Cybersecurity researchers have identified a new ransomware payload associated with the P2Pinfect malware, primarily targeting Redis servers. This sophisticated malware, previously known for its peer-to-peer (P2P) botnet capabilities, has now evolved to include ransomware and crypto-mining functionalities. This article delves…
Tag: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Ollama AI Platform Flaw Let Attackers Execute Remote Code
Hackers attack AI infrastructure platforms since these systems contain a multitude of valuable data, algorithms that are sophisticated in nature, and significant computational resources. So, compromising such platforms provides hackers with access to proprietary models and sensitive information, and…
New North Korean Actor Distributing Malicious npm Packages To Compromise Organizations
Early in 2024, North Korean threat actors persisted in using the public npm registry to disseminate malicious packages that were similar to those that Jade Sleet had previously used. Initially thought to be an extension of Sleet’s activity, further investigation…
Threat Actor Claims 0Day Sandbox Escape RCE in Chrome Browser
A threat actor has claimed to have discovered a zero-day vulnerability in the widely-used Google Chrome browser. The claim was made public via a tweet from the account MonThreat, which has previously been associated with credible cybersecurity disclosures. Details of…
Microsoft Announced Copilot for Security TI in Defender XDR
Microsoft has announced the general availability of Copilot for Security threat intelligence embedded experience in the Defender XDR portal. This AI-powered tool aims to revolutionize the way organizations access, operate on, and integrate Microsoft’s threat intelligence data. Enhancing Threat Intelligence…
Critical Vulnerability in MOVEit Transfer Let Hackers Gain Files Access
A critical security vulnerability, CVE-2024-5806, has been identified in MOVEit Transfer, a widely used managed file transfer software. The vulnerability poses significant risks to organizations relying on the software for secure data transfers. The vulnerability is rooted in improper validation of user-supplied input during the authentication process. It can…
Beware Of Shorten URLs With Word Files That Install Remcos RAT
A new method of distributing the Remcos Remote Access Trojan (RAT) has been identified. This malware, known for providing attackers complete control over infected systems, is being spread through malicious Word documents containing shortened URLs. These URLs lead to the…
Top 10 Best Penetration Testing Companies & Services in 2024
Penetration Testing Companies are pillars of information security; nothing is more important than ensuring your systems and data are safe from unauthorized access. Many organizations have a flawed security culture, with employees motivated to protect their information rather than the…
Hackers Use Windows XSS Flaw To Execute Arbitrary Command In MMC Console
Attackers are leveraging a new infection technique called GrimResource that exploits MSC files. By crafting malicious MSC files, they can achieve full code execution within the context of mmc.exe (Microsoft Management Console) upon a user click. It offers several advantages…
New Webkit Vulnerabilities Let Attackers Exploit PS4 And PS5 Playstations
Webkit vulnerabilities in PS4 and PS5 refer to bugs found in the Webkit engine used by their web browsers. These bugs, discovered in browsers like Safari and Chrome, can also exist in PS4 and PS5 because they share the same…