A critical vulnerability in the Apache OFBiz framework has been actively exploited by hackers. The flaw designated CVE-2024-45195, allows for unauthenticated remote code execution (RCE), posing a threat to organizations relying on OFBiz for their operations. CVE-2024-45195 – Vulnerability Details…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Docker Desktop Vulnerabilities Let Attackers Execute Remote Code
Docker has addressed critical vulnerabilities in Docker Desktop that could allow attackers to execute remote code. These vulnerabilities, identified as CVE-2024-8695 and CVE-2024-8696, highlight the ongoing risks associated with software extensions and the importance of timely updates. CVE-2024-8695: Crafted Extension…
Fortinet Confirms Data Breach Following Hacker’s Claim of 440GB Data Theft
Fortinet, a leading cybersecurity firm, has confirmed a data breach involving a third-party cloud service after a hacker, known by the alias “Fortibitch,” claimed to have stolen 440GB of data. The breach primarily affects a small number of Fortinet’s Asia-Pacific…
Mastercard to Acquire Threat Intel Firm Recorded Future for $2.65 Billion
In a strategic move to bolster its cybersecurity capabilities, Mastercard has announced an agreement to acquire Recorded Future, a leading global threat intelligence company, for $2.65 billion. This acquisition, from Insight Partners, aims to enhance Mastercard’s existing suite of services…
Hackers Exploiting Progress WhatsUp RCE Vulnerability In The Wild
RCE attacks on WhatsUp Gold exploited the Active Monitor PowerShell Script to execute malicious code, as the vulnerabilities CVE-2024-6670 and CVE-2024-6671, patched on August 16, were leveraged to execute remote access tools and gain persistence. Despite the availability of patches,…
Critical Vulnerabilities in JPEG 2000 Library Let Attackers Execute Remote Code
Exploiting memory corruption vulnerabilities in server-side software often requires knowledge of the binary and environment, which limits the attack surface, especially for unknown binaries and load-balanced environments. Successful exploitation is challenging due to the difficulty of preparing the heap and…
Threat Actors Using New Malware Toolkit That Involves IIS Backdoor, DNS Tunneling
The Iranian threat actor APT34, also known as GreenBug, has recently launched a new campaign targeting Iraqi government entities by employing a custom toolset, including a novel IIS backdoor and DNS tunneling protocol. The malware used in this campaign shares…
CosmicBeetle Exploiting Old Vulnerabilities To Attacks SMBs All Over The World
CosmicBeetle, a threat actor specializing in ransomware, has recently replaced its old ransomware, Scarab, with ScRansom, a custom-built ransomware that continues to evolve. The threat actor has been actively targeting SMBs worldwide, exploiting vulnerabilities to gain access to their systems…
New Loki Backdoor Attacking macOS Systems
Cody Thomas developed Apfell, an open-source macOS post-exploitation framework, in 2018 and evolved into Mythic, a cross-platform framework that addresses the limitations of existing tools. Mythic provides a unified interface for managing agents written in various languages for different platforms,…
New Developer-As-A-Service In Hacking Forums Empowering Phishing And Cyberattacks
SCATTERED SPIDER, a ransomware group, leverages cloud infrastructure and social engineering to target insurance and financial institutions by using stolen credentials, SIM swaps, and cloud-native tools to gain and maintain access, impersonating employees to deceive victims. Their partnership with BlackCat…