Eswar, Author at GBHackers - Latest Cyber Security News | Hacker News

Critical MikroTik RouterOS Flaw Exposes 900,000 Systems to Cyber Attacks

Eswar — Wed, 26 Jul 2023 11:03:39 +0000

MikroTik RouterOS were vulnerable to a privilege escalation vulnerability which was first disclosed in June 2022 at REcon. The vulnerability existed on the x86 Virtual Machines of RouterOS, where a root shell can be obtained. However, the new CVE for this vulnerability was assigned only in the middle of July 2023 when researchers at Vulncheck […]

The post Critical MikroTik RouterOS Flaw Exposes 900,000 Systems to Cyber Attacks appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Hackers Use SMS Alerts to Install SpyNote Malware

Eswar — Tue, 25 Jul 2023 12:23:49 +0000

Reports indicate that a Smishing campaign was conducted against Japanese Android users under the name of a Japanese Power and Water Infrastructure company. The SMS contains a link to lure victims into a phishing site. Once the victims click on the link, mobile malware is downloaded, which was discovered to be the SpyNote malware. The […]

The post Hackers Use SMS Alerts to Install SpyNote Malware appeared first on GBHackers - Latest Cyber Security News | Hacker News.

15 More Vulnerabilities Added to 2023 CWE Top 25 Most Dangerous Software

Eswar — Tue, 25 Jul 2023 10:20:40 +0000

The CVE MITRE foundation has released the list of “On the Cusp” in which many of the CWEs (Common Weakness Enumerations) have increased as well as decreased in their rankings between 2022 and 2023. CVE releases the top 25 most dangerous software weaknesses which helps organizations to mitigate software security risks. However, exploitable vulnerabilities beyond […]

The post 15 More Vulnerabilities Added to 2023 CWE Top 25 Most Dangerous Software appeared first on GBHackers - Latest Cyber Security News | Hacker News.

12 Norway Government Ministries were Targeted in a Cyberattack

Eswar — Mon, 24 Jul 2023 13:40:14 +0000

According to recent reports, twelve government ministries in Norway have been targeted by cyber-attacks. The most recent attack was aimed at Norway’s public sector, and investigations are currently ongoing. Norway has been Europe’s largest gas supplier after Russia had a drop in the supply. Norway has also become Western Europe’s largest oil exporter. The cyber […]

The post 12 Norway Government Ministries were Targeted in a Cyberattack appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Hackers Deliver HotRat as Hidden Scripts in cracked software

Eswar — Fri, 21 Jul 2023 05:12:10 +0000

The use of illegal software has been under circulation ever since there have been torrents and cracked software. Recent reports show that threat actors have been relying on cracked software to deploy HotRat malware into victims’ systems. HotRat malware is capable of stealing login credentials, cryptocurrency wallets, screen capturing, keylogging, and installing additional malware. Hackers […]

The post Hackers Deliver HotRat as Hidden Scripts in cracked software appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Oracle Patches 32 Critical Flaws in MySQL, WebLogic Server, & VirtualBox VM

Eswar — Thu, 20 Jul 2023 14:32:14 +0000

Oracle has released a list of security patches for more than 130+ products. These products were used in several industries, including banking, communication, enterprise, development, and others. Oracle has released the severity rating and categorized them as critical, high, medium, and low based on their CVSS 3.1 score. Over 508 new security patches and CVE […]

The post Oracle Patches 32 Critical Flaws in MySQL, WebLogic Server, & VirtualBox VM appeared first on GBHackers - Latest Cyber Security News | Hacker News.

OWASP Released Top 10 Critical Vulnerabilities for LLMs(AI models)

Eswar — Wed, 19 Jul 2023 11:03:33 +0000

OWASP Foundation has released the 0.9.0 version of Critical Vulnerabilities in LLMs (Large Language Models). A groundbreaking initiative has emerged to address the pressing need for educating developers, designers, architects, and other professionals involved in AI models. AI-based technologies are currently being developed across various industries with the goal of revolutionizing long-standing traditional methods that […]

The post OWASP Released Top 10 Critical Vulnerabilities for LLMs(AI models) appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Beware of Weaponized TeamViewer Installer that Delivers njRAT

Eswar — Fri, 14 Jul 2023 14:25:45 +0000

Threat actors relying on legitimate, well-known software TeamViewer for exploitation has been a very common scenario. There have been several cases where threat actors used well-known software to deliver malware to the victims. Similarly, a recent report from Cyble Research & Intelligence Labs stated that the most popularly used remote desktop support software, “TeamViewer” has […]

The post Beware of Weaponized TeamViewer Installer that Delivers njRAT appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Jenkins Plugin Flaw Lets Attackers Gain Admin Access

Eswar — Thu, 13 Jul 2023 13:19:23 +0000

A recent security advisory from Jenkins reported that they had fixed 24 vulnerabilities affecting multiple Jenkins plugins. This Flaw includes 5 High, 18 Medium, and 1 Low severity vulnerabilities. Patches have been released for some of the affected plugins, while others are still under development. Affected Plugins and their Versions The list of affected Jenkins […]

The post Jenkins Plugin Flaw Lets Attackers Gain Admin Access appeared first on GBHackers - Latest Cyber Security News | Hacker News.

SonicWall Critical Flaws Let Attackers Bypass Authentication

Eswar — Thu, 13 Jul 2023 10:34:50 +0000

SonicWall has recently published a security notice in which 15 vulnerabilities were fixed. CVEs for these vulnerabilities have been published, and patches for 4 Critical, 4 High, and 7 Medium severity vulnerabilities have been patched as per the notice. These Vulnerabilities let attackers inject SQL queries and bypass authentication. Critical Severity Vulnerabilities CVE-2023-34134: Password Hash […]

The post SonicWall Critical Flaws Let Attackers Bypass Authentication appeared first on GBHackers - Latest Cyber Security News | Hacker News.