ESET, a cybersecurity firm, has released patches for a high-severity vulnerability identified in several Windows-based security products, including consumer, business, and server security. The vulnerability tracked as CVE-2024-0353 has a CVSS score of 7.8 and was identified in the real-time…
Tag: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
New TicTacToe Malware Dropper Attacking Windows Users
Malware often targets Windows users due to the operating system’s widespread popularity, making it a lucrative target for threat actors. Windows systems have historically been perceived as more vulnerable due to their larger user base and the majority of security…
Turla APT’c New Tool Designed to Steal Login Credentials
The Russian cyber espionage threat group “Turla APT group” was discovered to be using a new backdoor for its malicious operations. This new backdoor has been termed “TinyTurla-NG” (TTNG), which shares similarities with a previously disclosed implant, TinyTurla, regarding coding…
First Ever iOS Trojan Steals Facial Recognition Data
A novel, very sophisticated mobile Trojan dubbed GoldPickaxe.iOS that targets iOS users exclusively was discovered to collect facial recognition data, intercept SMS, and gather identity documents. The Asia-Pacific region includes the majority of those impacted by this harmful activity. On the other hand,…
1000+ JetBrains TeamCity Instances Vulnerable to RCE Bypass Attacks
A critical security vulnerability was detected in TeamCity On-Premises, tagged as CVE-2024-23917, with a CVSS score of 9.8. An unauthenticated attacker with HTTP(S) access to a TeamCity server may bypass authentication procedures and take administrative control of that TeamCity server…
Ukrainian Hacker Pleads Guilty for Leading Zeus & IcedID Malware Attacks
Vyacheslav Igorevich Penchukov, a 37-year-old resident of Donetsk, Ukraine, has pleaded guilty to his key role in developing and deploying the notorious Zeus and IcedID malware attacks. In 2022, he was apprehended in Switzerland and extradited to the United States…
New Outlook 0-day RCE Flaw Exploited in the Wild
Outlook has been discovered to have an interesting vulnerability while handling specific hyperlinks, which was found to be exploited by threat actors in the wild. This vulnerability has been assigned with CVE-2024-21413, and the severity was given as 9.8 (Critical).…
Wireshark 4.2.3 Released – What’s New!
Wireshark is backed by the nonprofit Wireshark Foundation, which relies on your support to advance protocol analysis education. However, Wireshark 4.2.3 is out now, and this new version is Packed with multiple new features, rich protocol support, user-friendly design, and…
How to Analyse an Advanced Phishing Attack with ANY.RUN Threat Intelligence Lookup
An advanced phishing attack typically involves sophisticated tactics such as compelling email and website replicas that are often tailored to specific targets. These attacks may use social engineering techniques to manipulate victims into revealing sensitive information and installing malware. Cybersecurity…
OpenAI Shuts Down Accounts Used to Generate Phishing Emails & Malware
While Artificial Intelligence holds immense potential for good, its power can also attract those with malicious intent. State-affiliated actors, with their advanced resources and expertise, pose a unique threat, leveraging AI for cyberattacks that can disrupt infrastructure, steal data, and…