A well-coordinated cyber intrusion, spanning 11 days, culminated in the deployment of LockBit ransomware across a corporate environment. The attack, which began with the execution of a malicious file posing as a Windows Media Configuration Utility, displayed a sophisticated playbook…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Weaponised XWorm RAT Builder Attacking Script Kiddies To Hack 18,000 Devices
A recent cybersecurity attack involving a Trojanized version of the XWorm Remote Access Trojan (RAT) builder has compromised over 18,000 devices worldwide. This sophisticated malware, primarily distributed via GitHub repositories, Telegram channels, and other platforms, has targeted cybersecurity novices, also…
New SCAVY Framework to Detect Memory Corruption Privilege Escalation in Linux Kernel
A breakthrough framework named SCAVY has been introduced to proactively detect memory corruption targets that could potentially lead to privilege escalation in the Linux kernel. Presented at the prestigious USENIX Security Symposium in August 2024, the framework aims to address long-standing gaps…
Researchers Exploited Windows Charset Conversion Feature to Execute Remote Code
Researchers have exposed a systemic vulnerability within the Windows operating system, leveraging its “Best-Fit” charset conversion feature to bypass security checks and execute remote code. The findings highlight widespread implications across various applications, with real-world exploitation scenarios impacting widely used…
GitLab Security Update – Patch for Multiple Vulnerabilities
GitLab, the widely adopted DevOps platform, has announced the immediate release of versions 17.8.1, 17.7.3, and 17.6.4 for both its Community Edition (CE) and Enterprise Edition (EE). These updates address multiple security vulnerabilities and provide critical fixes, underscoring GitLab’s commitment to maintaining…
Critical Vulnerability in Meta Llama Framework Let Remote Attackers Execute Arbitrary Code
The Oligo Research team has disclosed a critical vulnerability in Meta’s widely used Llama-stack framework. This vulnerability, tracked as CVE-2024-50050, allows remote attackers to execute arbitrary code on servers running the Llama-stack framework. Due to its potential impact, the flaw has…
Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access
In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a colleague unearthed a major security vulnerability in Subaru’s STARLINK connected vehicle service. The flaw allowed unauthorized, unrestricted access to vehicles and customer accounts across the United…
Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights
A security flaw found in Android-based kiosk tablets at luxury hotels has exposed a grave vulnerability, potentially allowing attackers to control air conditioning, lighting, and other room functions remotely. The investigation, highlighted by security researchers at LAC Co., Ltd., reveals…
Android Kisok Tablets Vulnerability Let Attackers Control AC & Lights
A startling security flaw found in Android-based kiosk tablets at luxury hotels has exposed a grave vulnerability, potentially allowing attackers to control air conditioning, lighting, and other room functions remotely. The investigation, highlighted by security researchers at LAC Co., Ltd.,…
CISA Releases Six ICS Advisories Details Security Issues
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS) advisories addressing vulnerabilities in a range of critical systems. These advisories aim to inform organizations about risks that could lead to unauthorized access, system compromise, or…