-
A new zero-day Local Privilege Escalation (LPE) exploit has been put up for sale on a notorious hacker forum. This exploit, which has not yet been assigned a Common Vulnerabilities and Exposures (CVE) reference, is said to be capable of granting unauthorized users elevated privileges on any Windows system. The asking price for this dangerous [β¦] The post Alert! Windows LPE Zero-day Exploit Advertised on Hacker Forums appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Researchers investigated a recent Agent Tesla malware campaign targeting US and Australian organizations, which used phishing emails with fake purchase orders to trick victims into clicking malicious links.Β Upon clicking, an obfuscated Agent Tesla sample protected by Cassandra Protector was downloaded and executed, stealing keystrokes and login credentials.Β The investigation identified two cybercriminals, Bignosa (the [β¦] The post AGENT TESLA Malware Steals login Credentials From Chrome & Firefox appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Threat actors target home users with information-stealing malware like Vidar, StealC, and Lumma Stealer, which disguises the malware as pirated software and video game cracks in YouTube videos.Β The videos appear to instruct users on obtaining free software or game upgrades. Still, a link in the description leads to malware, where the attackers compromise legitimate [β¦] The post Threat Actors Deliver Malware via YouTube Video Game Cracks appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
The professional and personal online spheres are merging as social media platforms like Facebook, LinkedIn, and WhatsApp are now commonly used for work communication. Their integration creates cybersecurity vulnerabilities.Β Threat actors can target employees on social media using their accounts accessed from work devices. These accounts act as attack vectors, allowing unauthorized access to the [β¦] The post Microsoft Two-Step Phishing Campaign Attack LinkedIn Users appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
The research investigates the persistence and scale of AI package hallucination, a technique where LLMs recommend non-existent malicious packages.Β The Langchain framework has allowed for the expansion of previous findings by testing a more comprehensive range of questions, programming languages (Python, Node.js, Go,.NET, and Ruby), and models (GPT-3.5-Turbo, GPT-4, Bard, and Cohere).Β The aim is [β¦] The post AI Package Hallucination β Hackers Abusing ChatGPT, Gemini to Spread Malware appeared first on GBHackers on Security | #1 Globally Trusted Cyber…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Global threat intelligence (GTI) is crucial for cybersecurity as it offers real-time data on emerging and persistent cyber threats worldwide. Threats can originate anywhere, so understanding regional variations is essential.Β For example, North Korean actors target government infrastructure, while Eastern Europe is a hub for Ransomware-as-a-Service (RaaS) like LockBit. Organizations must leverage GTI from various [β¦] The post What is Global Threat Intelligence? β SOC/DIFR Team Guide appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News…
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
-
Security researchers have uncovered a sophisticated method of exploiting the Dynamic Host Configuration Protocol (DHCP) administrators group to escalate privileges within Windows domains. This technique, dubbed βDHCP Coerce,β leverages legitimate privileges to compromise entire networks potentially. The vulnerability centers around the DHCP (Dynamic Host Configuration Protocol) service, which is essential for network administration. It automates [β¦] The post DHCP Hacked to Escalate Privileges in Windows Domains appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
ΒΆΒΆΒΆΒΆΒΆ
CYBERSECURITY / DEFENSE / INTELLIGENCE
