-
Head Mare, a Russian-focused hacktivist group, gained notoriety in 2023 by targeting organizations in Russia and Belarus as they employ phishing tactics to distribute WinRAR archives exploiting the CVE-2023-38831 vulnerability, gaining initial access t…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Microsoft has identified a North Korean threat actor, Citrine Sleet, exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution on cryptocurrency targets.Β The threat actor deployed the FudModule rootkit, previously a…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
The FBI, CISA, MS-ISAC, and HHS have released a joint advisory detailing known RansomHub ransomware indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs).Β RansomHub, a ransomware-as-a-service variant, has been active since Feb…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
The FBI, CISA, MS-ISAC, and HHS have released a joint advisory detailing known RansomHub ransomware indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs).Β RansomHub, a ransomware-as-a-service variant, has been active since Feb…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
A critical vulnerability has been identified in App::cpanminus (cpanm), a widely used tool for downloading and installing Perl modules. This vulnerability, CVE-2024-45321, exposes users to potential cyber threats. It allows attackers to intercept and manipulate traffic during module installation. CVE-2024-45321 β Vulnerability Details App::cpanminus, known for its lightweight and efficient handling of Perl module installations, [β¦] The post Critical Vulnerability in Perl Module Installer Let Attackers Intercept Traffic appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Versa Networks specializes in successful business. It offers Secure Access Service Edge (SASE), consolidating networking and security services in a single, cloud-based platform. Enterprises and service providers can redesign their networks to achieve new levels of business success with the help of their SD-WAN and SD-LAN product portfolios. The Security Research Team of Versa recently [β¦] The post Versa Director Zero-day Vulnerability Let Attackers Upload Malicious Files appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
The MLOps pipeline automates the machine learning lifecycle, from model training to deployment, which involves defining the pipeline using Python code, monitoring for dataset or model parameter changes, training new models, evaluating them, and deploying successful models to production.Β Model registries like MLFlow act as version control systems for ML models, allowing for easy tracking [β¦] The post Researchers Disclosed 20 Vulnerabilities Exploited To Attack ML Used In Orgs appeared first on GBHackers on Security | #1 Globally Trusted Cyber…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Rockwell Automationβs ThinManager ThinServer has been found to contain multiple critical vulnerabilities that could allow attackers to execute remote code. Nicholas Zubrisky of Trend Micro Security Research discovered the flaws, identified as CVE-2024-7986, CVE-2024-7987, and CVE-2024-7988, and published a detailed advisory. Vulnerability Overview The vulnerabilities affect several versions of ThinManager ThinServer, a widely used platform [β¦] The post Rockwell Automation ThinManager Flaw Let Attackers Execute Remote Code appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
A security researcher revealed a critical vulnerability in Microsoft Copilot, a tool integrated into Microsoft 365, which allowed hackers to exfiltrate sensitive data. The exploit, disclosed to Microsoft Security Response Center (MSRC) earlier this year, combines several sophisticated techniques that pose a significant data integrity and privacy risk. Letβs delve into the details of this [β¦] The post Microsoft Copilot Prompt Injection Vulnerability Let Hackers Exfiltrate Sensitive Data appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
A critical vulnerability has been identified in Versa Director, a vital component of the companyβs SD-WAN solution. The vulnerability, officially designated as CVE-2024-39717, allows attackers to upload potentially malicious files, granting them system administrator access. This issue explicitly affects users with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin privileges. Exploitation and Impact An Advanced Persistent Threat (APT) actor has [β¦] The post Vesra File Type Upload Vulnerability Lets Attackers Gain Sys-Admin Access from MSP appeared first on GBHackers on Security | #1 Globally Trusted…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ