Vulnerabilities Impact Million of D-Link Routers, Patch Now!
Millions of D-Link routers are at risk due to several critical vulnerabilities. Security researcher Raymond identified these vulnerabilities, which have been assigned multiple CVE IDs and pose severe threats to users worldwide. D-Link has issued urgent firmware updates to mitigate…
Windows MSHTML Zero-Day Vulnerability Exploited In The Wild
Adobe released eight security updates in September 2024, addressing 28 vulnerabilities in various products, as ColdFusion received a critical patch to mitigate a code execution flaw rated at CVSS 9.8. Other critical vulnerabilities were found in Photoshop, Illustrator, Premier Pro,…
Medusa Ransomware Exploiting Fortinet Flaw For Sophisticated Ransomware Attacks
Medusa, a relatively new ransomware group, has gained notoriety for its dual-pronged online presence. Unlike its peers, Medusa maintains a visible profile on the surface web alongside its traditional dark web operations. This unusual strategy has amplified its impact, with…
Azure API Management Vulnerability Let Attackers Escalate Privileges
A vulnerability in Azure API Management (APIM) has been identified. It allows attackers to escalate privileges and access sensitive information. This issue arises from a flaw in the Azure Resource Manager (ARM) API, which permits unauthorized access to critical resources.…
Spring Framework Vulnerability Let Attackers obtain Any Files from the System
A newly discovered vulnerability in the Spring Framework has been identified, potentially allowing attackers to access any file on the system. This vulnerability tracked as CVE-2024-38816, affects applications using the functional web frameworks WebMvc.fn or WebFlux.fn. It is classified as…