The lack of rate-limiting in Instagram was discovered by Gtm Mänôz, a security researcher from Kathmandu, Nepal.  This flaw could have allowed an attacker to bypass Facebook’s two-factor authentication by validating the targeted user’s already-validated Facebook mobile number using the Meta Accounts Center. Two-Factor Authentication Bypass on Facebook  The researcher looked at Instagram’s latest “Meta […]

The post Facebook & Instagram Flaw Let Anyone Bypass Two-factor Authentication appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Microsoft has been strongly encouraging its customers to keep updating their Exchange servers, in addition to taking steps to ensure that the environment remains secured with robust security implementations. While doing so, users can do the following things:- The number of attacks against unpatched Exchange servers will not diminish as long as unpatched servers remain […]

The post <strong>Hackers Exploiting Unpatched Exchange Servers in The Wild</strong> appeared first on GBHackers - Latest Cyber Security News | Hacker News.

The identity of the individual behind the Golden Chickens malware-as-a-service has been uncovered by cybersecurity experts. The perpetrator, known online as “badbullzvenom,” has been identified in the real world. An extensive 16-month investigation by eSentire’s Threat Response Unit revealed that the badbullzvenom account was linked to multiple individuals, as outlined in the unit’s recently published […]

The post <strong>New Research Uncovers Threat Actor Behind Infamous Golden Chickens Malware-as-a-Service</strong> appeared first on GBHackers - Latest Cyber Security News | Hacker News.

As a result of an international law enforcement operation, the sites utilized by the Hive ransomware operation for both payments and data leaks on the Tor network were successfully taken over, following the FBI’s infiltration of the group’s infrastructure in July. An international law enforcement operation, led by the US Department of Justice and Europol, […]

The post FBI Hacks Back Hive Ransomware Gang’s Infrastructure – Website Seized appeared first on GBHackers - Latest Cyber Security News | Hacker News.

The source code of Yandex, the largest IT company in Russia and commonly referred to as the Russian Google, was hacked by attackers. On a well-known hacker site, a Yandex source code repository purportedly stolen by a former employee of the Russian technology giant was leaked as a torrent. Specifics of the Yandex Data Leak […]

The post Yandex Denies Hack – Source Code Leaked on Popular Hacking Forum appeared first on GBHackers - Latest Cyber Security News | Hacker News.

A joint Cybersecurity Advisory (CSA) from the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) has been released to alert network defenders to malicious use of legitimate remote monitoring and management (RMM) software. In October 2022, CISA discovered a massive cyberattack that made use of malicious RMM […]

The post Hackers Abuse Legitimate Remote Monitoring Tools to Steal Banking Data appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Recently, the US Justice Department along with the eight states filed a lawsuit against Google, accusing the company of having a monopoly on the online advertising market, which they argue harms advertisers, consumers, and even the US government.  They claim that Google has breached Sections 1 and 2 of the Sherman Act. While the goal […]

The post <strong>U.S. Sues Google for Dominance Over Digital Advertising Technologies</strong> appeared first on GBHackers - Latest Cyber Security News | Hacker News.

A recent report reveals that the number of attacks on financial service APIs and web applications worldwide increased by 257%.   There are more APIs in use than ever, and the average FinTech company takes advantage of hundreds if not thousands of connections in their daily operations. APIs have become a critical component of fintech but also open […]

The post Top FinTech API Security Challenges appeared first on GBHackers - Latest Cyber Security News | Hacker News.

The Wireshark Team has recently unveiled the latest iteration of their widely-utilized packet analyzer, Wireshark 4.0.3.  This version boasts a multitude of improvements, including new features and updates, as well as the resolution of various bugs to ensure a smooth and efficient user experience. The Wireshark packet analyzer is a free and open-source application that […]

The post Wireshark 4.0.3 Released – What’s New! appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Silver is an open-source command-and-control framework that is becoming increasingly popular among malicious actors at current attacks. As threat actors are opting for this option since it offers a viable alternative to commercial tools such as:- Designed with scalability in mind, the Sliver security testing tool can be used by organizations of all sizes and […]

The post Hackers Using Sliver Framework as an Alternative to Cobalt Strike & Metasploit appeared first on GBHackers - Latest Cyber Security News | Hacker News.

The field of cybersecurity is rife with acronyms. From AES to VPN, these technical alphabet soup terms have been part of the knowledge of not only cybersecurity experts but also organizations that are planning to buy security solutions or implement security technologies. Enterprise Strategy Group (ESG) has released its 2023 Technology Spending Intentions Survey, and […]

The post What is XDR, MXDR, DRs & SBOM ? – Cybersecurity Acronyms 2023 appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Mandiant recently reported that a group of hackers originating from China utilized a vulnerability within FortiOS SSL-VPN that had only recently been discovered, and marked as a zero-day exploit, in December.  The hackers targeted both a government organization in Europe and an African-based managed service provider with a new, specifically designed malware called ‘BOLDMOVE’ that […]

The post <strong>Chinese Hackers Exploit FortiOS Zero-Day Vulnerability to Deploy New Malware</strong> appeared first on GBHackers - Latest Cyber Security News | Hacker News.

The cybersecurity experts at CyberArk have provided information on the mechanism by which the ChatGPT AI chatbot can produce a new strain of polymorphic malware. Polymorphic malware could be easily made using ChatGPT. With relatively little effort or expenditure on the part of the attacker, this malware’s sophisticated capabilities can readily elude security tools and […]

The post <strong>ChatGPT Can Be Used to Create Dangerous Polymorphic Malware</strong> appeared first on GBHackers - Latest Cyber Security News | Hacker News.

In this article, we have done a depth analysis and listed your top 10 best Free Firewall software that provided extended security to protect your system from bad actors. Generally, every computer is connected to the internet and is susceptible to being the victim of a hacker or an unwanted attack. The whole procedure, which […]

The post 10 Best Free Firewall Software – 2023 appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Cisco released fixes for Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition to address high-severity SQL injection vulnerability. “An attacker could exploit this vulnerability by authenticating to the application as a low-privileged user and sending crafted SQL queries to an affected system”, Cisco reports. “A successful exploit could allow the attacker to […]

The post <strong>Cisco Unified CM SQL Injection Flaw Let Attackers Execute Crafted SQL Queries</strong> appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Rapid7 is taking action in response to several instances of compromise caused by the exploitation of CVE-2022-47966, which is a pre-authentication remote code execution (RCE) vulnerability.  This vulnerability affects nearly 24 on-premise ManageEngine products, and it is a serious threat that can allow attackers to execute code on a target system without any authentication, making […]

The post <strong>Hackers Actively Exploiting Critical ManageEngine Vulnerability</strong> appeared first on GBHackers - Latest Cyber Security News | Hacker News.

PayPal has recently begun sending out notifications to thousands of users who were affected by a data breach. The breach occurred due to credential stuffing attacks, which allowed unauthorized access to user accounts.  As a result of these attacks, some personal data may have been exposed. It is important for users to take the necessary […]

The post <strong>PayPal Data Breach – Over 35000 Thousand Users’ Accounts Compromised</strong> appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Avanan researchers have seen a new attack dubbed “Blank Image” spreading throughout the globe wherein hackers include blank images in HTML attachments. When opening the attachment, the user is automatically redirected to a malicious URL. This email campaign begins with a document that purports to be from DocuSign, this appears to be very legitimate. The […]

The post Beware of the New ‘Blank Image’ Attack that Hides Malicious Scripts in Image Files appeared first on GBHackers - Latest Cyber Security News | Hacker News.

A ransomware attack targeted Yum! Brands on January 18, 2023, caused the closure of 300 locations of its fast food chains KFC, Pizza Hut, Taco Bell, and The Habit Burger Grill in the United Kingdom. In addition to operating over 53,000 restaurants, Yum! Brands own and operate over $5 billion in assets and $1.3 billion […]

The post <strong>Hackers Steal Data from  KFC, Pizza Hut, Taco Bell & Habit Burger</strong> appeared first on GBHackers - Latest Cyber Security News | Hacker News.

T-Mobile US, Inc. discovered that a malicious attacker was illegally accessing data through a single Application Programming Interface (“API”). The research revealed that the threat actors accessed information for about 37 million active postpaid and prepaid customer accounts using this API, however many of these accounts did not include the complete data set. A software interface […]

The post T-Mobile Hacked – Over 37 Million Customer Data Exposed appeared first on GBHackers - Latest Cyber Security News | Hacker News.