The Cybersecurity and Infrastructure Security Agency (CISA) has called upon federal agencies and organizations to take immediate action concerning a critical vulnerability affecting Ivanti Cloud Services Appliance (CSA) 4.6. The vulnerability, CVE-2024-8190, poses a significant threat as it allows cyber…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Crimson Palace Returns With New Hacking Tolls And Tactics
Cluster Bravo, despite its brief initial activity, subsequently targeted 11 organizations in the same region, as researchers found that these attackers used compromised environments within the same vertical for malware staging. Cluster Charlie, after being disrupted, returned with new techniques,…
Kali Linux 2024.3 Released With New Hacking Tools
Kali Linux 2024.3, the most recent iteration of Offensive Security’s highly regarded Debian-based distribution designed for ethical hacking and penetration testing, has been released. This new release is a major update that includes 11 new hacking tools and focuses on…
Hacker Tricks ChatGPT to Get Details for Making Homemade Bombs
A hacker known as Amadon has reportedly managed to bypass the safety protocols of ChatGPT, a popular AI chatbot developed by OpenAI, to generate instructions for creating homemade explosives. This incident raises significant questions about generative AI technologies’ security and…
Citrix Workspace App Vulnerable to Privilege Escalation Attacks
Citrix released a security bulletin (CTX691485) detailing two critical vulnerabilities in the Citrix Workspace app for Windows. These vulnerabilities, identified as CVE-2024-7889 and CVE-2024-7890, pose significant security risks. They allow local privilege escalation that could enable attackers to gain SYSTEM-level…
Beware Of Weaponized Excel Document That Delivers Fileless Remcos RAT
A recent advanced malware campaign leverages a phishing attack to deliver a seemingly benign Excel file that exploits CVE-2017-0199. By exploiting this vulnerability in Microsoft Office, attackers are able to embed malicious code within the file using OLE objects. It…
Hackers Exploiting Apache OFBiz RCE Vulnerability in the Wild
A critical vulnerability in the Apache OFBiz framework has been actively exploited by hackers. The flaw designated CVE-2024-45195, allows for unauthenticated remote code execution (RCE), posing a threat to organizations relying on OFBiz for their operations. CVE-2024-45195 – Vulnerability Details…
Docker Desktop Vulnerabilities Let Attackers Execute Remote Code
Docker has addressed critical vulnerabilities in Docker Desktop that could allow attackers to execute remote code. These vulnerabilities, identified as CVE-2024-8695 and CVE-2024-8696, highlight the ongoing risks associated with software extensions and the importance of timely updates. CVE-2024-8695: Crafted Extension…
Fortinet Confirms Data Breach Following Hacker’s Claim of 440GB Data Theft
Fortinet, a leading cybersecurity firm, has confirmed a data breach involving a third-party cloud service after a hacker, known by the alias “Fortibitch,” claimed to have stolen 440GB of data. The breach primarily affects a small number of Fortinet’s Asia-Pacific…
Mastercard to Acquire Threat Intel Firm Recorded Future for $2.65 Billion
In a strategic move to bolster its cybersecurity capabilities, Mastercard has announced an agreement to acquire Recorded Future, a leading global threat intelligence company, for $2.65 billion. This acquisition, from Insight Partners, aims to enhance Mastercard’s existing suite of services…