Aggregator

The cybercriminal uses the service of Proton66, an infamous Russian-based bulletproof hosting provider, to deploy malware

A recent cyberattack campaign leveraging the DarkCloud stealer has been identified, targeting Spanish companies and local offices of international organizations across various industries. The attackers are spoofing a legitimate Spanish company specializing in mountain and skiing equipment to deliver malicious payloads via email. The emails, which use billing-themed social engineering tactics, feature subjects such as […]

The post DarkCloud Stealer Uses Weaponized .TAR Archives to Target Organizations and Steal Passwords appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Submit #545893 / VDB-303158

Submit #545883 / VDB-303157

Submit #545867 / VDB-303146

Submit #545866 / VDB-303156

Researchers from Bishop Fox have successfully exploited CVE-2024-53704, an authentication bypass vulnerability that affects SonicWall firewalls. This critical flaw allows remote attackers to hijack active SSL VPN sessions, enabling unauthorized network access without requiring user credentials. If left unpatched, the vulnerability poses significant risks to organizations relying on SonicWall devices for their network security. CVE-2024-53704: The […]

The post SonicWall Firewall Vulnerability Enables Unauthorized Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Seashell Blizzard, also known as APT44, Sandworm, and Voodoo Bear, has emerged as a sophisticated adversary targeting critical sectors worldwide. Associated with Russia’s Military Intelligence Unit 74455 (GRU), this group has been active since at least 2009, focusing on sectors such as energy, telecommunications, government, military, manufacturing, and retail. Their operations often involve long-term access […]

The post Russian Seashell Blizzard Targets Organizations Using Custom-Built Hacking Tools appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

EvilCorp, a sanctioned Russia-based cybercriminal enterprise, has been observed collaborating with RansomHub, one of the most active ransomware-as-a-service (RaaS) operations. This partnership has heightened the threat landscape, as both entities leverage advanced tools and techniques to target organizations across the globe. EvilCorp: A History of Cybercrime EvilCorp, led by Maksim Yakubets, has long been notorious […]

The post EvilCorp and RansomHub Collaborate to Launch Worldwide Attacks on Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Web applications are facing a growing challenge from “gray bots,” a category of automated programs that exploit generative AI to scrape vast amounts of data. Unlike traditional malicious bots, gray bots occupy a middle ground, engaging in activities that, while not overtly harmful, often raise ethical and operational concerns. Recent research highlights the scale of […]

The post AI-Powered Gray Bots Target Web Applications with Over 17,000 Requests Per Hour appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Plus Addons for Elementor Plugin up to 5.4.2 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Countdown Widget. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-3199. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Happy Addons for Elementor Plugin up to 3.10.6 on WordPress. It has been classified as problematic. Affected is an unknown function of the component Calendly Widget. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-3890. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in Plus Addons for Elementor Plugin up to 5.4.2 on WordPress. This vulnerability affects unknown code of the component Custom Attributes Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-3197. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in BOSSCMS 3.10. Affected is an unknown function of the component Code Configuration Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-31609. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in WP Google Review Slider Plugin up to 13.5 on WordPress. It has been classified as problematic. Affected is an unknown function of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-2310. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A sophisticated web-skimming campaign has been discovered, leveraging a deprecated Stripe API to validate stolen credit card data before exfiltration. This novel strategy ensures that only valid and usable card details are exfiltrated, making the operation highly efficient and harder to detect. Detailed insights into the attack have revealed alarming trends and vulnerabilities affecting numerous […]

The post New Web Skimming Attack Exploits Legacy Stripe API to Validate Stolen Card Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly discovered attack campaign has exposed vulnerabilities in Apache Tomcat servers, allowing hackers to hijack resources and steal SSH credentials. Researchers from Aqua Nautilus revealed that these attacks, which weaponized botnets within 30 hours of discovery, employ encrypted payloads and advanced persistence mechanisms to infiltrate systems running both Windows and Linux platforms. The attackers […]

The post Hackers Exploit Apache Tomcat Flaw to Hijack Servers and Steal SSH Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Команда HLT - виновница низкой производительности ОС?

The North Korean threat actors behind Contagious Interview have adopted the increasingly popular ClickFix social engineering tactic to lure job seekers in the cryptocurrency sector to deliver a previously undocumented Go-based backdoor called GolangGhost on Windows and macOS systems. The new activity, assessed to be a continuation of the campaign, has been codenamed ClickFake Interview by

游戏MOD（即游戏修改器）是一种能够对游戏进行修改或增强的程序，因其能够提升游戏体验，在玩家群体中拥有一定的市场。然而，这类程序大多由第三方开发者制作，容易缺乏完善的安全保障机制，这就为不法分子提供了