Category: GBHackers – Latest Cyber Security News | Hacker News

WormGPT, a black-hat-based tool has been recently launched by cybercriminals and has the potential to conduct various social engineering as well as Business Email Compromise (BEC) attacks. This tool has no limitations towards its use and has no boundaries. The…

Read more →

Black Box Penetration Testing to the organization is from an external point of view and tests an external network with zero information. The objective was simple – see how susceptible the organization is from an external point of view and…

Read more →

Dark Web Secrets: Have you ever wondered about the mysterious parts of the internet? Welcome to the dark web. This uncharted digital territory, inaccessible through regular search engines, is notorious for its association with illegal activities, like drug trafficking, firearm…

Read more →

Threat actors always search for vulnerable devices and networks to gain illicit access and perform malicious activities to accomplish their goals. The APT group, Lazarus, as an initial breach path actively targeting the Microsoft Internet Information Services (IIS) servers. Cybersecurity…

Read more →

Threat actors relying on legitimate, well-known software TeamViewer for exploitation has been a very common scenario. There have been several cases where threat actors used well-known software to deliver malware to the victims. Similarly, a recent report from Cyble Research…

Read more →

Rockwell Automation ControlLogix EtherNet/IP (ENIP) communication module models have two security issues that might be utilized to carry out remote code execution and cause a denial of service (DoS). The ControlLogix system’s impacted communications modules are found in several industrial sectors,…

Read more →

ChatGPT is one of the biggest and most sophisticated language models ever made, with a massive neural network of over 175 billion parameters. Recent research has revealed how ChatGPT for penetration testing can enable testers to achieve greater success. ChatGPT…

Read more →

Wireshark, One of the world’s most popular network packet analyzers, released Wireshark 4.0.7 with the fixes of several bugs, updated protocol support, and a few enhancements. Wireshark is an application that captures packets from a network link, like the one…

Read more →

Elon Musk publicly announced the establishment of xAI, a startup that aims at exploring “the true nature of the universe” and will also compete against OpenAI’s well-known chatbot ChatGPT. “The goal of xAI is to understand the true nature of…

Read more →

Apple has recently released new Rapid Security Response (RSR) patches to fix a zero-day vulnerability. This vulnerability has been exploited in attacks and affects iPhones, Macs, and iPads that have been fully patched. The zero-day vulnerability has been tracked as…

Read more →

Apple zero-day vulnerability has been identified that was actively exploited by the threat actors in the wild to break the browsing on some websites and for arbitrary code execution. The zero-day vulnerability has been tracked as CVE-2023-37450, and this vulnerability…

Read more →

A recent security advisory from Jenkins reported that they had fixed 24 vulnerabilities affecting multiple Jenkins plugins. This Flaw includes 5 High, 18 Medium, and 1 Low severity vulnerabilities. Patches have been released for some of the affected plugins, while…

Read more →

Cybercriminals are using malicious Chrome extensions to steal Facebook login information in a recent operation. The reports shared by Malwarebytes Labs also stated that sponsored posts and accounts impersonating Meta/Facebook’s Ads Manager have become more prevalent. With a focus on…

Read more →

SonicWall has recently published a security notice in which 15 vulnerabilities were fixed. CVEs for these vulnerabilities have been published, and patches for 4 Critical, 4 High, and 7 Medium severity vulnerabilities have been patched as per the notice. These…

Read more →

The OWASP Zed Attack Proxy is a widely used tool for conducting web application penetration testing. It is free and open-source. ZAP functions as a proxy between the tester’s browser and the web application, intercepting and scrutinizing messages. ZAP is…

Read more →

During the initial half of 2023, a notable surge occurred in attacks exploiting infected USB drives for secret theft. While the USB-based operation campaigns caused most incidents, impacting both public and private sectors worldwide. Cybersecurity analysts at Mandiant Managed Defense…

Read more →

IP geolocation API services can do far more than serve website visitors in their local language and currency using IP lookup. They can also play a critical role in cybersecurity. Geolocation data can source the IP address of DDoS (Distributed…

Read more →

As per the research conducted by SentinelOne, a new risk has been identified, which affects the information security researchers as well as the infosec community. Threat actors targeting the infosec community was not something new, as there were several instances…

Read more →

Storm-0978, a threat actor, actively targeted European and North American defense and government entities in a phishing campaign. Exploiting CVE-2023-36884, the campaign used Word documents with Ukrainian World Congress lures to abuse a remote code execution vulnerability. Recently, the cybersecurity…

Read more →

Citrix has released security advisories for critical and high-severity vulnerabilities, which could allow threat actors to escalate their privileges if they have access to an endpoint with Standard user account permission. CVE-2023-24491: Citrix Desktop for Windows There is a security…

Read more →

Shakeeb Ahmed, a former security engineer, has been arrested for defrauding a decentralized crypto exchange and stealing over $9 million. A digital currency exchange, also known as a cryptocurrency exchange (DCE), is a company that enables individuals to trade cryptocurrencies…

Read more →

Microsoft has recently made an announcement that their Microsoft Entra service has been extended to include the Security Service Edge. Moreover, the Azure AD has been rebranded as Microsoft Entra ID. According to Microsoft, there has been a significant increase…

Read more →

Microsoft blocked code signing certs, favored by Chinese hackers and devs, for loading malicious kernel mode drivers via Windows policy exploit. Windows kernel-mode drivers, at Ring 0, grant utmost privilege, enabling the following abilities:- A kernel-mode driver can disrupt the…

Read more →

GPT-4, OpenAI’s newest text-generation model, is now generally available through its API. As part of its upgrade, the company also made GPT 3.5, DALL-E, and Whisper available. “Whisper” refers to OpenAI’s speech-to-text model, while “DALL-E 2” is the company’s image-generating…

Read more →

Rekoobe is a notorious backdoor that primarily targets Linux environments, and it’s actively exploited by the threat actors, mainly a Chinese threat group, APT31. This notorious backdoor was discovered in 2015 for the first time, while an updated version of…

Read more →

“The Legion” is a Python-based software that has been crafted with the explicit intention of gathering credentials. Its propagation initially occurred via Telegram channels, where it was advertised as a tool that could be used for hacking. The tool is…

Read more →

One of the best methods for finding potential security gaps in your company’s cybersecurity design is a vulnerability assessment. You risk losing sensitive information to fraudsters who have been targeting charitable organizations more frequently since the epidemic hit if you…

Read more →

New Rapid Security Response (RSR) patches from Apple have been released to address a new zero-day defect that has been used in attacks and affects fully patched iPhones, Macs, and iPads. Rapid Security Responses are a new form of iOS,…

Read more →

New Rapid Security Response (RSR) patches from Apple have been released to address a new zero-day defect that has been used in attacks and affects fully patched iPhones, Macs, and iPads. Rapid Security Responses are a new form of iOS,…

Read more →

Cryptocurrency’s rising fame and diverse storage methods expand the arsenal of tools used by threat actors chasing digital assets and funds. The threat actors adapt their techniques and mimic legit sites based on target protection and potential theft size. There…

Read more →

AirCube is a wireless access point device used in homes and Edge Routers are special routers manufactured by Ubiquiti that act at the network boundary and allow an internal network to connect to an external network. MiniUPnPd (Mini Universal Plug…

Read more →

Vishing’s popularity has surged significantly in recent years, and this phenomenon is gradually destroying the trust factor in unknown calls from numbers that are unknown due to the rise in Voice over IP Phishing. Commonly, calls from bank employees or…

Read more →

RomCom is a RAT – that enables remote access/control over devices to exfiltrate sensitive information for financial gain, now being used in geo politically-motivated attacks against Ukraine’s military institutions.  According to the Blackberry threat intelligence team, the threat actor targets…

Read more →

Cyber Threat intelligence is one of the most critical concerns in the evolving threat environment of rapid day-zero attacks, cyber-criminality and espionage activities; the traditional approaches will be increasingly important to maintain but will simply not be sufficient to address…

Read more →

Cybersecurity is infamous for its acronyms. From APT to ZTNA, it is easy to get bogged down in the quagmire of jargon that, whether we like it or not, comes with the territory. This problem worsens when we come across…

Read more →

Cybersecurity researchers recently found 2 malicious applications on the Google Play store, installed by 1.5M users, collecting excessive data beyond what is required for promised features. The two malicious apps, both by the same publisher, are designed to exfiltrate data…

Read more →

A newly found Truebot Malware targets both US and Canada-based organizations to exfiltrate sensitive information by exploiting vulnerabilities in the Netwrix Auditor application(CVE-2022-31199). Truebot malware is a botnet that is delivered through phishing campaigns to attack victims, now exploiting the…

Read more →

In the age of total interconnectedness, digital dangers are all around. Email accounts have long become prime targets for cybercriminals aiming to take advantage of security flaws. Therefore, implementing strong email security measures has never been more crucial.  In this…

Read more →

A security flaw has been identified in the Linux kernel called “stockRot” (CVE-2023-3269). This vulnerability grants attackers access to the kernel and the ability to elevate their privileges. It has been discovered that “Stack Rot,” a vulnerability in stack expansion,…

Read more →

The rapid rise and sophistication of ransomware enable threat actors to launch attacks more frequently and disrupt businesses and organizations that are lacking adequate preparation. The researchers at Microsoft Incident Response recently investigated an intrusion in which it’s been the…

Read more →

The latest research discovered a campaign against cloud environments which is still under development. This evolving campaign is consistent with an aggressive cloud worm designed to deploy on exposed JupyterLab and Docker APIs to deploy Tsunami malware, cloud credentials hijack,…

Read more →

Recently, cybersecurity researchers at VulnCheck revealed that hundreds of internet-exposed SolarView systems on Shodan have been patched against a critical command injection vulnerability. Experts indicated that both the Mirai botnet hackers and inexperienced individuals have already begun exploiting it, with…

Read more →

The Cisco ACI Multi-Site CloudSec encryption feature of the Cisco Nexus 9000 Series switches contains a critical flaw that enables attackers to easily read encrypted traffic. The vulnerability resides in implementing the ciphers used by the CloudSec encryption feature on…

Read more →

The Barracuda Email Security Gateway (ESG) appliance has a remote command injection vulnerability that affects versions 5.1.3.001–9.2.0.006. This vulnerability was identified to be CVE-2023-2868, with a CVSS score of 9.8. It has been actively exploited since October 2022. The flaw stems…

Read more →

US Navy, one of the red team members, recently released “TeamsPhisher,” a tool that exploits the Microsoft Teams’ security flaw that is not fixed to bypass the incoming file restrictions from external tenants. This new tool allows attackers to deliver…

Read more →

Firefox has released patches for some of its high and moderate vulnerabilities in Firefox, ESR (Extended Support Release), and Thunderbird products. These vulnerabilities were privately disclosed, and appropriate CVEs and security advisories have been released. The severity of the released…

Read more →

OpenAI recently disabled ChatGPT’s Bing browsing due to user discovery of its paywall-bypassing potential, commonly employed by news outlets to promote paid subscriptions. While OpenAI makes this announcement via a tweet. The Bing browsing feature is exclusive to ChatGPT Plus…

Read more →

China has declared that it is going to control the exports of several metals used in the semiconductor sector, including goods made of gallium and germanium. The announcement follows Washington’s attempts to restrict Chinese access to select advanced microprocessors. China’s…

Read more →

Hackers use Malicious QR Codes to Retrieve Employee Credentials. Sophisticated technology has been overwritten by simple technologies like QR replacing Barcodes. QR (Quick Response) has been playing a major role in the current generation, which provides the response within a…

Read more →

ChatGPT has been met with skepticism and optimism in equal measures in the cybersecurity realm. IT professionals leverage this chatbot to write firewall rules, detect threats, develop custom codes, test software and vulnerability, and more.  This has another implication, too…

Read more →

The Burp Scanner’s new GraphQL capabilities allow it to recognize known endpoints, locate hidden endpoints, determine whether introspection or recommendations are enabled, and report when an endpoint fails to validate the content type. Portswigger, the firm behind the renowned web…

Read more →

Being a business owner has unquestionably many perks. However, there are plenty of hazards as well. Criminals often target businesses of all sizes and types worldwide, posing a constant problem. Because of the important and sensitive data they manage, e-commerce…

Read more →

The July 2023 Product Security Bulletin from Taiwanese chipmaker MediaTek describes security flaws impacting MediaTek chipsets for smartphones, tablets, AIoT, smart displays, smart displays, OTT, and Wi-Fi. This security advisory provides details on 24 vulnerabilities, of which CVE-2023-20754 and CVE-2023-20755…

Read more →

The latest research shows Fortigate firewalls are vulnerable to remote code execution attempts. 490,000 affected SSL VPN interfaces are exposed on the internet, and roughly 69% are currently unpatched. Bishop Fox internally developed an exploit for CVE-2023-27997, a heap overflow…

Read more →

The Cybersecurity & Infrastructure Security Agency (CISA) is well-known for providing preventive measures to all organizations based on their recent research and exploitation from threat actors. CISA has recently added and published a list of 8 new vulnerabilities which are…

Read more →

A Major Data Leak of information affects well-known social media sites, including TikTok, Instagram, and Yahoo. The alleged data leak included a 178GB TikTok database, over 17 million records on Instagram accounts, and a database leak for Yahoo! accounts. SOCRadar…

Read more →

Over recent months, CPR (Check Point Research) monitored a Chinese threat actor attacking European Foreign Affairs ministries and embassies. Check Point Research identified a broader trend of Chinese activity, specifically targeting European entities and their foreign policy. While security analysts…

Read more →

The cybersecurity researchers at Trend Micro recently identified that the Blackcat Ransomware (aka ALPHV) actors are using malvertising tricks to spread fake WinSCP installers via Targeted Attack Detection (TAD) service. In these advertising campaigns, the threat actors lured their victims…

Read more →

In a class action complaint filed on Wednesday, it is claimed that OpenAI and Microsoft stole “vast amounts of private information” from internet users without their permission to train ChatGPT. The case seeks $3 billion in damages. There is currently…

Read more →

It has been discovered that the Siemens A8000 CP-8050 and CP-8031 PLCs contain a vulnerability that can be exploited for Remote Code Execution (RCE) without the need for authentication. The Siemens SICAM A8000 is a versatile device that can be…

Read more →

It has been discovered that the Siemens A8000 CP-8050 and CP-8031 PLCs contain a vulnerability that can be exploited for Remote Code Execution (RCE) without the need for authentication. The Siemens SICAM A8000 is a versatile device that can be…

Read more →

Around 2700 people were rescued in Manila who were involved in Human Trafficking for fraudulent online gaming sites and other cybercrime groups. The latest news regarding nighttime rides shows Las Pinas City in metropolitan Manila has become the Hubspot for…

Read more →

A new tool named “Snappy” developed by cybersecurity experts, can assist in identifying rogue WiFi access points that aim to steal data from users who are unaware. Tom Neaves, a security researcher with Trustwave and an enthusiast of wireless and…

Read more →

Submarine cables installed on the ocean floor facilitate the transmission of data and voice between land-based stations. International communication has relied on submarine cables since the first one was laid across the English Channel in 1850. This cable was used…

Read more →

Recently, the Wall Street Journal reported that in the early months of this year, a Chinese spy balloon utilized American technology to effectively collect audio-visual information while crossing the United States. Multiple US defense and intel agencies’ analysis revealed balloon…

Read more →

The sudden surge in the activity of 8base ransomware in June 2023 shows it is a well-established organization to execute attacks that alarms security professionals and industries. The group utilizes encryption paired with “name-and-shame” techniques to compel their victims to…

Read more →

The cybersecurity researchers at Morphisec Labs have been tracking the GuLoader campaign since April of this year and found that it has been actively targeting the law firms that are based in the US along with several other sectors like:-…

Read more →

Akira ransomware appeared in 2017 when it encrypted video folders without leaving any ransom notes. The file encrypted by Akira ransomware has an extension of .akira. Researchers have been working on decrypting the files affected by the ransomware and finally…

Read more →

According to a report from the Telegram channel, Dozor, a Russian telecommunications company that offers services to power grids, oil fields, the Russian military, and the Federal Security Service (FSB), has been hacked. The post that the unknown threat actors…

Read more →

Cloud service providers fundamentally changed the way we do business in 2023. Office 365 is one of the most popular cloud-based services catering to online businesses. The suite’s advanced collaboration and productivity features make it a go-to service for businesses…

Read more →

The top 25 most dangerous software weaknesses impacting software for the previous two calendar years have been published by MITRE as part of the 2023 Common Weaknesses Enumeration (CWE). Attackers can utilize these flaws to seize control of a vulnerable…

Read more →

Brave version of 1.54 for desktop and Android will include more powerful features for controlling which sites can access local network resources and for how long. Malicious requests from websites to access local host resources act as a fingerprinting technique…

Read more →

Charming Kitten APT Group Uses Innovative Spear-phishing Methods. Volexity researchers recently noticed that threat actors are actively intensifying their efforts to compromise the credentials or systems of their targets by employing Spear-phishing Methods.  While spear-phishing techniques involve sending personalized messages…

Read more →

Cybersecurity researchers at FortiGuard Labs recently found an unseen infostealer dubbed “ThirdEye” that is mainly crafted to steal several information from the systems that are compromised. While the stolen data and information that are gathered by this infostealer are used…

Read more →

A flaw was discovered in Progress MOVEit Transfer, a popular third-party online transfer application. By exploiting the flaw, attackers compromised multiple organizations, including U.S. Government agencies. Honeywell is the recent victim of MOVEit Hackers as they gained Unauthorized access to…

Read more →

A newly emerged ransomware known as Akira expands its operations to target Linux-based platforms which add the “.akira” file extension to each compromised file.  Akira ransomware mostly operating since April 2023, and actively targeting numerous organizations, compromising their sensitive data. …

Read more →

The latest research discovered Andariel, a part of the Lazarus group, introduced several new malware families, such as YamaBot and MagicRat, updated versions of NukeSped and DTrack.  Andariel group executed the Maui ransomware attack using the DTrack backdoor by exploiting…

Read more →

The Flipper Zero hacking device plans on selling $80 million worth of gadgets this year, up from preorders on Kickstarter that totaled over $5 million. It also claims to have sold $25 million of the devices last year. The business, established…

Read more →

SIEM (Security Incident and Event Management) tools are being used in most organizations for monitoring, analyzing, and preventing threat actors. Organizations are trying to build more and more in terms of security to protect against ransomware attacks, data breaches, and…

Read more →

IBM QRadar is a popular SIEM (Security Incident and Event Management) tool organizations use to detect and monitor threats. The IBM QRadar SIEM can be used in the form of a physical appliance, a software-only solution, or a virtual appliance.…

Read more →

Cisco AsyncOS Software, used by Cisco Secure Email and Web Manager, Cisco Secure Email Gateway (previously Cisco Email Security Appliance; ESA), and Cisco Secure Web Appliance (WSA), has multiple flaws in its web-based management interface. The vulnerabilities could allow a…

Read more →

Zyxel has been one of the world’s leading networking products manufacturing companies and one of the top companies in the telecommunications industry.  The company has customers worldwide, including the United States, the United Kingdom, France, and India. Zyxel NAS (Network-Attached…

Read more →

A fresh ongoing campaign spreads the Android banking Trojan known as Anatsa. New institutions in the United States, the United Kingdom, and German-speaking countries were hit by this wave of Anatsa malware. Threat actors intend to steal credentials by authorizing customers…

Read more →

Chrome Security Update – 4 High-Severity Vulnerabilities Patched. For Mac, Linux, and Windows, the Stable and Extended Stable channels have been upgraded to 114.0.5735.198/114.0.5735.198/199, respectively.  This update will be rolling out over the next few days/weeks. With three issues that…

Read more →

American Airlines and Southwest Airlines, two significant US-based aviation companies, have announced data breaches that have impacted their Pilot Credentials. Pilot Credentials, a third party, manages various airlines’ pilot application and recruiting websites, including Southwest Airlines. The Pilot Credentials issue,…

Read more →

A new variant of Mallox ransomware, also known as “Target company” ransomware, adopts a unique method of appending the name of the targeted company as a file extension to encrypt the files and launch the ransomware attack. The Mallox threat…

Read more →

A new variant of Mallox ransomware, also known as “Target company” ransomware, adopts a unique method of appending the name of the targeted company as a file extension to encrypt the files and launch the ransomware attack. The Mallox threat…

Read more →

Joseph James O’Connor, 24, a UK citizen, was responsible for one of the biggest social media hacks in 2020, where Twitter accounts of several celebrities and verified accounts were hacked for posting about a “double your cryptocurrency” scam. O’Connor was…

Read more →

Digital initiatives play a crucial role in business today; they bring new business opportunities, fostered creative partnerships, and deliver new customer conveniences across multiple industries. But all these innovations pose the biggest challenges for CISOs/CSOs, and they don’t want companies…

Read more →

Web application security refers to the measures taken to safeguard web applications from potential attacks. It involves strategies and processes to secure web applications from external threats that could compromise their functionality, safety, and data integrity. An effective web application…

Read more →

The founder of BreachForums made his first court appearance in the Eastern District of Virginia over a criminal complaint arising from his alleged creation and oversight of a prominent hacking forum and illicit marketplace for cybercriminals. More than 340,000 individuals claimed to…

Read more →

The latest research unveiled the JavaScript-based droppers, which deliver Bumblebee and IcedID malware instead of PowerShell-based droppers. These two malware types are significantly related to ransomware attacks.  Bumblebee is a modular loader, distributed primarily through phishing, used to deliver payloads…

Read more →

In the most extreme action taken against the firm by the agency’s chair, Lina Khan, the Federal Trade Commission filed a lawsuit against Amazon on Wednesday, accusing it of illegally pressuring customers to subscribe to its Prime membership and making…

Read more →

Malicious cyber actors might exploit a known flaw in Microsoft Windows’ secure startup process to bypass Secure Boot protection and run the BlackLotus malware. BlackLotus uses a known flaw dubbed “Baton Drop,” tracked as CVE-2022-21894, to bypass beyond security precautions made by the…

Read more →

An attack called RepoJacking may potentially affect millions of GitHub repositories. If abused, this vulnerability might result in code execution on the internal networks of organizations or on the networks of their customers.  This includes the repositories of companies like…

Read more →

The latest version of Microsoft Teams had a security flaw uncovered recently by Max Corbridge (@CorbridgeMax) and Tom Ellson (@tde_sec), JUMPSEC’s Red Team members. Due to this flaw, there is a possibility for malware to be injected into organizations that…

Read more →

XSS is a very commonly exploited vulnerability type that is very widely spread and easily detectable, and also it is one of the important vulnerabilities in OWASP TOP 10. What is XSS(Cross-Site Scripting )? An attacker can inject untrusted snippets…

Read more →

The threat actor “Midnight Blizzard” is engaging in increasing credential attack activity. They conceal the origin of their assaults by employing residential proxy services. These attacks target governments, IT service providers, NGOs, the defense sector, and vital manufacturing. Numerous password…

Read more →

CalPERS (California Public Employees’ Retirement Systems) is an organization working to provide pension benefits for retirees and health security services for public servants and their survivors.  CalPERS has been working alongside PBI (Public Research Services/Berwyn Group) to identify member deaths…

Read more →

The subject of whether ChatGPT can be used to create phishing sites and if it can also be used to detect them accurately has been discussed by security researchers. This experiment has been conducted to see how much cybersecurity information…

Read more →