Category: GBHackers – Latest Cyber Security News | Hacker News

The Federal Bureau of Investigation has released an announcement stating that cybercriminals are using mobile-beta testing applications to target victims for malicious purposes. These apps are often distributed through phishing or romance scams. These applications are capable of stealing personally…

Read more →

A malware campaign targeting the Ministries of Foreign Affairs of NATO-aligned countries was recently discovered, which used PDF files masquerading as a German Embassy email. One of the PDF files consists of Duke malware which was previously linked with a…

Read more →

Ford recently identified a buffer overflow flaw in the Wi-Fi driver used by it in the SYNC 3 infotainment system. After the discovery, Ford quickly alerted about this flaw and disclosed the vulnerability publicly. Car hijacking by hackers exploiting various…

Read more →

Xiaomi, the Asian smartphone giant, has implemented measures within its MIUI operating system that flag Telegram as a malicious app.  This move has ignited discussions surrounding both technical and political dimensions, raising questions about user privacy, app censorship, and the…

Read more →

Reports indicate that there seems to be an ongoing campaign that lures victims into installing a Remote Administration Tool called NetSupport Manager with fake Chrome browser updates.  Threat actors use this remote administration software as an info stealer and to…

Read more →

ChatGPT quickly gathered more than 100 million users just after its release, and the ongoing trend includes newer models like the advanced GPT-4 and several other smaller versions. LLMs are now widely used in a multitude of applications, but flexible…

Read more →

The 26th annual BLACK HAT USA is taken place at the Mandalay Bay Convention Centre in Las Vegas from August 5 to August 10, 2023. Four days of intensive cybersecurity training covering all skill levels are scheduled to start off…

Read more →

MoustachedBouncer, a cyberespionage group active since 2014, likely has performed ISP-level adversary-in-the-middle (AitM) attacks since 2020 to compromise its targets. For AitM, the MoustachedBouncer employs a lawful interception system like “SORM,” and besides this, it uses two toolsets that we…

Read more →

The Second quarter of 2023 has shown a significant increase in the overall cyber-threat risks. The blocking of unique web attacks rose to 24% which accounts for more than 700 million unique blocked attacks each month. Among these cyber risks,…

Read more →

Ransomware groups often recycle tools, techniques, and procedures. Even some of them also provide playbooks for affiliates as well. Numerous use Cobalt Strike for remote access, employ RDP brute force, and target Domain Controller servers to control network machines. Cybersecurity…

Read more →

The well-known bulletproof hosting platform, Lolek Hosted, has been shut down by law enforcement officials from the United States and Poland to limit fraudsters’ access to tools that enable anonymous online behavior. These platforms give hackers anonymity and are frequently…

Read more →

Infostealer malware is becoming extremely popular among cybercriminals, especially in the malware-as-a-service (MaaS) based sector. These kinds of malware remain undetected as much as possible for stealing information from the user’s device and transfer to the C2 server of the…

Read more →

In the last three years, hackers unknowingly seeking data or malware deployment have found a seemingly vulnerable virtual machine that is hosted in the U.S., which in reality, is a cleverly designed trap. While this cleverly designed, trap has been…

Read more →

The TargetCompany ransomware (aka Mallox, Fargo, and Tohnichi) is actively targeting the organizations that are using or running vulnerable SQL servers. Apart from this, recently, the TargetCompany ransomware unveiled a new variant of malware along with several malicious tools for…

Read more →

A new ransomware group known as ‘Rhysida’ has been operating since May 2023, posing a huge danger to the healthcare industry. Rhysida ransomware gang has been connected to several significant attacks, including an assault on the Chilean Army. Recently, the organization…

Read more →

CODESYS, a widely-used integrated environment for controller programming, holds a strong presence in Operational Technology across diverse industries, such as:- Backed by more than 500 manufacturers (including Schnieder Electric, Beckhoff, Wago, Eaton, ABB, Festo, etc.) and spanning various architectures that…

Read more →

RedHotel (TAG-22), a Chinese-state-sponsored threat group, is well-known for its persistence, prominence, operational intensity, and global reach. RedHotel is reported to have acted upon over 17 countries in North America Asia and between 2021 and 2023. This threat group poses…

Read more →

Gather Data Sampling (GDS) impacts select Intel CPUs, enabling attackers to deduce outdated data through malicious use of gather instructions. While all these entries link to the prior thread or sibling core registers. Like MDS, GDS (Gather Data Sampling) enables…

Read more →

Researchers have discovered a Google Bard Ads campaign that is being used by cybercriminals on Facebook to impersonate well-known generative AI brands such as ChatGPT and Google Bard. The campaign is actually malicious software that is disguised as legitimate ads.…

Read more →

Microsoft fixed 74 security issues in its August Patch Tuesday release, including two that were being actively exploited and twenty-three that allowed remote code execution. Although twenty-three RCE flaws were addressed, Microsoft only categorized six of them as ‘Critical,’ and 67…

Read more →

An unidentified threat actor has deployed the Yashma ransomware variant since June 4, 2023, actively targeting English-speaking countries like:- While this new variant of Yashma ransomware has reemerged after being fixed last year since the release of a decryptor. This…

Read more →

It has been reported that over 43 Android applications, which are available on the Google Play Store, display ads while the mobile screen is turned off. When the users attempt to open their home screen, they might catch a glimpse…

Read more →

Recent reports indicate that threat actors have been manipulating Script kiddies or amateur hackers into performing malicious actions that they never intended. This is done with the OpenBullet tool, which is used by web application testers and security professionals. OpenBullet…

Read more →

Microsoft Bug Bounty Program awarded $13.8M for their collaboration with over 345 security researchers from +45 countries around the world between July 01, 2023, to June 30, 2023. Bug Bounty Programs authorize independent security experts to report bugs to a…

Read more →

A Critical vulnerability was discovered in the widely used PaperCut MG/ NF print management software running on Windows prior to version 22.1.3. As of the July 2023 security bulletin, patches have been released by PaperCut to fix this vulnerability. PaperCut…

Read more →

According to recent reports, there have been instances of threat actors using malware called “SkidMap” to exploit vulnerable Redis systems. Earlier versions of SkidMap were used to surreptitiously mine cryptocurrency and create false network traffic and CPU usage by loading…

Read more →

After being criticized as “grossly irresponsible” and “blatantly negligent” by the CEO of Tenable, Microsoft addressed a vulnerability in the Power Platform Custom Connectors feature that allowed unauthenticated attackers access to cross-tenant apps and sensitive data from Azure customers. On…

Read more →

IBM has discovered a vulnerability in the IBM SDK, Java Technology Edition, that allows threat actors to execute arbitrary code on the system due to unsafe deserialization. This vulnerability exists in the Object Request Broker (ORB) and is given a…

Read more →

Tesla has a reputation for having highly integrated and technologically advanced car computers, which can be used for everything from basic entertainment to completely autonomous driving. BlackHat brief on an attack against modern AMD-based infotainment systems (MCU-Z) found on all current…

Read more →

A versatile Java-based RAT that is capable of keylogging and credential theft from browsers and email clients emerged in 2020 that is dubbed “STRRAT.” The most recent updated version of STRRAT evolved dramatically, and since its discovery, it has been…

Read more →

Magniber Ransomware was first detected in late 2017; it targeted South Korean users through malvertising attacks using the Magnitude Exploit Kit. It had been distributed earlier through Internet Explorer(IE) vulnerabilities. Since Microsoft announced IE’s end of support, it is now being…

Read more →

Magniber Ransomware was first detected in late 2017; it targeted South Korean users through malvertising attacks using the Magnitude Exploit Kit. It had been distributed earlier through Internet Explorer(IE) vulnerabilities. Since Microsoft announced IE’s end of support, it is now being…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has published a report which was co-authored by the NSA, FBI, and the FYEY (Five Eyes) from different countries. The report provides a complete insight into the Common Vulnerabilities and Exposures (CVEs) that…

Read more →

BEC, an acronym for Business Email Compromise, is a sophisticated form of cybercrime. Cyber threats have become a pressing concern in a world where almost every aspect of our lives is digitized. One of these threats that have been growing…

Read more →

Cult of the Dead Cow (cDc) is one of the oldest and most highly influential hacking groups that was formed at the end of the 1980s. This group was once responsible for distributing hacking tools and pointing out flaws in…

Read more →

The notorious Hacktivists group, Known as Mysterious Team Bangladesh, exploits vulnerable versions of PHPMyAdmin and WordPress. It conducts DDoS and defacement attacks through open-source utilities and is believed to have carried out over 750 DDoS and 70+ website defacements within…

Read more →

The National Security Agency (NSA) has released best practices for configuring and hardening Cisco Firepower Threat Defense (FTD) which can help network and system administrators in configuring these Next Generation Firewalls (NGFW). These Cisco FTD systems provide a combination of…

Read more →

HackerOne is a renowned cybersecurity company that offers bounty and penetration testing platforms to ethical hackers for the following activities:- HackerOne is a San Francisco-based startup, and at the moment, it boasts more than 450 employees globally. However, HackerOne CEO…

Read more →

A website pretending to be Flipper Devices offers a free FlipperZero in exchange for completing an offer, but it merely directs users to insecure browser extensions and fraudulent websites. Flipper Zero is a portable multi-functional cybersecurity gadget designed for pen…

Read more →

Legitimate SSM agents can turn malicious when attackers with high-privilege access use it to carry out ongoing malicious activities on an endpoint. Once compromised, the threat actors retain access to the compromised system, allowing ongoing illicit activities on AWS or…

Read more →

A critical remote code execution (RCE) vulnerability identified as CVE-2023-3519 has been the subject of several attacks, which have already compromised and backdoored hundreds of Citrix Netscaler ADC and Gateway servers. Attackers used web shells on at least 640 Citrix servers in…

Read more →

An unreported phishing campaign that disseminated a Python version of the NodeStealer has been found. NodeStealer gave threat actors the ability to steal browser cookies and use them to hijack users’ accounts on the platform, with a focus on business accounts.…

Read more →

LLMs are commonly trained on vast internet text data, often containing offensive content. To mitigate this, developers use “alignment” methods via finetuning to prevent harmful or objectionable responses in recent LLMs. ChatGPT and AI siblings were fine-tuned to avoid undesirable…

Read more →

Threat actors targeting macOS have increased lately as there were several cases of macOS information stealer malware found in the past, and many are being currently exploited in the wild.  According to reports, there was a new macOS malware found…

Read more →

The build and shared components on the CPUs are exploited by a method called Collide+Power. This attack vector does not target specific programs but the hardware itself. Advanced software-based power side channels echoed the discovery of Meltdown and Spectre vulnerability,…

Read more →

The United States Director of the Cybersecurity and Infrastructure Security Agency (CISA) released a warning on Friday about the active exploitation of Ivanti EPMM (formerly MobileIron Core) Vulnerabilities. CVE-2023-35078 is a critical vulnerability affecting Ivanti Endpoint Manager Mobile (EPMM). The…

Read more →

The updated Burp suite scanner has new add-on features and bug fixes that enhance the scanning process’s overall performance. Burp Suite is an integrated platform/graphical tool for performing security testing of web applications. On 27 July 2023, Portswigger released all…

Read more →

The Italian organizations, including tax agencies, were targeted by a new malware downloader delivering banking Trojan. The new loader malware is presently undergoing active development, employing a diverse array of sophisticated mechanisms to evade detection effectively. This new loader malware…

Read more →

According to reports, a new Android malware is circulating under the guise of a fake chat application that is being distributed through WhatsApp. This malware is discovered to belong to the APT Bahamut and has some footprints of tactics used…

Read more →

High-profile ransomware attacks on corporations like Kaseya, Colonial Pipeline, and MOVEit may lead to the misconception that only large organizations are targeted. However, the fact is that underestimating the risk due to focusing on large organizations may increase your vulnerability…

Read more →

Microsoft is held accountable for its poor cybersecurity procedures, which let China carry out a successful espionage campaign against the US government. In a letter to the directors of the Department of Justice, Federal Trade Commission (FTC), and Cybersecurity and…

Read more →

A new Android malware strain uses OCR (Optical Character Recognition) techniques to extract sensitive data from pictures. This new Android malware strain is dubbed “CherryBlos,” and along with this malware strain, another malware was also discovered that is dubbed “FakeTrade.”…

Read more →

The communications systems of 17 Air Force stations were concerned about “critical compromise” after $90,000 in federal radio technology had been stolen by a Tennessee-based engineer. According to the warrant that Forbes was able to obtain, the breach could potentially…

Read more →

Whether you’re a large or small business, network security is something you can’t ignore. Threat actors can and will, infiltrate businesses of any size wreaking havoc on computer systems, maliciously encrypting data, and in some cases completely destroying a company’s…

Read more →

In 2022, the detection of zero-day exploits in the wild decreased by 40% compared to the previous year.  41 in-the-wild 0-days were detected, the second-highest count since 2014, but lower than the 69 found in 2021. While a 40% drop…

Read more →

Apache Tomcat, a free and open-source server, supports Jakarta Servlet, Expression Language, and WebSocket technologies, providing a “pure Java” HTTP web server environment. Apache Tomcat dominates with nearly 50% developer adoption, and it’s widely used in the following developments:- Aqua’s…

Read more →

The latest research discovered malvertising campaigns abusing Google and Bing ads to target users seeking certain IT tools and deploying ransomware. This campaign targets several organizations in the technology and non-profit sectors in North America.  This campaign exhibits similar features…

Read more →

By offering a rapid and secure way to share your voice, audio messaging on WhatsApp revolutionized how people communicate. Now that WhatsApp has introduced instant ‘video messages’, you may record and share short personal videos directly in the chat. This…

Read more →

According to recent sources, threat actors have been working on a new variant of cross-platform ransomware that is named “Akira”. Akira was introduced to the cybersecurity sector in March 2023, which targets several financial institutions and organisations for stealing sensitive…

Read more →

Reports indicate that there have been three critical flaws including DDoS and Remote code execution discovered in the Microsoft Message Queuing Service (MMQS). These vulnerabilities existed in the message parser header that allowed unsanitized crafted message-headed inputs in one of…

Read more →

SolarWinds announces the release of SolarWinds Platform 2023.3, which includes new features and platform upgrades. Further, the release notes detail the issues that were resolved in the version. The company announced end-of-life plans for modules based on Orion Platform 2020.2.6…

Read more →

A new edition of the “VirusTotal Malware Trends Report” series, which focuses mostly on “Emerging Formats and Delivery Techniques,” has been published by VirusTotal to understand the nature of malicious attacks better. A representative subset of user submissions from January…

Read more →

According to reports, a privilege escalation vulnerability has been found in Ubuntu systems within the OverlayFS module. OverlayFS is a Linux filesystem that has been widely used in containers. OverlayFS allows the deployment of dynamic filesystems with respect to the…

Read more →

Based on recent reports, it was discovered that there has been info stealer malware that affects both Windows and macOS platforms. The malware can steal crypto wallets, passwords, and browser data. This new variant of malware is found to be…

Read more →

Recent reports suggest that threat actors have been spreading malicious Microsoft Visual Studio, a highly familiar Integrated Development Environment (IDE) used by several developers worldwide. Recently, cybercriminals have been targeting the familiar IDE, Microsoft Visual Studio, with malicious software. This…

Read more →

Data is a critical asset in today’s digital business landscape. The loss of crucial information can result in severe financial damages and harm to a company’s reputation. Protecting your company from data loss involves implementing proactive measures to secure data…

Read more →

The CRS v3.3.5 release has been announced by the OWASP ModSecurity Core Rule Set (CRS) team. The OWASP ModSecurity Core Rule Set (CRS) is a set of general attack detection rules that may be used with ModSecurity or other compatible…

Read more →

A new tool called FraudGPT has been launched by cybercriminals which pose a serious threat to both individuals and businesses. This black-hat-based tool is capable of executing social engineering and Business Email Compromise (BEC) attacks, making it a real cause…

Read more →

MikroTik RouterOS were vulnerable to a privilege escalation vulnerability which was first disclosed in June 2022 at REcon. The vulnerability existed on the x86 Virtual Machines of RouterOS, where a root shell can be obtained. However, the new CVE for…

Read more →

The CPUs that are based on x86-64 architecture feature XMM registers (128-bit), recently extended to 256-bit (YMM) and 512-bit (ZMM) for greater capacity. Beyond number crunching, the large registers (YMM and ZMM) are employed in various scenarios, including standard C…

Read more →

Reports indicate that a Smishing campaign was conducted against Japanese Android users under the name of a Japanese Power and Water Infrastructure company. The SMS contains a link to lure victims into a phishing site. Once the victims click on…

Read more →

A 24-year-old man named Amir Hossein Golshan from Downtown Los Angeles has pleaded guilty for hacking Instagram users’ accounts, using a technique called “SIM swapping” to obtain money fraudulently. The charges consist of illegally accessing a secured computer to acquire…

Read more →

A 24-year-old man named Amir Hossein Golshan from Downtown Los Angeles has pleaded guilty to hacking into Instagram users’ accounts and using a technique called “SIM swapping” to fraudulently obtain money. The charges consist of illegally accessing a secured computer…

Read more →

The CVE MITRE foundation has released the list of “On the Cusp” in which many of the CWEs (Common Weakness Enumerations) have increased as well as decreased in their rankings between 2022 and 2023. CVE releases the top 25 most…

Read more →

According to recent reports, twelve government ministries in Norway have been targeted by cyber-attacks. The most recent attack was aimed at Norway’s public sector, and investigations are currently ongoing. Norway has been Europe’s largest gas supplier after Russia had a…

Read more →

Increased botnet activity targeting vulnerability(CVE-2023-28771) in Zyxel devices has become a major concern to its users. This vulnerability lets the unauthorized attacker execute the arbitrary code by sending a specifically crafted packet to the targeted device. Since CISA added this…

Read more →

The China-linked threat actors who stole the US State Department and other Microsoft customer emails may have acquired access to apps other than Exchange Online and Outlook.com. According to Wiz Researchers, the compromised signing key was more potent than it…

Read more →

The cloud-based IT management firm JumpCloud was compromised by North Korean Lazarus Group hackers who appear to be financially motivated to steal cryptocurrencies. Since at least 2009, this hacking group has been active, and it is well recognized for its…

Read more →

APIs are poisoned pills you can’t live without. In today’s world, they are the enemy you must coddle next to every night. That is why API security is so vital in today’s digital landscape. APIs connect links between different software…

Read more →

Cisco has published a security advisory that states that they have discovered two vulnerabilities, an XSS and an HTML injection vulnerability. These vulnerabilities existed in the SPA500 series of the Cisco Small Business IP Phones. CVE-2023-20181: XSS Vulnerability This vulnerability…

Read more →

There are rising concerns about the security risks associated with artificial intelligence (AI), which is becoming more and more popular and pervasive. Google, a major participant in the creation of next-generation artificial intelligence (AI), has emphasized the need for caution…

Read more →

The revolutionary innovations by AI (Artificial Intelligence) include generative AI that has various creative potential, but along with that it also raises serious concerns with malicious tools like WormGPT. Since it’s a powerful generative AI-based tool, WormGPT enables attackers to…

Read more →

The use of illegal software has been under circulation ever since there have been torrents and cracked software. Recent reports show that threat actors have been relying on cracked software to deploy HotRat malware into victims’ systems. HotRat malware is…

Read more →

Microsoft expanded cloud logging accessibility and flexibility for customers’ deeper security visibility. This expansion coordinates results with commercial and government customers and the Cybersecurity and Infrastructure Security Agency (CISA) about security to provide cloud customers with insight and analysis. The…

Read more →

Cyber criminals have recently started using Facebook to pretend to be well-known generative AI brands like ChatGPT, Google Bard, Midjourney, and Jasper to steal users’ personal information. Users on Facebook are deceived into downloading content from fake brand sites and advertisements. These…

Read more →

Oracle has released a list of security patches for more than 130+ products. These products were used in several industries, including banking, communication, enterprise, development, and others.  Oracle has released the severity rating and categorized them as critical, high, medium,…

Read more →

Globally, security analysts and IT professionals heavily rely on Virustotal, a vast malware database, to scan files for viruses and malware. Even it also enables users to upload suspicious files or links to assess potential threats effectively. VirusTotal, crucial in…

Read more →

Turla, also known as Secret Blizzard, KRYPTON, and UAC-0003, is an Advanced Persistent Threat (APT) group that has been associated with Russia’s Federal Security Service (FSB). This group has gained fame for its sophisticated and persistent cyber threat activities. The…

Read more →

In an unfortunate turn of events, the computer hacker from the 1990s, who was involved in high-profile cases of computer data theft and credit card number stealing, passed away due to pancreatic cancer. When he was 16 years old, Mitnick…

Read more →

In an unfortunate turn of events, the notorious computer hacker from the 1990s, who was involved in high-profile cases of computer data theft and credit card number stealing, passed away due to pancreatic cancer. When he was 16 years old,…

Read more →

Thousands of US military emails were allegedly leaked to Mali, a country in western Africa, due to an unintentional typo error that occurred over a decade. This breach might have put US national security at risk. According to the Financial…

Read more →

NetScaler ADC and NetScaler Gateway (previously Citrix ADC and Citrix Gateway) contain multiple discovered vulnerabilities. Citrix ADC is a powerful networking solution that ensures fast, secure, and reliable delivery of applications across networks. While the NetScaler Gateway is a secure…

Read more →

Hackers Use “chatgpt5 [.]zip” to Trick Users into Downloading Malware. Phishing remains a severe cybersecurity threat, deceiving employees with cleverly disguised malicious links and malware attachments, potentially causing company-wide troubles for over a decade. The 2022 FortiGuard Labs report and…

Read more →

Sophisticated DDoS attacks have become a favored tool for hackers, enabling them to target not only large organizations but also individuals. This means that both businesses, regardless of their size, and private individuals find themselves vulnerable to these malicious activities.…

Read more →

Syssphinx (aka FIN8) is a financially motivated cyber-crime group deploying revamped sardonic backdoor to deliver Noberus ransomware. This group has been active since January 2016, targeting organizations such as hospitality, retail, entertainment, insurance, technology, chemicals, and finance sectors.  It is also…

Read more →

OWASP Foundation has released the 0.9.0 version of Critical Vulnerabilities in LLMs (Large Language Models). A groundbreaking initiative has emerged to address the pressing need for educating developers, designers, architects, and other professionals involved in AI models. AI-based technologies are…

Read more →

As the world moves increasingly into a digital realm, the security of data stored in the cloud is an ever-growing concern for businesses and individuals alike. Cloud computing enables access to our most sensitive and critical information from any device…

Read more →

On July 11, Adobe coordinated with the vendor to fix several ColdFusion vulnerabilities, including CVE-2023-29298. But it’s been reported that there are two ColdFusion vulnerabilities that hackers are actively exploiting to perform the following illicit tasks: Rapid7 detected Adobe ColdFusion…

Read more →

The Cybersecurity & Infrastructure Security Agency (CISA) has released a list of free tools for organizations to secure themselves in cloud environments. The post from CISA stated that these tools will help incident response analysts and network defenders to mitigate,…

Read more →

JumpCloud, an American commercial software company, has announced a data breach attributed to a spear phishing attack launched by a sophisticated nation-state-sponsored threat actor. As a result, the threat actor (Nation-state) gained unauthorized access to JumpCloud systems to target a…

Read more →