Wednesday, January 15, 2025
Follow us On Linkedin

Cyber Security News

Google's "Sign in with Google" Flaw Exposes Millions of Users' Details

Google’s “Sign in with Google” Flaw Exposes Millions of Users’ Details

Gurubaran - 0
A critical flaw in Google's "Sign in with Google" authentication system has left millions of Americans vulnerable to potential data theft.This vulnerability mainly...
Hackers Attacking Internet Connected Fortinet Firewalls

Hackers Attacking Internet Connected Fortinet Firewalls Using Zero-Day Vulnerability

Gurubaran - 0
A widespread campaign targeting Fortinet FortiGate firewall devices with exposed management interfaces on the public internet.The attacks, observed by Arctic Wolf between November...
Critical Vulnerability in macOS Allow Hackers to Bypass Apple’s System Integrity Protection (SIP)

Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection

Kaaviya - 0
Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass Apple’s System Integrity Protection (SIP).Known as CVE-2024-44243, this vulnerability...
CISA Released A Free Guide to Enhance OT Product Security

CISA Released A Free Guide to Enhance OT Product Security

Kaaviya - 0
To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new step-by-step guide designed to...

Microsoft Warns of MFA Issue Affecting Microsoft 365 users

Divya - 0
Microsoft has issued a warning regarding an ongoing issue with Multi-Factor Authentication (MFA) that is impacting some Microsoft 365 (M365) users.The problem, which surfaced...

RedCurl APT Deploys Malware via Windows Scheduled Tasks Exploitation

Aman Mishra - 0
Researchers identified RedCurl APT group activity in Canada in late 2024, where the attackers used scheduled tasks to execute pcalua.exe to run malicious binaries...

Hackers Using YouTube Links and Microsoft 365 Themes to Steal Logins

Aman Mishra - 0
Cybercriminals are executing sophisticated phishing attacks targeting Microsoft 365 users by employing deceptive URLs that closely resemble legitimate O365 domains, creating a high degree...

PoC Exploit Released for Critical macOS Sandbox Vulnerability (CVE-2024-54498)

Divya - 0
A proof-of-concept (PoC) exploit has been publicly disclosed for a critical vulnerability impacting macOS systems, identified as CVE-2024-54498.This vulnerability poses a significant security risk by...

IBM Robotic Process Automation Vulnerability Let Attackers Obtain Sensitive Data

Divya - 0
A newly disclosed security vulnerability in IBM Robotic Process Automation (RPA) has raised concerns about potential data breaches.The vulnerability, tracked as CVE-2024-51456, could allow remote attackers...
Load more

Recent News

Ivanti 0-Day Vulnerability Exploited in Wild-Patch Now

Divya - 0
Ivanti released a critical security advisory addressing vulnerabilities in its Connect Secure, Policy Secure, and ZTA Gateways products.This advisory reveals the existence of...

Weaponized LDAP Exploit Deploys Information-Stealing Malware

Aman Mishra - 0
Cybercriminals are exploiting the recent critical LDAP vulnerabilities (CVE-2024-49112 and CVE-2024-49113) by distributing fake proof-of-concept exploits for CVE-2024-49113 (dubbed "LDAPNightmare"). These malicious PoCs, often disguised...

Researchers Reveal Exploitation Techniques of North Korean Kimsuky APT Group

Aman Mishra - 0
Since 2013, the advanced persistent threat (APT) known as Kimsuky, which the North Korean government sponsors, has been actively conducting cyber espionage operations. It employs...
Criminal IP Launches Real-Time Phishing Detection Tool on Microsoft Marketplace

Criminal IP Launches Real-Time Phishing Detection Tool on Microsoft Marketplace

Kaaviya - 0
Criminal IP, a globally recognized Cyber Threat Intelligence (CTI) solution by AI SPERA, has launched its Criminal IP Malicious Link Detector add-in on the Microsoft Marketplace....

New Great Morpheus Hacker Group Claims Hacking Into Arrotex Pharmaceuticals And PUS GmbH

Aman Mishra - 0
A Data Leak Site (DLS) belonging to a new extortion group named Morpheus, which has stolen data from Arrotex Pharmaceuticals (Australia) on December 12th...

Furry Hacker Breaches Scholastic – Exposes Data of 8 Million People

Divya - 0
The education and publishing giant Scholastic has fallen victim to a significant data breach affecting approximately 8 million people.The breach, which has been attributed...

Washington State Filed Lawsuit Against T-Mobile Massive Data Breach

Divya - 0
Washington State Attorney General Bob Ferguson filed a consumer protection lawsuit against T-Mobile for its alleged failure to secure sensitive personal information of over...
Hackers Attacking Internet Connected Fortinet Firewalls

Hackers Attacking Internet Connected Fortinet Firewalls Using Zero-Day Vulnerability

Gurubaran - 0
A widespread campaign targeting Fortinet FortiGate firewall devices with exposed management interfaces on the public internet.The attacks, observed by Arctic Wolf between November...

Oracle WebLogic Vulnerability Actively Exploited in Cyber Attacks – CISA

Divya - 0
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding the active exploitation of critical vulnerabilities in various software, particularly spotlighting an...
Load more

Most Popular

How To Access Dark Web Anonymously and know its Secretive and Mysterious Activities

1
What is Deep WebThe deep web, invisible web, or hidden web are parts of the World Wide Web whose contents are not indexed by...

How to Build and Run a Security Operations Center (SOC Guide) – 2023

12
Today’s Cyber security operations center (CSOC) should have everything it needs to mount a competent defense of the ever-changing information technology (IT) enterprise.This includes...

Network Penetration Testing Checklist – 2024

0
Network Penetration Testing checklist determines vulnerabilities in the network posture by discovering open ports, troubleshooting live systems, and services, and grabbing system banners.The pen-testing helps...

Russian Hackers Bypass EDR to Deliver a Weaponized TeamViewer Component

0
TeamViewer's popularity and remote access capabilities make it an attractive target for those seeking to compromise systems for their gain.Threat actors target TeamViewer for...

Web Server Penetration Testing Checklist – 2024

0
Web server pentesting is performed under three significant categories: identity, analysis, and reporting vulnerabilities such as authentication weaknesses, configuration errors, and protocol relationship vulnerabilities. 1.  "Conduct a...

ATM Penetration Testing – Advanced Testing Methods to Find The Vulnerabilities

4
ATM Penetration testing, Hackers have found different approaches to hacking into ATM machines.Programmers are not restricting themselves to physical assaults, for example, money/card...

Operating Systems Can be Detected Using Ping Command

6
Operating Systems can be detected using Ping Command, Ping is a computer network administration software utility, used to find the Availability of a host...

Cloud Penetration Testing Checklist – 2024

1
Cloud Penetration Testing is a method of actively checking and examining the Cloud system by simulating the attack from the malicious code.Cloud computing is...

Web Application Penetration Testing Checklist – A Detailed Cheat Sheet

3
Web Application Pentesting is a method of identifying, analyzing, and Report the vulnerabilities which are existing in the Web application including buffer overflow, input...
Load more

Glossary

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2024 GBHackers On Security - All Rights Reserved