Category: GBHackers – Latest Cyber Security News | Hacker News

Based on the recent report from char49, it appears that there was a critical flaw in Ferrari’s subdomain, which led to an arbitrary file read vulnerability. The vulnerability existed in the media.ferrari.com subdomain using a vulnerable WordPress plugin (W3 Total…

Read more →

Recently, it has been observed by JPCERT/CC that threat actors are actively targeting the cryptocurrency exchanges linked to the DangerousPassword attack campaign (aka CryptoMimic or SnatchCrypto), involving the distribution of malware through email shortcuts since June 2019. Apart from malware…

Read more →

Researchers from Trend Micro at Black Hat Asia claim that criminals have pre-infected millions of Android devices with malicious firmware before the devices ever leave their manufacturing. The manufacturing of the gadgets is outsourced to an original equipment manufacturer (OEM).…

Read more →

The widely-used Elementor plugin, “Essential Addons for Elementor,” has been discovered to have a security flaw that enables unauthorized users to gain administrative control, potentially impacting millions of WordPress websites. PatchStack recently uncovered a critical unauthenticated privilege escalation vulnerability, tracked…

Read more →

As the threats against the Internet of Things are on the rise, several types of research are going on to secure these devices. As part of this, the Zero Day Initiative (ZDI) conducted a “Pwn2Own” competition in March. Multiple vulnerabilities…

Read more →

A USB device is a popular choice for storing data and information and, alas, a popular data theft target for hackers. In this article, we’ll cover the challenges for sysadmins and how these are addressed utilizing an often overlooked security…

Read more →

GitHub is one of the largest code repository platforms developers use worldwide. Developers belonging to an organization, individual developers, and enterprise developers use this platform to commit and push the codes inside their repository. Microsoft took over the code repository…

Read more →

Google declared that all Gmail users within the United States would shortly be able to utilize the dark web report security feature to determine whether their e-mail address has been found on the dark web. Google already offers a dark…

Read more →

A new ransomware variant called “Akira” has emerged, targeting multiple organizations and employing a double-extortion technique by exfiltrating and encrypting sensitive data, with the threat of selling or leaking it on the dark web unless the ransom is paid for…

Read more →

A recently found Linux NetFilter kernel vulnerability, identified as CVE-2023-32233, enables unprivileged local users to gain root-level privileges and full control over the affected system. However, the severity of the flaw has not yet been assessed. The security issue with…

Read more →

Microsoft released updates for two zero-day problems and 40 other newly discovered vulnerabilities in its products on Tuesday. CVE-2023-29336, one of the zero days, is a Windows “elevation of privilege” bug with a low attack complexity, minimal privilege requirements, and…

Read more →

After a Twitter engineer posted photos of an Android dashboard showing his WhatsApp microphone being used while he slept, Elon Musk declared that WhatsApp could not be trusted. A developer for Twitter named Foad Dabiri said that while he was sleeping,…

Read more →

A significant Indian lending organization ‘Fullerton India’ was breached at the beginning of April 2023. The LockBit ransomware Darknet blog, where hackers listed the business and have since released all the hacked information, confirms it. According to reports, on May…

Read more →

The FBI has been coordinating Operation PowerOFF since 2018, aiming to disrupt the DDoS-for-hire service infrastructures worldwide.  As part of this Operation, On May 8th, 2023, the FBI seized around 13 internet domains that offered DDos-for-hire services. The FBI has…

Read more →

NextGen Healthcare, which has its headquarters in Atlanta, Georgia, is a company that develops and markets software for the management of electronic health data and offers practice management services to medical practitioners. The Office of the Maine Attorney General has…

Read more →

Iranian hacker group ‘Mint Sandstorm’ is retaliating against recent attacks on its infrastructure by targeting critical US infrastructure, as recently discovered by cybersecurity researchers at Microsoft’s Threat Intelligence team. Linked to the IRGC (Islamic Revolutionary Guard Corps) and believed to…

Read more →

According to reports, there has been a security incident with Twitter’s Private Circle tweets feature as they have been exposed publicly. Twitter’s Private Circle was a feature introduced by Twitter in 2022, in which users can send their tweets to…

Read more →

Cisco SPA112 2-Port Phone Adapters have been reported to be vulnerable to arbitrary code execution via a malicious firmware upgrade. Cisco has classified this vulnerability as Critical, with a CVSS Score as 9.8 CVE-2023-20126 – Port Phone Adapters RCE Flaw…

Read more →

Check Point Research has recently published a study revealing the discovery of a previously unknown malware variant dubbed FluHorse. The malware comprises multiple malicious Android apps that impersonate legitimate ones, and unfortunately, most of these fake apps have already been…

Read more →

CERT-UA (Ukrainian Government Computer Emergency Response Team) recently reported that the Ukrainian state networks suffered a cyber attack attributed to the notorious ‘Sandworm’ hacking group from Russia. The attackers reportedly employed WinRar to destroy critical data on various government devices.…

Read more →

What is SIEM? A security information and event management (SIEM) system is the foundation of security processes in the modern security operations center (SOC). A SIEM saves security analysts the effort of monitoring many different systems.  SIEM systems integrate with…

Read more →

GBHackers come across a new ChatGPT-powered Penetration testing Tool called “PentestGPT” that helps penetration testers to automate their pentesitng operations. PentestGPT has been released on GitHub under the operator “GreyDGL,” a Ph.D. student at Nanyang Technological University, Singapore. It is…

Read more →

In accordance with World Password Day, Google has launched its new feature called “passkeys” which will provide a passwordless authentication for users. As mentioned, Google has been working with the FIDO Alliance, Apple, and Microsoft to support passkeys on their…

Read more →

As per reports, the U.S government authorities have dismantled yet another large network of cybercriminals. Denis Gennadievich Kulkov, the prime owner of the illegal network, was charged with access fraud, computer intrusion, and money laundering through his “Try2Check” platform. Try2Check…

Read more →

The FBI has reportedly shut down 9 Virtual Currency Exchange services belonging to organizations to prevent cyber criminals from laundering their money. These exchange services were used by threat actors who received ransom payments through criminal activities. These organizations were…

Read more →

Numerous updates and alterations were witnessed in the major malware families employed in phishing scams during the first quarter of 2023, alongside significant variations in TTPs. The Cofense Intelligence team has recently published Active Threat Reports, which provide insights into…

Read more →

Forescout Vedere Labs recently highlighted the neglected BGP security aspect – software implementation vulnerabilities. FRRouting’s BGP message parsing vulnerabilities discovered by Forescout Vedere Labs could enable attackers to trigger a DoS state on susceptible BGP peers. Major networking vendors depend…

Read more →

T-Mobile recently confirmed another hack, the second this year and ninth since 2018, revealing customer data and account PINs. While T-Mobile confirmed a recent system detection that revealed a threat actor had accessed a small number of accounts, which compromised…

Read more →

Smartphones are frequently replaced by users when newer versions of smartphones with much more features are released. The exchange of smartphones has a significant complication in transferring data to the new device. To overcome this problem, Cloning applications were introduced…

Read more →

Cyble Research and Intelligence Labs (CRIL) has recently detected AresLoader, a novel loader that is found to be disseminating numerous malware families. Malware loaders are designed to deploy and execute diverse malware strains on the targeted computer system of the…

Read more →

Since Google bought Android 2005, its sole responsibility has been to provide the best user experience and ensure security for its users. Google Play Protect was installed on every Android device to ensure every application was secure.  Google stated that…

Read more →

Earlier this month, Italian SA raised a temporary ban for ChatGPT as there was a data breach in March 2023. Along with this, the application had data privacy issues and lack of age affirmation which made authorities conclude this decision.…

Read more →

Atomic macOS Stealer (AMOS) is a recent information-stealing malware capable of attacking macOS to steal confidential information. This malware was discovered by Cyble Research and Intelligence Labs (CRIL) on a telegram channel where the threat actor was advertising the malware.…

Read more →

As per reports, cybercrime will reach $10.5 trillion by 2025, including all kinds of cybercrime activities like RaaS, Phishing, malware, and much more. It will be mandatory for organizations to protect themselves from these threats.  According to Google, “ChromeOS, this…

Read more →

If you have ever had to configure a firewall, set up a router, or choose the best VPN for your computer, chances are you heard of the TCP and UDP protocols. However, if you’re reading this article, you’re probably confused…

Read more →

SOC Training is one of the most critical concerns in building a Quality Security Operation Center Team to fight against advanced threats that target the organization’s network. Sophisticated detection and prevention technologies are mandatory implementations by security experts since cyber…

Read more →

The Cosmos cooperative bank in Pune, among the city’s oldest urban cooperative banks, has fallen prey to cyber fraudsters. Hackers gained access to the bank’s system and stole Rs 94 crore. A court in Maharashtra’s Pune had found 11 persons…

Read more →

A fresh set of Git releases was made available to fix several security flaws. It gives attackers the ability to execute arbitrary code upon successful exploitation. Upgrades are advised for all users. View of the Most Recent Batch of Releases On GitHub…

Read more →

VMware Workstation, Workstation Pro, and Fusion have been subjected to several privately reported and fixed flaws. VMware has published a security advisory on the critical bugs discovered and their workarounds. CVE(s): The severity of these CVEs varies from 7.1 to…

Read more →

Mirai botnet exploits CVE-2023-1389 to add TP-Link Archer A21 (AX1800) routers to DDoS attacks. During the Pwn2Own Toronto event in December 2022, two hacking teams exploited the vulnerability in different ways via:- In January 2023, the flaw was unveiled to…

Read more →

A zero-day flaw in Cisco’s Prime Collaboration Deployment (PCD) software that can be used to launch cross-site scripting attacks has been identified. “A vulnerability in the web-based management interface of Cisco Prime Collaboration Deployment could allow an unauthenticated, remote attacker…

Read more →

Phishing has been one of the greatest threats to organizations, growing year after year. Phishing attacks have contributed to 90% of data breaches in the past few years, which makes cybercriminals adapt to them, making their attacks much more successful.…

Read more →

In the recent hybrid, multi-vendor, multi-threat world, Cisco Extended Detection and Response (XDR) streamlines security operations with unrivaled visibility across the network and endpoint. To accomplish its goal of the Cisco Security Cloud, a unified, AI-driven, cross-domain security platform, Cisco…

Read more →

Google Authenticator was launched in 2010, which provides additional security for various applications by providing authentication codes for every sign-in. This prevents attackers from account takeover on any application linked with Google Authenticator. Google has launched various authentication mechanisms like…

Read more →

Threat actors are actively taking advantage of critical vulnerabilities present in the PaperCut MF/NG print management software.  This exploitation aims to plant Atera remote management software onto the targeted servers to gain control over them. From more than 70,000 companies…

Read more →

Microsoft has initiated the naming taxonomy for threat actor groups. Over the years, threat actors have evolved massively, leading to confusion about which threat actor was responsible for which threat activity. To solve this, Microsoft has introduced this naming taxonomy…

Read more →

The ‘Decoy Dog’ malware toolkit, aimed at enterprises, was uncovered recently by the security analysts at Infoblox by analyzing 70 billion DNS records and traffic that differs from typical online behavior. Decoy Dog was discovered in early April 2023, and…

Read more →

An Israeli cybersecurity company, Astrix’s Security Research Group, discovered a 0-day vulnerability in Google’s Cloud Platform (GCP) dubbed Ghosttoken on June 19, 2022, which impacts all Google users. The “GhostToken” vulnerability could enable threat actors to make a malicious application…

Read more →

Single Sign-on is an authentication process that helps to log in to multiple applications using single login credentials. Security is enhanced through Single Sign-on (SSO) because the various secret password trouble diminishes users. Let be honest; users detest complex passwords;…

Read more →

Japanese cybersecurity experts warn that ChatGPT can be deceived by users who input a prompt to mimic developer mode, leading the AI chatbot to generate code for malicious software. Developers’ security measures to deter unethical and criminal exploitation of the…

Read more →

Recently, a new attack campaign has been discovered by the cybersecurity researchers at Aqua Security that exploits Kubernetes RBAC to assemble backdoors and mine cryptocurrency like Monero. Kubernetes API access control system known as RBAC enables administrators to specify which…

Read more →

Two new critical flaws have been found in Alibaba Cloud’s popular services, ApsaraDB and AnalyticDB. Both of them were in support of PostgreSQL. Wiz security research team has termed this vulnerability as #BrokenSesame.  One of these vulnerabilities performs Supply-Chain attacks…

Read more →

Two new critical flaws have been found in Alibaba Cloud’s popular services, ApsaraDB and AnalyticDB. Both of them were in support of PostgreSQL. Wiz security research team has termed this vulnerability as #BrokenSesame.  One of these vulnerabilities performs Supply-Chain attacks…

Read more →

A new hacking tool, AuKill, disables Endpoint Detection & Response (EDR) software for threat actors to launch BYOD attacks by deploying backdoors and ransomware on targeted systems. Sophos researchers witnessed the usage of AuKill in two incidents where an adversary…

Read more →

Researchers have recently found that the ICICI Bank systems misconfiguration caused data leakage, exposing more than 3.6 million customers’ sensitive data. ICICI Bank, a multinational Indian bank, operates in 15+ countries worldwide and boasts a market value exceeding $76 billion…

Read more →

A recent report from CISA (US Cybersecurity and Infrastructure Security Agency)  revealed that the APT 28 group was responsible for exploiting Cisco routers with poor maintenance using CVE-2017-6742.  CVE-2017-6742 Attack:  Reconnaissance with RCE in Cisco SNMP (Simple Network Management Protocol)…

Read more →

ESET researchers have recently discovered that Linux users targeted with malware in the new “Operation DreamJob” Lazarus campaign for the first time. The group behind DreamJob deploys social engineering tactics with the guise of fake job offers as lures to…

Read more →

A recent report from CISA (US Cybersecurity and Infrastructure Security Agency)  revealed that the APT 28 group was responsible for exploiting Cisco routers with poor maintenance using CVE-2017-6742.  CVE-2017-6742 Attack:  Reconnaissance with RCE in Cisco SNMP (Simple Network Management Protocol)…

Read more →

On April 18, 2023, Google released a new update for Chrome Desktop versions with security updates for actively exploited second Chrome zero-day vulnerability that allows attackers to execute an arbitrary code to take complete control of the system remotely. CVE-2023-2136…

Read more →

In 2022, NSO Group, the Israeli firm notorious for its spyware technology, reemerged with a slew of zero-click exploit chains designed for iOS 15 and iOS 16.  These sophisticated chains of exploits, targeted at iPhones and iPads, were deployed against…

Read more →

The X-Force team at IBM has recently found a new malware family known as “Domino,” made by ITG14, aka FIN7, a notorious group of cyber criminals. ITG23, a Trickbot/Conti gang monitored by X-Force, has been deploying the newly discovered malware,…

Read more →

An independent security analyst and bug hunter, Nagli (@naglinagli), recently uncovered a critical security vulnerability in ChatGPT that allow attackers to easily exploit the vulnerability and gain complete control of any ChatGPT user’s account.  ChatGPT has become extensively used by…

Read more →

Researchers at ESET found that hardware on resale in the market consisted of highly confidential information such as IPsec or VPN credentials, hashed root passwords, and much more. Second-Hand sales of computing equipment have been in place ever since the…

Read more →

Google released the threat horizon report for April 2023, which showed multiple methods used by threat actors for evading security systems. Google’s Cybersecurity Action Team (GCAT) and Mandiant researched a list of techniques and methods used by threat actors over…

Read more →

Recent car thefts have involved technology concealed inside outdated Nokia phones and Bluetooth speakers. This brand-new type of car theft is becoming more prevalent in the US. Criminals use tiny gadgets to interface with the car’s control system, sometimes hidden…

Read more →

Every day tens of thousands of Spear phishing emails are sent to millions of victims around the world. Cyber-attacks have different pathways now; they can strike you from inside or outside, with equal damages across your network. Targeted takedowns could…

Read more →

CYFIRMA recently detected a cyber-attack on a person living in Kashmir, India, and obtained two malware pieces from the victim’s mobile download folder. The investigation of these samples links the recent cyber-attack to DoNot APT, which has a long-standing record…

Read more →

NCR, a major player in the US payments industry, admitted it was a target of a ransomware attack for which the BlackCat/Alphv group claimed responsibility. On April 12, NCR revealed that it was looking into an “issue” with its Aloha…

Read more →

Recently, McAfee’s Mobile Research Team discovered ‘Goldoson,’ a new type of Android malware, has crept into the Google Play store through 60 genuine apps, downloaded by a whopping 100 million users. The sneaky malware component found in all 60 apps…

Read more →

As more stolen ChatGPT Premium accounts are traded, cybercriminals can circumvent OpenAI’s geofencing restrictions and gain unrestricted access to ChatGPT, according to Check Point Research (CPR). One of the most thriving markets in the hacker underworld and on the dark…

Read more →

WD (Western Digital), the data storage solutions provider, recently announced a distressing announcement. In a cybersecurity incident, their network suffered a data breach that allowed threat actors to unauthorizedly access data across multiple systems. Threat actors behind the recent cyber…

Read more →

Lynis is an open source security auditing tool. Its main goal is to audit and harden Unix and Linux based systems. It scans the system by performing many security control checks. Examples include searching for installed software and determine possible…

Read more →

To address the first zero-day vulnerability exploited in assaults since the year’s beginning, Google has published an urgent Chrome security upgrade. Users on the Stable Desktop channel are receiving the updated version, which will gradually become available to all users…

Read more →

To address the first zero-day vulnerability exploited in assaults since the year’s beginning, Google has published an urgent Chrome security upgrade. Users of the Stable Desktop channel are receiving the updated version, and over the next few days or weeks,…

Read more →

Insider attacks often catch organizations by surprise because they’re tricky to spot. Banking on reactive solutions like antivirus software or a patch management solution to avoid such attacks is not wise. Understanding what contributes to the increasing number of insider…

Read more →

On Thursday, the European Data Protection Board (EDPB)announced that it had established a task force on ChatGPT, a potentially significant first step towards a uniform policy on setting privacy regulations for artificial intelligence. “The EDPB decided to launch a dedicated task…

Read more →

Charley Snyder, the Head of Security Policy at Google, has posted a new initiative that will eliminate the risk of vulnerabilities and protect security researchers. In his post, he mentioned, “The security industry has improved in many ways, both in…

Read more →

Recently, Cado Security Labs discovered and unveiled details of a new Python-based credential harvester called “Legion.” Cybersecurity researchers have asserted that this hacking tool, “Legion” has already made its way to Telegram and is being actively marketed on Telegram by…

Read more →

Cloudflare released a threat report for DDoS of Q1 2023, showing that cyber threat actors use VPS-based attack vectors instead of compromised IoT (Internet of Things) devices. DDoS is an abbreviation for Distributed Denial of Service attack in which threat…

Read more →

WhatsApp recently announced a set of new security features that are intended to ensure more robust privacy and safety for its users. The security policy of WhatsApp is based on the principle that the user’s messages will be protected with…

Read more →

Whether you’re a large or small business, network security is something you can’t ignore. Threat actors can and will, infiltrate businesses of any size wreaking havoc on computer systems, maliciously encrypting data, and in some cases completely destroying a company’s…

Read more →

With improved protocol support, various bug fixes, and several enhancements, Wireshark has released version 4.0.5. On March 3, 2023, the most recent version of Wireshark 4.0.4 was made available; this is the second upgrade of this year. The open-source packet analyzer…

Read more →

Hyundai reported a data breach that impacted car owners in Italy and France and people who booked their test drives. The company has warned that hackers accessed customers’ data. Hyundai owns roughly 3% of the market shares in Italy and…

Read more →

The Kodi Foundation learned that a dump of the Kodi user forum, MyBB software, was being sold on online forums. Kodi is a multi-platform, open-source media player, manager, and streaming suite. It supports a wide range of third-party add-ons, which give users…

Read more →

MERCURY, an Iranian nation-state group, has recently been detected by Microsoft’s Threat Intelligence team operating under the guise of a ransomware attack in hybrid environments. Since 2017, MERCURY has been conducting espionage campaigns against targets in the Middle East, and…

Read more →

It’s been almost half a year since the revolutionary ChatGPT was released. Amazingly, it reached 100 million users in just two months. ChatGPT has an unimaginable potential to answer things that need a lot of research. Due to its increasingly…

Read more →

The rise of digital ad fraud has been a nightmare for businesses and marketers alike. Sophisticated bots can easily imitate human behavior and generate fake clicks, views, and impressions, costing companies millions of dollars in wasted ad spending. Is your…

Read more →

Microsoft Threat Intelligence experts say a threat group is associated with “QuaDream,” an Israeli-based private sector offensive actor (PSOA).  It employed a zero-click exploit called END OF DAYS to compromise the iPhones of high-risk individuals. Reports say QuaDream sells a…

Read more →

Researchers detect a new malware campaign that uses a web page with fake Google Chrome error screens, and the campaign actively distributing malware since Feb 2023. With the help of social engineering techniques, threat actors trick victims into executing the…

Read more →

In recent times, it has been observed by the security researchers at Kaspersky’s SecureList that the official Google Play store’s security has become increasingly vulnerable to the schemes of the threat actors.  These shady actors have exploited various loopholes to…

Read more →

Sophos has released a new security advisory that has fixed 3 of its significant vulnerabilities, allowing threat actors to execute arbitrary code injection on Sophos Web Appliance (SWA). CVE(s): CVE-2023-1671 – Pre-Auth Command Injection in Sophos Web Appliance CVSS Score:…

Read more →

Apple has recently taken swift action to patch two zero-day vulnerabilities that posed a potential threat of exploitation in cyberattacks.  The vulnerabilities have been successfully fixed in emergency security updates released by Apple to safeguard its devices, such as iPhones,…

Read more →

A new ALPHV (aka BlackCat Ransomware) has been found and tracked under the ID UNC4466. This ransomware affiliate uses Veritas Backup Exec Installations, which are vulnerable to CVE-2021-27876, CVE-2021-27877, and CVE-2021-2787878. However, these CVEs are used for the initial access…

Read more →

Reuters reported that between 2019 and 2022, groups of Tesla employees secretly shared via internal messaging system occasionally highly intrusive recordings and photographs captured by consumers’ car cameras. A notable statement from Tesla Inc. is that it guarantees the millions…

Read more →

A cyberattack was recently launched on some of the information systems of the multinational Taiwanese technology company Micro-Star International (MSI) Co., Ltd. According to MSI’s statement, the incident was swiftly reported to law enforcement authorities, and recovery efforts have begun.…

Read more →

According to reports, Amazon has stopped selling Flipper Zero, one of the most widely used pentesting tools. Amazon tagged the product as a “card-skimming device” and prohibited its selling on the e-commerce platform.  Flipper Zero was one of the best…

Read more →

A new malware strain known as the cybersecurity analysts at Trustwave SpiderLabs recently discovered Rilide. This new malware is specifically designed to attack web browsers that are built on the Chromium platform, including:- Trustwave SpiderLabs researchers have discovered that Rilide…

Read more →

The ransomware gang responsible for the February attack on the City of Oakland, California, released a second data dump. The dump consisted of nearly 600 gigabytes of files that contained stolen municipal data, exposing critical information on thousands of employees…

Read more →

Telegram is becoming an increasingly popular platform for users as well as cyber-criminals. It has become a Mini Dark-web since 2021 when cyber threat actors have been using them. The services these threat actors offer vary from Automation of Phishing,…

Read more →

Google plans to restrict apps that offer loans to individuals from accessing confidential user information, including contacts, photos, and videos, to prevent inappropriate behavior from lenders that threaten borrowers.  On Wednesday, Google updated its Personal Loans policy for Play Store apps,…

Read more →