A routine physical penetration test conducted by cybersecurity professionals took an unexpected turn when armed police arrested two security experts during a simulated breach at a corporate office in Malta. The incident involving miscommunication between the client and local authorities…
Tag: Cyber Security News
Ransomware Payments Dropped By 35%, As Victims Refusing To Pay
In a significant shift in the ransomware landscape, payments to attackers have decreased by approximately 35% year-over-year. This decline is attributed to increased law enforcement actions, improved international collaboration, and a growing trend among victims to refuse ransom demands. Here…
World’s Longest and Strongest WiFi Passwords From 31m Passwords List
A cybersecurity enthusiast discovered the longest and most complicated passwords ever used by searching through a huge dataset of 31 million likely WPA WiFi passwords. Typically, a password’s length and complexity directly affect its security. While diverse character sets prevent…
New ‘BYOTB’ Attack Exploits Trusted Binaries to Evade Detection, Researchers Reveal
Security researcher David Kennedy unveiled a novel attack technique known as “BYOTB” (Bring Your Own Trusted Binary) in a recent presentation at BSides London 2024, which leverages trusted binaries to bypass security measures and evade detection. This approach exploits the…
GhidrAssist Brings AI Features to Ghidra in Reverse Engineering
Reverse engineering has long been a challenging yet essential process for cybersecurity professionals, software analysts, and researchers. With the introduction of GhidrAssist, a cutting-edge plugin for the popular reverse engineering platform Ghidra, the process becomes significantly more streamlined and efficient. …
SAML Bypass Authentication on GitHub Enterprise Servers To Login as Other User Account
A significant vulnerability has been identified in GitHub Enterprise Servers, allowing attackers to bypass SAML authentication and log in as other user accounts. This exploit leverages quirks in the libxml2 library, specifically related to XML entities, to deceive the verification…
PoC Exploit Released for AnyDesk Vulnerability Exploited to Gain Admin Access Via Wallpapers
A recently disclosed vulnerability in AnyDesk, a popular remote desktop software, identified as CVE-2024-12754, enables local attackers to exploit the handling of Windows background images to gain unauthorized access to sensitive system files. This could potentially escalate their privileges to…
Hackers Exploiting Google Tag Manager To Steal Credit Card From eCommerce Sites
Hackers have been exploiting Google Tag Manager (GTM) to steal sensitive credit card information from eCommerce sites, particularly those built on the Magento platform. This sophisticated attack shows the evolving tactics of cybercriminals in leveraging legitimate tools for malicious purposes.…
Linux Kernel 6.14 Released – What’s New With rc2!
Linus Torvalds announced the release of Linux Kernel 6.14-rc2, the second release candidate in the 6.14 series. The release follows the usual weekly schedule and comes as a relatively small update, consistent with the overall size of the 6.14 kernel.…
Unpatched Marvel Game RCE Exploit Could Let Hackers Take Over PCs & PS5s
A critical security vulnerability has been discovered in the popular online game Marvel Rivals, raising alarms about the potential for hackers to exploit unsuspecting players. The exploit, identified as a Remote Code Execution (RCE) vulnerability, allows attackers on the same…