Security researchers have uncovered a sophisticated method of exploiting the Dynamic Host Configuration Protocol (DHCP) administrators group to escalate privileges within Windows domains. This technique, dubbed “DHCP Coerce,” leverages legitimate privileges to compromise entire networks potentially. The vulnerability centers around…
Tag: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Exploit Released For Critical Fortinet RCE Flaw: Patch Soon!
FortiClientEMS (Enterprise Management Server), the security solution used for scalable and centralized management, was discovered with an SQL injection vulnerability that could allow an unauthenticated threat actor to execute unauthorized code or command on vulnerable servers through specially crafted requests. …
One-Click AWS Vulnerability Let Attackers Takeover User’s Web Management Panel
Tenable Research has identified a critical vulnerability within the AWS Managed Workflows for Apache Airflow (MWAA) service, which they have named “FlowFixation.” This vulnerability could have permitted attackers to execute a one-click takeover of a user’s web management panel for…
TeamCity Vulnerability Exploits Leads to Surge in Ransomware Attacks
Attackers are taking advantage of vulnerabilities in JetBrains Teamcity to distribute ransomware, coinminers, and backdoor payloads. Two critical vulnerabilities in the TeamCity On-Premises platform, identified as CVE-2024-27198 and CVE-2024-27199 by JetBrains, were published on March 4, 2024. These flaws enable…
TinyTurla Evolved TTPs To Stealthly Attack Enterprise Organizations
Staying ahead of security measures and exploiting new vulnerabilities requires hackers to change their tactics. By doing so, they manage to bypass better defenses, maximize success rates, and keep on with their illegal activities. The adaptation of techniques by hackers…
Unsaflok Vulnerability Lets Hackers Open 3M+ Hotel Doors in Seconds
A group of cybersecurity researchers has uncovered several critical security flaws in the Saflok electronic RFID locks by Dormakaba. These locks, widely used in hotels and multi-family housing environments across 131 countries, are now known to be susceptible to a…
Researchers Propose An Invisible Backdoor Attack Dubbed DEBA
As deep neural networks (DNNs) become more prevalent, concerns over their security against backdoor attacks that implant hidden malicious functionalities have grown. Cybersecurity researchers (Wenmin Chen and Xiaowei Xu) recently proposed DEBA, an invisible backdoor attack leveraging singular value decomposition…
Hacker Pleads Guilty For Stealing 132,000+ Users Data
Robert Purbeck, a hacker known as “Lifelock” and “Studmaster,” hacked into the computer servers of the City of Newnan, a medical clinic in Griffin, and at least 17 other victims across the US. He stole the personal information of more…
Nemesis Market: Leading Darknet Market Seized
The infamous Nemesis Market, a leading figure in the darknet marketplace ecosystem, has been successfully seized. This operation dismantles a major hub of illegal online trade, ranging from narcotics to stolen data, affecting thousands of users worldwide. The Rise of…
North Korea’s Kimsuky Group Equipped to Exploit Windows Help files
Cybersecurity experts have uncovered a sophisticated cyber espionage campaign orchestrated by the North Korean threat actor group Kimsuky, Black Banshee, or Thallium. This group, notorious for its intelligence-gathering missions, has been active since at least 2012. It has primarily targeted…