-
Law enforcement operations disrupted BlackCat and LockBit RaaS operations, including sanctions on LockBit members aiming to undermine affiliate confidence. In response, LockBit publicly exposed an affiliate payment dispute, potentially causing further affiliate migration.Β The behavior of a major RaaS group is puzzling, as the financial loss from the dispute seems insignificant compared to the reputational [β¦] The post Ransomware Victims Who Opt To Pay Ransom Hits Record Low appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Oracle Virtualbox was identified and reported as having a critical vulnerability associated with Privilege Escalation and Arbitrary File Move/Delete. This vulnerability was assigned with CVE-2024-21111, and the severity was 7.8 (High).Β However, Oracle has acted swiftly upon the report and has patched the vulnerability accordingly. Following that, Oracle also released a security advisory to address [β¦] The post PoC Exploit Released For Critical Oracle VirtualBox Vulnerability appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
A new vulnerability has been unearthed, allowing attackers to gain rootkit-like abilities on Windows systems without requiring administrative privileges. Dubbed βMagicDot,β this vulnerability exploits the DOS-to-NT path conversion process within the Windows operating system. Here, we delve into the technical details of the vulnerability, the attack methods, the rootkit-like abilities it confers, and the mitigation [β¦] The post Windows MagicDot Path Flaw Lets Attackers Gain Rootkit-Like Abilities appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Detecting source code vulnerabilities aims to protect software systems from attacks by identifying inherent vulnerabilities.Β Prior studies often oversimplify the problem into binary classification tasks, which poses challenges for deep learning models to effectively learn diverse vulnerability characteristics.Β To address this, the following cybersecurity analysts introduced FGVulDet, a fine-grained vulnerability detector that employs multiple classifiers [β¦] The post FGVulDet β New Vulnerability Detector to Analyze Source Code appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
The Palo Alto Networks PAN-OS software has a criticalΒ command injection vulnerability that allows an unauthorized attacker to run arbitrary code on the firewall with root access.Β The vulnerability is identified as CVE-2024-3400, with a CVSS score of 10.0. Operation MidnightEclipse has been coined to describe its exploit. Palo Alto Networks confirmed targeted attacks using this [β¦] The post Operation MidnightEclipse: Hackers Actively Exploiting Palo Alto Networks Zero-Day Flaw appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Ahmed exploited a vulnerability in a decentralized cryptocurrency exchangeβs smart contract by injecting fabricated pricing data, which triggered the generation of inflated fees totaling $9 million, which he subsequently withdrew in cryptocurrency.Β Following the theft, Ahmed attempted to extort the exchange, proposing the return of a portion of the stolen funds ($7.5 million) on the [β¦] The post Ex-Security Engineer Jailed For Hacking Decentralized Cryptocurrency Exchanges appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
A new remote code execution vulnerability has been identified to be affecting multiple Microsoft products including .NET, .NET Framework and Visual Studio. This vulnerability has been assigned CVE-2024-21409, and its severity has been given as 7.3 (High). This vulnerability is associated with the Use After Free condition, in which the pointer to a memory is [β¦] The post Microsoft .NET, .NET Framework, & Visual Studio Vulnerable To RCE Attacks appeared first on GBHackers on Security | #1 Globally Trusted Cyber…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
In a recent security bulletin, Palo Alto Networks disclosed a critical vulnerability in its GlobalProtect Gateway, identified as CVE-2024-3400. This flaw, rooted in the PAN-OS operating system, has already been exploited in a limited number of attacks, raising alarms across the cybersecurity community. CVE-2024-3400 is classified under CWE-77, which pertains to the improper neutralization of [β¦] The post Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild appeared first on GBHackers on Security | #1 Globally Trusted Cyber…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
The software supply chain is filled with various challenges, such as untracked security vulnerabilities in open-source components and inconsistent update uptake.Β The lighttpd vulnerability was silently fixed in 2018 without any CVE assignment in a single instance of vulnerability detection. As a result, critical security patches are often lost on downstream software that relies on [β¦] The post 6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Fortraβs Robot Schedule Enterprise Agent permits a low-privileged user to elevate privileges to the local system level.Β The problem arises from the agentβs failure to adequately secure its service executable, which an attacker can exploit by swapping out the executable for a malicious one. As a result, the malicious code will run with elevated privileges [β¦] The post Fortra For Windows Vulnerability Let Attackers Escalate Privilege appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ