Ransomware is a universal threat to enterprises, targeting anyone handling sensitive data when profit potential is high. A new ransomware named 3AM has surfaced and is used in a limited manner. Symantec’s Threat Hunter Team witnessed it in a single…
Tag: GBHackers – Latest Cyber Security News | Hacker News
Trellix DLP Vulnerability Allows Attackers To Delete Unprivileged Files
Trellix Windows DLP endpoint for Windows has a privilege escalation vulnerability that allows unauthorized deletion of any file or folder. Trellix DLP Endpoint protects against all potential leak channels, including portable storage devices, the cloud, email, instant messaging, web, printing,…
Next-Gen Email Firewalls: Beyond Spam Filters to Secure Inboxes Checklist
Email communication is still widely used as an attack vector despite the ever-changing nature of cyber threats. The vast number of people who use it for communication daily, both professionally and personally, makes it a tempting target. Cybercriminals are becoming…
Microsoft Teams as a Tool for Storm-0324 Threat Group to Hack Corporate Networks
According to recent reports, a threat actor known as Storm-0324 has been using email-based initial infection vectors to attack organizations. However, as of July 2023, the threat actor has been found to have been using Microsoft Teams to send Phishing…
Cisco IOS Verification Flaw Let Attackers Execute Arbitrary Code
Cisco has been discovered with an arbitrary code execution flaw on their Cisco IOS XR Software image verification checks, which allows an authenticated, local attacker to execute arbitrary code on their underlying operating system. Cisco Internetwork Operating System (IOS) is…
SolarWinds Platform Vulnerability Let Attackers Execute Arbitrary Commands
SolarWinds Platform has published its release notes 2023.3.1, which provides multiple bug fixes and security updates. With this release, the platform has fixed two vulnerabilities, CVE-2023-23840 and CVE-2023-23845, related to arbitrary command execution. SolarWinds Platform is an infrastructure monitoring and…
Hackers Attack Facebook Business Users Aggressively to Steal Login Credentials
A new and highly concerning cyber threat has emerged, as a botnet known as “MrTonyScam” has been orchestrating an extensive Messenger phishing campaign on Facebook. Recently, this campaign has flooded the platform with malicious messages, posing a significant risk to…
ReconAIzer: OpenAI-based Extension for Burp Suite
Burp Suite, the renowned Bug Bounty Hunting and Web Application Penetration Testing tool, has been improvised with many extensions over the years. Many of Burp’s Extensions have been used by Bug Bounty Hunters and Security Researchers for various purposes. It…
Weaponized Free Download Manager for Linux Steals System Data & Passwords
In recent years, Linux systems gained prominence among diverse threat actors, with more than 260,000 unique samples emerging in H1 2023. In the case of Linux, threat actors can run multiple campaigns without being detected for years, and maintain long-term…
Chinese Redfly Hacked National Power Grid & Maintained Access for 6 Months
Cybersecurity researchers at Symantec’s Threat Hunter Team recently discovered that the Redfly threat actor group used ShadowPad Trojan to breach an Asian national grid for 6 months. Artificial intelligence-driven cyber threats grow as technology advances, significantly influencing and boosting threat…