Divya, Author at GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Tor Network Suffers IP Spoofing Attack Via Non-Exit Relays

Divya — Mon, 11 Nov 2024 10:35:35 +0000

In late October 2024, a coordinated IP spoofing attack targeted the Tor network, prompting abuse complaints and temporary disruptions. While the attack affected non-exit relays and caused some relays to be taken offline, the overall impact on Tor users was limited. Tor directory authorities, relay operators, and the Tor Project sysadmin team began receiving numerous […]

The post Tor Network Suffers IP Spoofing Attack Via Non-Exit Relays appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Metasploit Framework Released with New Features

Divya — Mon, 11 Nov 2024 08:08:32 +0000

The Metasploit Framework, a widely used open-source penetration testing tool maintained by Rapid7, has introduced an exciting new release packed with cutting-edge features. The latest update includes new payloads targeting the emerging RISC-V architecture, a sophisticated SMB-to-HTTP(S) relay exploit for Active Directory Certificate Services (AD CS), and several new modules addressing high-profile vulnerabilities. These additions […]

The post Metasploit Framework Released with New Features appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat Actors Allegedly Claim Leak of 489 Million Lines of Instagram Data

Divya — Mon, 11 Nov 2024 07:11:11 +0000

A threat actor has allegedly scraped 489 million lines of Instagram user data, including sensitive information, which is now reportedly being sold on the dark web. DarkWebInformer’s official X account revealed the alarming incident, raising concerns over the scale and potential impact of the breach. The compromised data includes many user details, such as usernames, […]

The post Threat Actors Allegedly Claim Leak of 489 Million Lines of Instagram Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat Actors Allegedly Claim Leak of Harley-Davidson Database

Divya — Mon, 11 Nov 2024 06:23:17 +0000

Threat actors known as “888” have allegedly leaked the database of Appleton Harley-Davidson, a prominent dealership affiliated with the iconic motorcycle brand. The breach, first reported by DarkWebInformer on their account on X, has sparked concerns over the safety of customer data and the broader implications for cybersecurity in the retail automotive sector. Leak of […]

The post Threat Actors Allegedly Claim Leak of Harley-Davidson Database appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

CISA Warns of Critical Palo Alto Networks Vulnerability Exploited in Attacks

Divya — Fri, 08 Nov 2024 06:15:17 +0000

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns organizations of a critical vulnerability in Palo Alto Networks’ Expedition tool, which could lead to severe security breaches. The vulnerability, CVE-2024-5910, is classified as a “Missing Authentication” flaw that potentially allows attackers with network access to take control of an Expedition admin account. According to CISA’s […]

The post CISA Warns of Critical Palo Alto Networks Vulnerability Exploited in Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cisco Desk Phone Series Vulnerability Lets Remote Attacker Access Sensitive Information

Divya — Thu, 07 Nov 2024 12:28:08 +0000

A significant vulnerability (CVE-2024-20445) has been discovered in Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 that could allow remote, unauthenticated attackers to access sensitive information. This vulnerability, classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), is due to improper storage of sensitive information within the web […]

The post Cisco Desk Phone Series Vulnerability Lets Remote Attacker Access Sensitive Information appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cisco Flaw Let Attackers Run Command as Root User

Divya — Thu, 07 Nov 2024 06:03:54 +0000

A critical vulnerability has been discovered in Cisco Unified Industrial Wireless Software, which affects Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points. This flaw tracked as CVE-2024-20418 enables unauthenticated, remote attackers to perform command injection attacks and execute arbitrary commands as the root user on the underlying operating system of the affected devices. Vulnerability Details – […]

The post Cisco Flaw Let Attackers Run Command as Root User appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Azure API Management Vulnerabilities Let Attackers Escalate Privileges

Divya — Wed, 06 Nov 2024 09:53:27 +0000

Recent discoveries by Binary Security have revealed critical vulnerabilities in Azure API Management (APIM) that could allow attackers with minimal privileges to escalate their access and take full control over the APIM service. These vulnerabilities were reported to Microsoft, leading to some fixes. However, certain issues remain unresolved, exposing many users unless they manually disable legacy API […]

The post Azure API Management Vulnerabilities Let Attackers Escalate Privileges appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Google Patches High-Severity Vulnerabilities in Chrome

Divya — Wed, 06 Nov 2024 08:55:15 +0000

Google has released a new update for its Chrome browser, addressing two high-severity vulnerabilities. The Stable channel has now been updated to version 130.0.6723.116/.117 for Windows and Mac and version 130.0.6723.116 for Linux. The update will be rolled out to users over the next few days or weeks, and a complete list of changes is available in the Chrome […]

The post Google Patches High-Severity Vulnerabilities in Chrome appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

ClickFix Exploits GMeet & Zoom Pages to Deliver Sophisticated Malware

Divya — Tue, 05 Nov 2024 11:44:08 +0000

A new tactic, “ClickFix,” has emerged. It exploits fake Google Meet and Zoom pages to deliver sophisticated malware. The Sekoia Threat Detection & Research (TDR) team monitors this social engineering strategy closely. It represents a significant evolution in how threat actors deceive users into compromising their systems. The ClickFix strategy involves displaying deceptive error messages […]

The post ClickFix Exploits GMeet & Zoom Pages to Deliver Sophisticated Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.