Wednesday, February 12, 2025
Follow us On Linkedin

Cyber Security News

Fortinet Zero-Day

Fortinet FortiOS & FortiProxy Zero-Day Exploited to Hijack Firewall & Gain Super Admin Access

Balaji - 0
Cybersecurity firm Fortinet has issued an urgent warning regarding a newly discovered zero-day authentication bypass vulnerability (CVE-2025-24472) affecting its FortiOS and FortiProxy products.This...

Microsoft Patch Tuesday February 2025: 61 Vulnerabilities Including 25 RCE & 3 0-Day

Gurubaran - 0
Microsoft has released its highly anticipated Patch Tuesday security updates for February 2025, addressing a wide range of vulnerabilities across its products and services.This...
Entra ID Accounts

Preventing Attackers from Permanently Deleting Entra ID Accounts with Protected Actions

Aman Mishra - 0
Microsoft Entra ID has introduced a robust mechanism called protected actions to mitigate the risks associated with unauthorized hard deletions of user accounts.This...
Single-Bit Fault Injection

Beyond the Horizon: Assessing the Viability of Single-Bit Fault Injection Attacks

Aman Mishra - 0
The realm of fault injection attacks has long intrigued researchers and security professionals.Among these, single-bit fault injection, a technique that seeks to manipulate...
Satellite

Satellite Weather Software Vulnerabilities Let Attackers Execute Code Remotely

Aman Mishra - 0
IBL Software Engineering has disclosed a significant security vulnerability, identified as CVE-2025-1077, affecting its Visual Weather software and derivative products, including Aero Weather, Satellite...

OpenAI Developing Its Own Chip to Reduce Reliance on Nvidia

Divya - 0
OpenAI, the organization behind ChatGPT and other advanced AI tools, is making significant strides in its efforts to reduce its dependency on Nvidia by...

New York Bans DeepSeek Over Potential Data Risks

Divya - 0
 New York Governor Kathy Hochul announced that the state has banned the use of the China-based AI startup DeepSeek on government-issued devices and networks.The...
Load more

Supply Chain Attack Prevention

SIEM as a Service

Recent News

Indian banks

New Banking Attacking Users of Indian banks to Steal Aadhar, PAN, ATM & Credit...

Aman Mishra - 0
A sophisticated malware campaign, dubbed "FatBoyPanel," has been uncovered by cybersecurity researchers, targeting users of Indian banks.This campaign, consisting of nearly 900 malware...
Free Email Services

Threat Actors Exploiting Free Email Services to Target Government and Educational Institutions

Aman Mishra - 0
Threat actors are increasingly leveraging free email services to infiltrate government and educational institutions, exploiting these platforms' accessibility and widespread use.Increasing Sophistication in...
SAML Bypass

SAML Bypass Authentication on GitHub Enterprise Servers to Login as Other User Account

Aman Mishra - 0
A severe security vulnerability, tracked as CVE-2025-23369, has been identified in GitHub Enterprise Server (GHES), allowing attackers to bypass SAML authentication and impersonate other...
Exploit ASP.NET Machine Keys to hack IIS

Hackers Exploit 3,000 ASP.NET Machine Keys to Hack IIS Web Servers Remotely

Balaji - 0
Microsoft has raised alarms about a new cyber threat involving ViewState code injection attacks exploiting publicly disclosed ASP.NET machine keys to compromise ISS web...

Apple’s macOS Kernel Vulnerability (CVE-2025-24118) Exposes Users to Privilege Escalation Attacks – PoC Released

Divya - 0
A critical privilege escalation vulnerability in Apple's macOS kernel has been revealed, posing a significant risk to users.The flaw, identified as CVE-2025-24118, affects multiple versions...
Entra ID Accounts

Preventing Attackers from Permanently Deleting Entra ID Accounts with Protected Actions

Aman Mishra - 0
Microsoft Entra ID has introduced a robust mechanism called protected actions to mitigate the risks associated with unauthorized hard deletions of user accounts.This...
DeepSeek

Threat Actors Exploiting DeepSeek’s Rise to Fuel Cyber Attacks

Aman Mishra - 0
Amid the surging popularity of DeepSeek, a cutting-edge AI reasoning model from an emerging Chinese startup, cybercriminals have wasted no time leveraging the widespread...
ScreenConnect

Cybercriminals Abusing ScreenConnect RMM Tool for Persistent Access

Aman Mishra - 0
Cybersecurity experts have identified an alarming trend of cybercriminals exploiting ConnectWise ScreenConnect, a widely-used Remote Monitoring and Management (RMM) tool, to establish persistent access...

12,000+ KerioControl Firewalls Exposed to 1-Click RCE Attack

Divya - 0
Cybersecurity researchers caution that over 12,000 instances of GFI KerioControl firewalls remain unpatched and vulnerable to a critical security flaw (CVE-2024-52875) that could be...
Load more

Most Popular

How To Access Dark Web Anonymously and know its Secretive and Mysterious Activities

1
What is Deep WebThe deep web, invisible web, or hidden web are parts of the World Wide Web whose contents are not indexed by...

How to Build and Run a Security Operations Center (SOC Guide) – 2023

12
Today’s Cyber security operations center (CSOC) should have everything it needs to mount a competent defense of the ever-changing information technology (IT) enterprise.This includes...

Network Penetration Testing Checklist – 2024

0
Network Penetration Testing checklist determines vulnerabilities in the network posture by discovering open ports, troubleshooting live systems, and services, and grabbing system banners.The pen-testing helps...

Russian Hackers Bypass EDR to Deliver a Weaponized TeamViewer Component

0
TeamViewer's popularity and remote access capabilities make it an attractive target for those seeking to compromise systems for their gain.Threat actors target TeamViewer for...

Web Server Penetration Testing Checklist – 2024

0
Web server pentesting is performed under three significant categories: identity, analysis, and reporting vulnerabilities such as authentication weaknesses, configuration errors, and protocol relationship vulnerabilities. 1.  "Conduct a...

ATM Penetration Testing – Advanced Testing Methods to Find The Vulnerabilities

4
ATM Penetration testing, Hackers have found different approaches to hacking into ATM machines.Programmers are not restricting themselves to physical assaults, for example, money/card...

Operating Systems Can be Detected Using Ping Command

6
Operating Systems can be detected using Ping Command, Ping is a computer network administration software utility, used to find the Availability of a host...

Cloud Penetration Testing Checklist – 2024

1
Cloud Penetration Testing is a method of actively checking and examining the Cloud system by simulating the attack from the malicious code.Cloud computing is...

Web Application Penetration Testing Checklist – A Detailed Cheat Sheet

3
Web Application Pentesting is a method of identifying, analyzing, and Report the vulnerabilities which are existing in the Web application including buffer overflow, input...
Load more

Glossary

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2024 GBHackers On Security - All Rights Reserved