Thursday, February 13, 2025
Follow us On Linkedin

Cyber Security News

Windows GUI Vulnerability

New Microsoft Windows GUI 0-Day Vulnerability Actively Exploited in the Wild

Balaji - 0
A newly discovered vulnerability in Microsoft Windows, identified by ClearSky Cyber Security, is reportedly being actively exploited by the Chinese state-sponsored Advanced Persistent Threat...
Burp Suite Professional 2025.2

Burp Suite Professional / Community 2025.2 Released With New Built-in AI Integration

Balaji - 0
PortSwigger has announced the release of Burp Suite Professional and Community Edition 2025.2, introducing significant updates that include AI integration into the Montoya API,...
Wordpress

Arbitrary File Upload Vulnerability in WordPress Plugin Let Attackers Hack 30,000 Website

Aman Mishra - 0
A subgroup of the Russian state-sponsored hacking group Seashell Blizzard, also known as Sandworm, has intensified its cyber operations through a campaign dubbed BadPilot.This...
Seashell Blizzard’s Attacks

BadPilot Attacking Network Devices to Expand Russian Seashell Blizzard’s Attacks

Aman Mishra - 0
A newly uncovered cyber campaign, dubbed "BadPilot," has been linked to a subgroup of the Russian state-sponsored hacking collective Seashell Blizzard, also known as...
Pyramid Pentesting Tool

Cybercriminals Exploit Pyramid Pentesting Tool for Covert C2 Communications

Aman Mishra - 0
Cybersecurity analysts have identified that hackers are leveraging the open-source Pyramid pentesting tool to establish stealthy command-and-control (C2) communications.Originally designed as a post-exploitation...
Local communities

Threat Actors in Russia, China, and Iran Targeting Local communities in the U.S

Aman Mishra - 0
Foreign adversaries, including Russia, China, and Iran, are intensifying their efforts to manipulate public opinion and destabilize local communities across the United States.These...
Phishing Attacks

New Phishing Attacks Abuses Webflow CDN & CAPTCHAs to Steal Credit Card details

Aman Mishra - 0
Netskope Threat Labs has uncovered a sophisticated phishing campaign targeting users across various industries, including technology, manufacturing, and banking.This campaign, active since mid-2024,...
Load more

Supply Chain Attack Prevention

SIEM as a Service

Recent News

MITRE ATT&CK tags

Enhancing Threat Detection With Improved Metadata & MITRE ATT&CK tags

Aman Mishra - 0
The cybersecurity landscape continues to evolve rapidly, demanding more sophisticated tools and methodologies to combat emerging threats.In response, Proofpoint's Emerging Threats (ET) team...

LLM Hijackers Exploit DeepSeek-V3 Model Just One Day After Launch

Divya - 0
Hackers reportedly gained unauthorized access to the cutting-edge DeepSeek-V3 model within just 24 hours of its high-profile release.DeepSeek-V3, a state-of-the-art large language model (LLM)...

Linux Kernel 6.14-rc2 Released – What’s Newly Added !

Divya - 0
Linus Torvalds, lead developer of the Linux kernel, announced the second release candidate (rc2) of Linux Kernel 6.14, providing developers and enthusiasts with a...
Microsoft Key Management Service (KMS)

Russian Hackers Leverages Weaponized Microsoft Key Management Service (KMS) to Hack Windows Systems

Aman Mishra - 0
In a calculated cyber-espionage campaign, the Russian state-sponsored hacking group Sandworm (APT44), linked to the GRU (Russia’s Main Intelligence Directorate), has been exploiting pirated...
SonicWall Firewalls

SonicWall Firewalls Exploit Hijack SSL VPN Sessions to Gain Networks Access

Aman Mishra - 0
SonicWall firewalls running specific versions of SonicOS are vulnerable to a critical authentication bypass flaw, tracked as CVE-2024-53704, which allows attackers to hijack active...

12,000+ KerioControl Firewalls Exposed to 1-Click RCE Attack

Divya - 0
Cybersecurity researchers caution that over 12,000 instances of GFI KerioControl firewalls remain unpatched and vulnerable to a critical security flaw (CVE-2024-52875) that could be...

Critical Chrome Flaw Allows Attackers to Remotely Execute Code

Divya - 0
Google has released an urgent update for its Chrome browser to address a critical security vulnerability that could allow attackers to remotely execute malicious...

Widespread Exploitation of ThinkPHP and OwnCloud Flaws by Cybercriminals

Divya - 0
 GreyNoise has detected a significant surge in exploitation activity targeting two vulnerabilities — CVE-2022-47945 and CVE-2023-49103.The alarming uptick in attacks underscores critical issues in...

Splunk Introduces “DECEIVE” an AI-Powered Honeypot to Track Cyber Threats

Divya - 0
Splunk has unveiled DECEIVE (DECeption with Evaluative Integrated Validation Engine), an innovative, AI-augmented honeypot that mimics real-world systems to lure and study cyber attackers.By leveraging advanced...
Load more

Most Popular

How To Access Dark Web Anonymously and know its Secretive and Mysterious Activities

1
What is Deep WebThe deep web, invisible web, or hidden web are parts of the World Wide Web whose contents are not indexed by...

How to Build and Run a Security Operations Center (SOC Guide) – 2023

12
Today’s Cyber security operations center (CSOC) should have everything it needs to mount a competent defense of the ever-changing information technology (IT) enterprise.This includes...

Network Penetration Testing Checklist – 2024

0
Network Penetration Testing checklist determines vulnerabilities in the network posture by discovering open ports, troubleshooting live systems, and services, and grabbing system banners.The pen-testing helps...

Russian Hackers Bypass EDR to Deliver a Weaponized TeamViewer Component

0
TeamViewer's popularity and remote access capabilities make it an attractive target for those seeking to compromise systems for their gain.Threat actors target TeamViewer for...

Web Server Penetration Testing Checklist – 2024

0
Web server pentesting is performed under three significant categories: identity, analysis, and reporting vulnerabilities such as authentication weaknesses, configuration errors, and protocol relationship vulnerabilities. 1.  "Conduct a...

ATM Penetration Testing – Advanced Testing Methods to Find The Vulnerabilities

4
ATM Penetration testing, Hackers have found different approaches to hacking into ATM machines.Programmers are not restricting themselves to physical assaults, for example, money/card...

Operating Systems Can be Detected Using Ping Command

6
Operating Systems can be detected using Ping Command, Ping is a computer network administration software utility, used to find the Availability of a host...

Cloud Penetration Testing Checklist – 2024

1
Cloud Penetration Testing is a method of actively checking and examining the Cloud system by simulating the attack from the malicious code.Cloud computing is...

Web Application Penetration Testing Checklist – A Detailed Cheat Sheet

3
Web Application Pentesting is a method of identifying, analyzing, and Report the vulnerabilities which are existing in the Web application including buffer overflow, input...
Load more

Glossary

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2024 GBHackers On Security - All Rights Reserved