GFI Software’s Kerio Control, a popular UTM solution, was found to be vulnerable to multiple HTTP Response Splitting vulnerabilities, which affecting versions 9.2.5 through 9.4.5, could potentially allow attackers to inject malicious code into web pages, leading to cross-site scripting…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
RiseLoader Attack Windows By Employed A VMProtect To Drop Multiple Malware Families
RiseLoader, a new malware family discovered in October 2024, leverages a custom TCP-based binary protocol similar to RisePro for downloading and executing second-stage payloads. Despite RisePro’s development discontinuation in June 2024, RiseLoader’s emergence suggests a potential connection to the threat…
Careto – A legendary Threat Group Targets Windows By Deploy Microphone Recorder And Steal Files
Recent research has linked a series of cyberattacks to The Mask group, as one notable attack targeted a Latin American organization in 2022, where attackers compromised the organization’s MDaemon email server and exploited the WorldClient webmail component to maintain persistent…
Cybercriminals Exploit Google Calendar and Drawings in Phishing Campaigns
Attackers are ingeniously exploiting Google Calendar and Google Drawings in phishing campaigns, targeting unsuspecting individuals and organizations. Leveraging the inherent trust in Google’s widely used tools, cybercriminals are successfully deceiving users into revealing sensitive information and compromising their accounts. Google…
Google’s New XRefer Tool To Analyze More Complex Malware Samples
XRefer, an IDA Pro plugin, enhances binary analysis with a persistent companion view by employing Gemini-powered cluster analysis to decompose binaries into functional units, providing high-level architectural overviews akin to viewing a city’s districts. Simultaneously, it offers a context-aware view…
Azure Data Factory And Apache Airflow Integration Flaws Let Attackers Gain Write Access
Researchers have uncovered vulnerabilities in Microsoft Azure Data Factory’s integration with Apache Airflow, which could potentially allow attackers to gain unauthorized access and control over critical Azure resources. By exploiting these vulnerabilities, attackers could compromise the integrity of the Azure…
Spring Framework Path Traversal Vulnerability (CVE-2024-38819) PoC Exploit Released
A Proof of Concept (PoC) exploit for the critical path traversal vulnerability identified as CVE-2024-38819 in the Spring Framework has been released, shedding light on a serious security issue affecting applications that serve static resources via functional web frameworks. This…
Multiple SHARP Routers Vulnerabilities Let Attackers Execute Arbitrary Code
Multiple vulnerabilities have been identified in SHARP routers, potentially allowing attackers to execute arbitrary code with root privileges or compromise sensitive data. Labeled under JVN#61635834, the vulnerabilities highlight significant security concerns for affected devices. Overview and Key Vulnerabilities JPCERT/CC, alongside…
Hackers Attacking Linux SSH Servers DDoS Bot cShell Using Screen & hping3 Tools
The AhnLab Security Intelligence Center (ASEC) has detected a new strain of malware targeting poorly protected Linux SSH servers. This malware, named “cShell,” exploits existing Linux tools such as screen and hping3 to launch distributed denial-of-service (DDoS) attacks, highlighting a growing concern for server…
CISA Releases Secure Practices for Microsoft 365 Cloud Services
The Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01: Implementing Secure Practices for Cloud Services, to enhance the cybersecurity posture of Federal Civilian Executive Branch (FCEB) agencies utilizing cloud services, including Microsoft 365. This directive,…