A new Ransomware-as-a-Service (RaaS) platform known as DeathGrip has surfaced, offering sophisticated ransomware tools to aspiring cyber criminals. This service is being promoted through Telegram and various underground forums, providing a gateway for individuals with limited technical expertise to launch…
Tag: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
PostgreSQL Vulnerability Allows Hackers To Execute Arbitrary SQL Functions
A critical vulnerability identified as CVE-2024-7348 has been discovered in PostgreSQL, enabling attackers to execute arbitrary SQL functions. This vulnerability in the pg_dump utility poses a significant security risk, especially when executed by superusers. CVE-2024-7348 – Vulnerability Details The flaw…
PostgreSQL Vulnerability Hackers Execute Arbitrary SQL Functions
A critical vulnerability identified as CVE-2024-7348 has been discovered in PostgreSQL, enabling attackers to execute arbitrary SQL functions. This vulnerability in the pg_dump utility poses a significant security risk, especially when executed by superusers. CVE-2024-7348 – Vulnerability Details The flaw…
Telegram Bot Selling Phishing Tools to Bypass 2FA & Hack Microsoft 365 Accounts
A newly discovered phishing marketplace, ONNX Store, empowers cybercriminals to launch sophisticated attacks against Microsoft 365 and Office 365 environments. The platform provides tools to circumvent robust 2FA safeguards, enabling threat actors to compromise accounts with increased efficiency. Corporate security…
Australian Gold Mining Company Reports Ransomware Attack
Evolution Mining Limited, a prominent global player in the gold mining industry, has reported a ransomware attack that impacted its IT systems. The company, which operates several mines across Australia and Canada, discovered the breach on August 8, 2024. This…
Critical AWS Services Vulnerability Let Attackers Execute Remote Code
Hackers attack AWS as it hosts a vast number of high-value targets, including sensitive data, business applications, and cloud resources for organizations worldwide. In February 2024, six AWS services were found to have some critical vulnerabilities. The services include CloudFormation,…
Hackers Exploiting WinRAR Flaw To Attacks Windows & Linux(ESXi) Machines
Head Mare, a hacktivist group targeting Russia and Belarus, leverages phishing campaigns distributing WinRAR archives to exploit CVE-2023-38831 for initial access. By deploying LockBit and Babuk ransomware, they encrypt victim systems and publicly disclose stolen data. The group shares similarities…
NCSC to Build Nation-Scale Evidence Base for Cyber Deception
The UK’s National Cyber Security Centre (NCSC) recently hosted an unprecedented conference at its London headquarters, bringing together international government partners, UK government officials, and industry leaders. The focus was on exploring the potential of cyber deception technologies and techniques…
Google’s Quick Share Vulnerabilities Let Attackers Execute Remote Code
By reverse-engineering Quick Share’s proprietary communication protocol, researchers uncovered multiple vulnerabilities, including unauthorized file writes, forced Wi-Fi connections, directory traversal, and denial-of-service conditions. These flaws were chained together to achieve remote code execution on Windows systems with Quick Share installed,…
Authorities Arrested Two Admins of WWH-Club Stolen Credit Card Marketplace
U.S. authorities have arrested two believed administrators of the notorious WWH-Club, an online marketplace for stolen credit card information. The arrests mark a major step in the ongoing battle against cybercrime and the illicit trade of unauthorized access devices. The…