Malicious PyPI Package Attacking Discord Users To Steal Credentials
GBHackers On Security
by Tushar Subhra Dutta
6h ago
Hackers often target PyPI packages to exploit vulnerabilities and inject malicious code into widely used Python libraries. Recently, cybersecurity researchers at FortiGuard Labs identified a malicious PyPI package attacking Discord users to steal credentials. The malicious PyPI package that was discovered is described as “discordpy_bypass-1.7,” published on March 10th, 2024, and detected on March 12, 2024. discordpy_bypass-1.7 (Source – Fortinet) The package, authored by Theaos and consisting of seven versions with almost similar characteristics, is intended to obtain sensitive information fro ..read more
Visit website
Beware Of Weaponized Zip Files That Deliver WINELOADER Malware
GBHackers On Security
by Raga Varshini
6h ago
APT29, a Russian threat group, targeted German political parties with a new backdoor called WINELOADER using spear-phishing emails containing malicious links to ZIP files hosted on compromised websites. The ZIP files deployed an HTA that initiated a multi-stage infection chain, delivering WINELOADER.  The backdoor has functionalities for communication with command and control servers and utilizes evasion techniques. To defend against the APT29 campaign, security teams should understand these TTPs and the WINELOADER backdoor to improve detection capabilities.  APT29 uses spear-phishin ..read more
Visit website
Citrix UberAgent Flaw Let Attackers Elevate Privileges
GBHackers On Security
by Divya
6h ago
A significant vulnerability has been identified in Citrix’s monitoring tool, uberAgent. If exploited, this flaw could allow attackers to escalate their privileges within the system, posing a serious risk to organizations using affected software versions. CVE-2024-3902 – Privilege escalation vulnerability in Citrix uberAgent The vulnerability, tracked under CVE-2024-3902, specifically impacts specific versions of Citrix uberAgent. It has been classified with a Common Vulnerability Scoring System (CVSS) score 7.3, indicating a high severity level. Free Webinar | Mastering WAAP/WAF ROI Analysis ..read more
Visit website
Hackers Group Claims To Have Broke Into IDF & Stolen Documents
GBHackers On Security
by Sneka
6h ago
Anonymous claims a successful cyberattack against the Israeli Defence Force (IDF), gaining access to 20 gigabytes of data, which allegedly includes over 233,000 military documents in various formats, like PDFs, Word files, and presentations.  The IDF considers the authenticity of the claim dubious and suspects a psychological warfare tactic. They reason that their layered, secure computer systems were likely not breached directly, and if a breach did occur, they suspect it compromised civilian systems instead.  Hackers released a video containing purportedly genuine excerpts from IDF ..read more
Visit website
VMware ESXi Shell Service Exploit on Hacking Forums: Patch Now
GBHackers On Security
by Divya
6h ago
A new exploit targeting VMware ESXi Shell Service has been discovered and is circulating on various hacking forums. This vulnerability poses a significant risk to organizations using VMware for their virtual environments, potentially allowing unauthorized access and control over virtual machines. The exploit, which explicitly targets the VMware ESXi Shell Service, was reported in a tweet from a Dark Web Intelligence account on Twitter. The ESXi Shell, an essential component for managing VMware ESXi hosts, provides a command-line interface for direct interaction with the host. Free Webinar | Ma ..read more
Visit website
Windows MagicDot Path Flaw Lets Attackers Gain Rootkit-Like Abilities
GBHackers On Security
by Guru baran
6h ago
A new vulnerability has been unearthed, allowing attackers to gain rootkit-like abilities on Windows systems without requiring administrative privileges. Dubbed “MagicDot,” this vulnerability exploits the DOS-to-NT path conversion process within the Windows operating system. Here, we delve into the technical details of the vulnerability, the attack methods, the rootkit-like abilities it confers, and the mitigation strategies to protect against such exploits. Free Webinar | Mastering WAAP/WAF ROI Analysis | Book Your Spot Vulnerability Description The MagicDot vulnerability is rooted in the way ..read more
Visit website
Alert! Zero-day Exploit For WhatsApp Advertised On Hacker Forums
GBHackers On Security
by Guru baran
6h ago
A zero-day exploit targeting the popular messaging app WhatsApp has been advertised on underground hacker forums. The exploit has raised serious concerns regarding the safety of users on Android and iOS platforms. This exploit is reported to have the potential to significantly compromise user data and privacy, making it a serious threat to millions of users. The details of the exploit are still being investigated, but it is believed that attackers could gain unauthorized access to user devices and steal sensitive information such as passwords, personal data, and financial information. It is im ..read more
Visit website
CrushFTP Servers Zero-day Under Active Attack: Update Now
GBHackers On Security
by Eswar
11h ago
CrushFTP is a file transfer server that supports secure protocols, offers easier configuration, and offers powerful monitoring tools. It also provides a web interface that allows users to transfer files using a web browser.  A critical vulnerability associated with FileSystem escape has been discovered and addressed in the latest version. This particular vulnerability allows any user to download system files escaping from the virtual file system present in the CrushFTP application.  Moreover, there have also been reports indicating the exploitation of this vulnerability in the wild b ..read more
Visit website
Researchers Claim that Windows Defender Can Be Bypassed
GBHackers On Security
by Guru baran
11h ago
Cybersecurity experts from SafeBreach have revealed a series of vulnerabilities that could allow attackers to remotely delete files on a computer using Windows Defender, potentially leading to data loss and system instability. Tomer Bar and Shmuel Cohen, seasoned security researchers at SafeBreach, presented the findings during their talk at the Black Hat conference. Uncovering the Vulnerabilities The research team’s goal was to trigger false positives in security systems, which led to the discovery of the vulnerability CVE-2023-24860. Free Webinar | Mastering WAAP/WAF ROI Analysis | Book Your ..read more
Visit website
Apple Removes WhatsApp & Threads from its App Store for China
GBHackers On Security
by Divya
11h ago
With the tightening grip of Chinese regulatory measures on foreign digital services, Apple Inc. has removed several major messaging apps, including WhatsApp and Threads by Meta Platforms, from its App Store in China. This decision follows direct orders from the Chinese government, which raised national security concerns as the primary reason for the enforcement. The Chinese government mandated the removal of these apps through the Cyberspace Administration of China (CAC), citing national security issues. The specific details of the security concerns were not disclosed, leaving industry observe ..read more
Visit website

Follow GBHackers On Security on FeedSpot

Continue with Google
Continue with Apple
OR