Tag: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

GitHub has become a major platform that cybercriminals use for various attack methods such as payload delivery, dead drop resolution (DDR), C2 (Command and Control) and exfiltration. T This is because GitHub is considered legitimate traffic, which threat actors can…

Read more →

The 29-year-old man was arrested in Mykolaiv, Ukraine, for using hacked accounts to create 1 million virtual servers to illegally mine cryptocurrency. It is estimated that the suspect has mined cryptocurrency worth over USD 2 million (or EUR 1.8 million). The…

Read more →

Network Penetration Testing checklist determines vulnerabilities in the network posture by discovering open ports, troubleshooting live systems, and services, and grabbing system banners. The pen-testing helps the administrator close unused ports, add additional services, hide or customize banners, troubleshoot services, and…

Read more →

Web server pentesting is performed under three significant categories: identity, analysis, and reporting vulnerabilities such as authentication weaknesses, configuration errors, and protocol relationship vulnerabilities.  1.  “Conduct a series of methodical and repeatable tests ” is the best way to test the webserver…

Read more →

Web server pentesting is performed under 3 significant categories: Identity, Analyse, and Report Vulnerabilities such as authentication weakness, configuration errors, and protocol Relation vulnerabilities.  1.  “Conduct a series of methodical and Repeatable tests ” is the best way to test the webserver…

Read more →

Hackers target vulnerable WordPress plugins as they provide a potential entry point to exploit website security weaknesses.  These plugins often have outdated code or known vulnerabilities, which make them attractive targets for malicious actors seeking:- Recently, on December 14th, 2023,…

Read more →

Several vulnerabilities have been discovered in Splunk Enterprise Security and Splunk User Behavior Analytics (UBA), which existed in several third-party packages. The third-party package includes Splunk, which includes babel/traverse, handsontable, semver, loader-utils, json5, socket.io-parser, protobuf, and Guava. However, Splunk has…

Read more →

Hackers use Qbot malware for its advanced capabilities, including keylogging, credential theft, and backdoor functionality. Previously distributed Qakbot malware campaign was capable of monitoring the browsing activities of the infected computer and logs all information related to finance-related websites. Qbot…

Read more →

Invati Connect Secure (ICS) and Ivanti Policy Secure Gateways have been discovered with two new vulnerabilities associated with authentication bypass and command injection. The CVEs for these vulnerabilities have been assigned as CVE-2023-46805 and CVE-2024-21887. The severity of these vulnerabilities…

Read more →

AgentTesla is a notorious malware that functions as a keylogger and information stealer.  By logging keystrokes and capturing screenshots on infected systems, this notorious malware targets sensitive data like:- Recently, the cybersecurity researchers at BitSight Security discovered that AgentTesla malware…

Read more →