Google has released a patch addressing a critical zero-day vulnerability that has been actively exploited. This vulnerability, CVE-2024-32896, is a privilege escalation flaw within the Android Framework component. The patch, part of the Android Security Bulletin for September 2024, underscores…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
FBI Warns that North Korean Hackers Aggressively Attacking Employees of Crypto Companies
The FBI has issued a stark warning to cryptocurrency companies, highlighting increased sophisticated cyberattacks orchestrated by North Korean hackers. These attacks, primarily targeting employees within the decentralized finance (DeFi) and cryptocurrency sectors, are part of a broader strategy to steal…
New Fury Stealer Attacking Victims to Steal Login Passwords
A new malicious software named “Fury Stealer” has been detected, posing a significant threat to online security. The malware, created by an unidentified threat actor, is designed to steal sensitive information, including login passwords, from unsuspecting victims. Cybersecurity analyst MonThreat…
RCE Vulnerability in D-Link WAP Let Attackers Gain Remote Access
The D-Link DAP-2310 Wireless Access Point (WAP) has been identified as vulnerable to remote code execution (RCE). Dark Wolf Solutions discovered this vulnerability, which seriously threatens users by allowing attackers to gain unauthorized remote access. This guide delves into the…
New ManticoraLoader – Malware Attacking Citrix Users To Steal Data
Cyble Research & Intelligence Labs has recently found information about a new type of malware-as-a-service (MaaS) called ‘ManticoraLoader’ in some underground forums. Since August 8, 2024, on forums and Telegram, this MaaS service has been offered by the threat group…
Verkada Pay $2.95 Million Failed To Secure Data Lead To Massive Breach
The FTC has ordered Verkada to implement a comprehensive information security program to address its lax security practices that allowed a hacker to compromise customer security cameras. Verkada will pay a $2.95 million fine for violating the CAN-SPAM Act by…
New Custom Malware “Tickler” Attack Satellite Devices
Microsoft identified a new custom multi-stage backdoor, “Tickler,” deployed by the Iranian state-sponsored threat actor Peach Sandstorm between April and July 2024. Targeting sectors like satellite, communications equipment, oil and gas, and government, Tickler has been used to gather intelligence.…
North Korean Hackers Actively Exploiting Chromium RCE Zero-Day In The Wild
Microsoft has identified a North Korean threat actor, Citrine Sleet, exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution on cryptocurrency targets. The threat actor deployed the FudModule rootkit, previously attributed to Diamond Sleet, suggesting potential shared…
Head Mare Hacktivist Group Exploit WinRAR Vulnerability To Encrypt Windows And Linux
Head Mare, a Russian-focused hacktivist group, gained notoriety in 2023 by targeting organizations in Russia and Belarus as they employ phishing tactics to distribute WinRAR archives exploiting the CVE-2023-38831 vulnerability, gaining initial access to victims’ systems. Once inside, they steal…
Beware Of New Phishing Attack That Mimics ScreenConnect And Zoom
Zoom is a widely used videotelephony software used for virtual meetings, and its wide audience base attracts the hackers most. Cyble Research & Intelligence Labs (CRIL) has uncovered a sophisticated phishing operation targeting Zoom users. The scheme utilizes a fraudulent…