Cyber Security News Archives - GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Researchers Detailed Credential Abuse Cycle

Gurubaran — Mon, 11 Nov 2024 11:11:46 +0000

Cybercriminals exploit leaked credentials, obtained through various means, to compromise systems and data, enabling them to gain unauthorized access. This can lead to data breaches, identity theft, and financial loss across diverse industries and geographic locations. Compromised credentials pose a significant security risk primarily due to data breaches and user negligence. In Q3 2024, they […]

The post Researchers Detailed Credential Abuse Cycle appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

New Android Malware SpyAgent Taking Screenshots Of User’s Devices

Aman Mishra — Mon, 11 Nov 2024 11:02:45 +0000

SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases from screenshots stored on infected devices. By stealthily capturing screenshots, the malware bypasses traditional security measures that rely on text-based detection, which allows it to efficiently identify and exfiltrate sensitive information, posing a significant threat to cryptocurrency users. Cybercriminals are employing […]

The post New Android Malware SpyAgent Taking Screenshots Of User’s Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Tor Network Suffers IP Spoofing Attack Via Non-Exit Relays

Divya — Mon, 11 Nov 2024 10:35:35 +0000

In late October 2024, a coordinated IP spoofing attack targeted the Tor network, prompting abuse complaints and temporary disruptions. While the attack affected non-exit relays and caused some relays to be taken offline, the overall impact on Tor users was limited. Tor directory authorities, relay operators, and the Tor Project sysadmin team began receiving numerous […]

The post Tor Network Suffers IP Spoofing Attack Via Non-Exit Relays appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Metasploit Framework Released with New Features

Divya — Mon, 11 Nov 2024 08:08:32 +0000

The Metasploit Framework, a widely used open-source penetration testing tool maintained by Rapid7, has introduced an exciting new release packed with cutting-edge features. The latest update includes new payloads targeting the emerging RISC-V architecture, a sophisticated SMB-to-HTTP(S) relay exploit for Active Directory Certificate Services (AD CS), and several new modules addressing high-profile vulnerabilities. These additions […]

The post Metasploit Framework Released with New Features appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat Actors Allegedly Claim Leak of 489 Million Lines of Instagram Data

Divya — Mon, 11 Nov 2024 07:11:11 +0000

A threat actor has allegedly scraped 489 million lines of Instagram user data, including sensitive information, which is now reportedly being sold on the dark web. DarkWebInformer’s official X account revealed the alarming incident, raising concerns over the scale and potential impact of the breach. The compromised data includes many user details, such as usernames, […]

The post Threat Actors Allegedly Claim Leak of 489 Million Lines of Instagram Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat Actors Allegedly Claim Leak of Harley-Davidson Database

Divya — Mon, 11 Nov 2024 06:23:17 +0000

Threat actors known as “888” have allegedly leaked the database of Appleton Harley-Davidson, a prominent dealership affiliated with the iconic motorcycle brand. The breach, first reported by DarkWebInformer on their account on X, has sparked concerns over the safety of customer data and the broader implications for cybersecurity in the retail automotive sector. Leak of […]

The post Threat Actors Allegedly Claim Leak of Harley-Davidson Database appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

CISA Warns of Critical Palo Alto Networks Vulnerability Exploited in Attacks

Divya — Fri, 08 Nov 2024 06:15:17 +0000

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns organizations of a critical vulnerability in Palo Alto Networks’ Expedition tool, which could lead to severe security breaches. The vulnerability, CVE-2024-5910, is classified as a “Missing Authentication” flaw that potentially allows attackers with network access to take control of an Expedition admin account. According to CISA’s […]

The post CISA Warns of Critical Palo Alto Networks Vulnerability Exploited in Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cisco Desk Phone Series Vulnerability Lets Remote Attacker Access Sensitive Information

Divya — Thu, 07 Nov 2024 12:28:08 +0000

A significant vulnerability (CVE-2024-20445) has been discovered in Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 that could allow remote, unauthenticated attackers to access sensitive information. This vulnerability, classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), is due to improper storage of sensitive information within the web […]

The post Cisco Desk Phone Series Vulnerability Lets Remote Attacker Access Sensitive Information appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cisco Flaw Let Attackers Run Command as Root User

Divya — Thu, 07 Nov 2024 06:03:54 +0000

A critical vulnerability has been discovered in Cisco Unified Industrial Wireless Software, which affects Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points. This flaw tracked as CVE-2024-20418 enables unauthenticated, remote attackers to perform command injection attacks and execute arbitrary commands as the root user on the underlying operating system of the affected devices. Vulnerability Details – […]

The post Cisco Flaw Let Attackers Run Command as Root User appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Researchers Detailed Credential Abuse Cycle

Gurubaran — Wed, 06 Nov 2024 12:33:49 +0000

The United States Department of Justice has unsealed an indictment against Anonymous Sudan, a hacking group responsible for distributed denial-of-service attacks. LameDuck, a new threat actor, has carried out several massive distributed denial of service (DDoS) attacks to affect critical infrastructure, cloud providers, and various industries. The group leverages social media to amplify its impact […]

The post Researchers Detailed Credential Abuse Cycle appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.