Geisinger Health System discovered a data breach involving the personal information of over one million patients. The breach was traced back to a former employee of Nuance Communications Inc., an external vendor providing IT services to Geisinger. The ex-employee accessed…
Tag: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Poc Exploit Released for Fortra Filecatalyst SQL Injection Vulnerability
A Proof-of-Concept (PoC) exploit has been released for a critical SQL Injection vulnerability in Fortra FileCatalyst Workflow. This vulnerability could potentially allow attackers to modify application data. This vulnerability, CVE-2024-5276, affects all versions of Fortra FileCatalyst Workflow from 5.1.6 Build…
Xeno RAT Attacking Users Via GitHub Repository And .gg Domains
Threat actors use RATs because they provide attackers with persistent access to compromised systems, enabling long-term espionage and exploitation. North Korean hackers and other actors who target the gaming community are using free malware on GitHub called XenoRAT. Hunt’s research…
1-Click Exploit In Kakaotalk’s Android App Allows Arbitrary Code Execution
KakaoTalk is an Android application that is predominantly installed and used by over 100 million people. It is a widely popular application in South Korea that has payment, ride-hailing services, shopping, email etc., But the end-to-end encryption is not enabled…
New Medusa RAT Attacking Android Devices to Steal SMS & Screen Controls
A new variant of the Medusa malware family was discovered disguised as a “4K Sports” app, which exhibits changes in command structure and capabilities compared to previous versions. Researchers believe these changes are aimed at improving efficiency and strengthening the…
Hackers Attacking Linux Cloud Servers To Gain Complete Control
Malware storage, distribution, and command and control (C2) operations are increasingly being used to leverage cloud services for recent cybersecurity threats. But, this complicates the detection process and all the prevention efforts. Security researchers at FortiGuard Labs have recently observed…
Google Announced Chrome Enterprise Core Features for IT, Security Teams
Google has unveiled new features for Chrome Enterprise Core, formerly known as Chrome Browser Cloud Management. As organizations increasingly rely on cloud computing, hybrid work models, and Bring Your Device (BYOD) policies, the need for robust browser management has never…
Multiple TP-Link Omada Vulnerabilities Let Attackers Execute Remote Code
Multiple vulnerabilities have been identified in the TP-Link Omada system, a software-defined networking solution widely used by small to medium-sized businesses. These vulnerabilities, if exploited, could allow attackers to execute remote code, leading to severe security breaches. The affected devices…
BSNL Data Breach Exposes Millions of Users to Fraud and Security Risks
Bharat Sanchar Nigam Limited (BSNL), India’s state-owned telecommunications provider, has suffered a major data breach orchestrated by a threat actor known as “kiberphant0m”. The cyberattack has compromised over 278GB of sensitive data, putting millions of users at risk of SIM…
OilRig Hackers Attacking Individuals And Organizations In The Middle East
OilRig is an Iranian-linked cyber espionage group that has been active since 2015, and this group is known for its sophisticated spear-phishing campaigns and advanced infiltration techniques. This group conducts a multitude of cyber attacks against various sectors, and among…