-
The popular open-source platform Grafana, widely used for monitoring and observability, has been found to contain a severe SQL injection vulnerability. This flaw allows attackers with valid user credentials to execute arbitrary SQL commands, potentially leading to data leakage and other security breaches. Vulnerability Description and Impact The vulnerability resides in the Grafana SQL package, [β¦] The post Grafana Tool Vulnerability Let Attackers Inject SQL Queries appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Cybersecurity experts have meticulously traced the timeline of a sophisticated ransomware attack that spanned 29 days from the initial breach to the deployment of Dagon Locker ransomware. This case study not only illuminates cybercriminalsβ efficiency and persistence but also underscores the evolving landscape of cyber threats that organizations face today. Initial Compromise and Escalation The [β¦] The post Hackers Tool 29 Days from Initial Hack to Sabotage Ransomware Attack appeared first on GBHackers on Security | #1 Globally Trusted Cyber…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
A new ransomware named KageNoHitobito has been targeting Windows users across various countries. It encrypts their data and demands a ransom through sophisticated means. This article delves into the mechanics of the KageNoHitobito ransomware and its attack methodology and provides a brief overview of another emerging threat, the DoNex ransomware. Infection Vector/Victimology The KageNoHitobito ransomware [β¦] The post KageNoHitobito Ransomware Attacking Windows Users Around the Globe appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Okta has issued a warning about the increasing prevalence of credential-stuffing attacks. These attacks, which leverage stolen user credentials to gain unauthorized access to accounts, are facilitated by the widespread use of residential proxy services. This alarming trend underscores the evolving challenges in cybersecurity and highlights the need for robust defensive measures. The Rise of [β¦] The post Okta Warns of Credential Stuffing Attacks Using Proxy Services appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
A new family of mobile malware known as βBrokewellβ has been found to have a wide range of device takeover capabilities.Β This seriously threatens the banking sector by giving attackers remote access to all the resources made available via mobile banking. New instructions introduced virtually every day indicate the Trojan is still under development.Β Experts [β¦] The post Android Malware Brokewell With Complete Device Takeover Capabilities appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
A recent malware campaign used a VBA macro in a Word document to download and execute a 64-bit Rust binary. This binary employs fileless injection techniques to load a malicious AgentTesla payload into its memory space.Β The malware leverages CLR hosting, a mechanism for native processes to execute.NET code, to achieve this, and the.NET runtime [β¦] The post Fileless .NET Based Code Injection Attack Delivers AgentTesla Malware appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Some router models have identified a security vulnerability that allows attackers to bypass authentication. To exploit this vulnerability, an attacker must know the WiFi password or have an Ethernet connection to a device on the victimβs network.Β Firmware updates that address this vulnerability are available for the following routers: RAX35 (version 1.0.6.106), RAX38 (version 1.0.6.106), [β¦] The post NETGEAR buffer Overflow Vulnerability Let Attackers Bypass Authentication appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Hackers often target CrushFTP servers as they contain sensitive data and are used for file sharing and storage. This makes them attractive targets for data theft and ransomware attacks for the threat actors.Β Besides this, the vulnerabilities in CrushFTP servers can be exploited to gain unauthorized access to networks or distribute malware to connected systems. [β¦] The post 5000+ CrushFTP Servers Hacked Using Zero-Day Exploit appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
DDoS attacks are a significant and growing risk that can overpower websites, crash servers, and block out authorized users with never-ending waves of offensive traffic. More than 13 million DDoS attacks were recorded in 2023 alone, which reveals the real danger of unmitigated attacks.Β NetScout researchers recently discovered that threat actors executed 13,142,840 DDoS attacks [β¦] The post 13,142,840 DDoS Attacks Targeted Organization Around The Globe appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Hackers have leveraged an old Microsoft Office vulnerability, CVE-2017-8570, to deploy the notorious Cobalt Strike Beacon, targeting systems in Ukraine. It has been closely monitoring the situation and has successfully detected all stages of the attack. CVE-2017-8570: The Initial Vector The attack begins with the exploitation of CVE-2017-8570, a vulnerability first identified in 2017. This [β¦] The post Hackers Exploit Old Microsoft Office 0-day to Deliver Cobalt Strike appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
CYBERSECURITY / DEFENSE / INTELLIGENCE
