Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

The Matanbuchus malware has been reported to initiate a new campaign, exploiting XLS files to compromise Windows machines. This sophisticated threat, known for its loader-as-a-service model, has been active for several years and poses a risk to users worldwide. Matanbuchus,…

Read more →

In recent months, the cybersecurity landscape has witnessed a significant evolution in ransomware attacks, with perpetrators deploying an increasingly diverse array of data-exfiltration tools. Symantec’s latest findings reveal that attackers have utilized at least a dozen different tools for data…

Read more →

In recent months, the cybersecurity landscape has witnessed a significant evolution in ransomware attacks, with perpetrators deploying an increasingly diverse array of data-exfiltration tools. Symantec’s latest findings reveal that attackers have utilized at least a dozen different tools for data…

Read more →

VMware’s ESXi, Workstation, and Fusion products could allow attackers to execute malicious code on affected systems. Impacted VMware Products These vulnerabilities impact the following VMware products: VMware has acknowledged the presence of several vulnerabilities in its products after they were…

Read more →

Enterprises across the United States and Europe are on high alert as a new ransomware strain, dubbed “DoNex,” has been actively compromising companies and claiming victims. This emergent threat has cybersecurity experts working overtime to understand the attack’s full scope…

Read more →

Threat actors aim at Cloud environments because of their wide acceptance and one-stop storage of important information.  Exploiting shortcomings in cloud security may enable unauthorized access to sensitive data, interruptions in infrastructure, or earning money. The fact that the systems…

Read more →

The Massachusetts Institute of Technology’s (MITRE) Aviation Risk Identification and Assessment (ARIA) software program is a powerful tool to enhance aviation safety and efficiency. Developed by the MITRE Corporation, a non-profit organization that operates federally funded research and development centers,…

Read more →

 Henry Onyedikachi Echefu, a 32-year-old Nigerian national, has admitted to his role in a sophisticated business email compromise (BEC) scheme and money laundering activities. This case highlights the global nature of cybercrime and the importance of international cooperation in bringing…

Read more →

Evasive Panda dubbed BRONZE HIGHLAND and Daggerfly, a Chinese-speaking APT group operating since at least 2012, has been spotted conducting cyberespionage targeting individuals in mainland China, Hong Kong, Macao, and Nigeria.  Southeast and East Asian governments, notably those in China, Macao,…

Read more →

Threat actors target email addresses, as they provide a way to access personal and confidential information. Emails often hold valuable data such as financials, login credentials, and personal messages. The attackers could start different kinds of cyber-attacks and propagate malware…

Read more →

The frequency of malicious emails successfully circumventing Secure Email Gateways (SEGs) has doubled in the past year. This surge highlights the evolving sophistication of cyber threats and the challenges organizations face in protecting digital assets. According to Cofense’s analysis, a malicious email bypasses SEGs every minute, signifying a relentless assault on corporate defenses. The…

Read more →

A Google engineer has been arrested for stealing trade secrets, particularly those related to artificial intelligence (AI) technology. Linwei Ding, also known as Leon Ding, is a 38-year-old software engineer and resident of Newark, California. A federal grand jury has…

Read more →

Company Open Sources FHE Libraries to Build Privacy-Preserving Blockchain and AI Applications for the First Time. An investment has been secured to bring Fully Homomorphic Encryption (FHE) to the fore, giving developers the ability to address data privacy challenges across…

Read more →

The hacker group known as Server Killers has announced their participation in a coordinated cyber attack on Moldova. This group has joined forces with several other notorious hacker collectives, signaling a worrying escalation in cyber threats against the Eastern European…

Read more →

A new menace has emerged targeting unsuspecting Facebook Messenger users. Dubbed the “Python Infostealer,” this malicious software is designed to pilfer credentials through sophisticated means, leveraging popular platforms like GitHub and GitLab for its nefarious purposes. Stealthy Approach of Python…

Read more →

Researchers recently uncovered distributed brute force attacks on target WordPress websites using the browsers of innocent site visitors.  A recent increase in website hacking that targets Web3 and cryptocurrency assets was noticed two weeks ago. With the use of cryptocurrency drainers, this…

Read more →

Cisco has alerted its customers to critical vulnerabilities in the web-based management interface of its Small Business 100, 300, and 500 Series Wireless Access Points (APs). These flaws could allow an authenticated, remote attacker to perform command injection and buffer…

Read more →

A sophisticated malware campaign targeting servers running popular web-facing services such as Apache Hadoop YARN, Docker, Confluence, and Redis has been identified. This campaign is notable for using unique and previously unreported payloads, including four Golang binaries designed to automate…

Read more →

Cisco has alerted its customers to critical vulnerabilities in the web-based management interface of its Small Business 100, 300, and 500 Series Wireless Access Points (APs). These flaws could allow an authenticated, remote attacker to perform command injection and buffer…

Read more →

Vulnerabilities in VMware software expose it to remote execution of code by threat actors due to critical defects.  These are found in different parts of the virtualization platform, management interfaces, and other related tools, making the flaw latent.  This can…

Read more →

PetSmart, Inc. is a renowned retail chain operating in the United States, Canada, and Puerto Rico. It offers a comprehensive range of pet products and services such as pet supplies, grooming, training, and in-store adoptions. PetSmart prides itself on being…

Read more →

The National Security Agency (NSA) issued a Cybersecurity Information Sheet (CSI) that discusses limiting adversary lateral movement within an organization’s network to access sensitive data and vital systems. This offers instructions on how to use Zero Trust principles to strengthen internal…

Read more →

Ransomware attacks remain a formidable challenge for organizations worldwide. These attacks not only encrypt critical data, rendering it inaccessible to the rightful owners but increasingly involve the exfiltration of sensitive information.  This dual-threat approach amplifies the potential damage, as attackers…

Read more →

Apple releases emergency fixes to address two new zero-day vulnerabilities in iOS that impact iPhones. The two zero-day vulnerabilities were discovered in RTKit, tracked as CVE-2024-23296, and the iOS Kernel, tracked as CVE-2024-23225. If exploited by an attacker with kernel…

Read more →

A critical vulnerability in OpenNMS, a widely used network monitoring solution, has been identified, allowing attackers to inject malicious JavaScript payloads through a Cross-Site Scripting (XSS) flaw. This vulnerability, tracked as CVE-2023-0846, has raised significant concerns due to its potential…

Read more →

American Express has recently notified its customers of a data breach involving a third-party service provider, marking a security incident that has potentially compromised customer information. This breach underscores the vulnerabilities that can arise from third-party partnerships, even when a…

Read more →

QEMU is an open-source platform that provides a secure and private virtualized space for trying out malicious codes, exploits, and attacks on their own environments.  ⁤This controlled testing ground minimizes the risk of detection and legal matters. ⁤⁤ Moreover, QEMU…

Read more →

A prominent cybersecurity technology creator, has released its latest report, “Hi-Tech Crime Trends 2023/2024,” highlighting critical global cyber threats. The report reveals a concerning trend where over 225,000 compromised ChatGPT credentials are being sold on dark web markets, posing security…

Read more →

Hackers use weaponized calendar invites to exploit vulnerabilities in email systems, tricking users into clicking on malicious links or downloading malware disguised as event attachments.  By leveraging trust in calendar invitations, threat actors increase the likelihood of successful phishing attacks…

Read more →

A threat actor has been identified as creating fraudulent Skype, Google Meet, and Zoom websites to distribute malware, explicitly targeting Android and Windows users. This article delves into the details of this malicious campaign and explains how users can identify…

Read more →

Hackers launch large-scale DDoS attacks to disrupt and make online services inaccessible, driven by motives like revenge or protest, flooding targets with massive amounts of traffic to disable websites. Recently, the cybersecurity researchers at Sekoia identified that the Russian hacker…

Read more →

Hackers have been found exploiting a vulnerability in a WordPress Plugin 3DPrint Lite(CVE-2021-4436) to deploy the notorious Godzilla Web Shell. This malicious activity significantly threatens website security and data integrity, prompting concerns among cybersecurity experts and website administrators worldwide. Cybercriminals…

Read more →

In cybersecurity, the battle against malware is critical, akin to handling dangerous pathogens. The importance of secure environments for analyzing malware cannot be overstated, and this is where sandboxes play a pivotal role. ANY.RUN, a cloud interactive malware sandbox, is…

Read more →

The Federal Bureau of Investigation (FBI) has successfully seized a website associated with the ALPHV BlackCat ransomware group. The seizure was part of a coordinated law enforcement action targeting the notorious ransomware operation. The operation was a collaborative effort involving…

Read more →

Threat actors use hacked domain control to host malicious content by leveraging legitimate domains to evade detection by security measures.  Anti-AV tactics are employed to bypass the antivirus software and tools that enable the execution of malicious code without detection.…

Read more →

Threat actors known as CACTUS orchestrated a sophisticated attack on two companies simultaneously, exploiting a software vulnerability within 24 hours of its disclosure. This coordinated ransomware attack highlighted organizations’ growing risks in the digital landscape. The attack involved intricate steps,…

Read more →

Researchers have discovered a new backdoor named GTPDOOR that targets telecommunication network systems within the closed GRX network, which connects multiple telecommunication network operators.  The GRX network is a closed network that connects individual network operators from various telecom companies. …

Read more →

Meta, the company that owns WhatsApp, filed a lawsuit against NSO Group in 2019. The lawsuit claims that NSO took advantage of a vulnerability in WhatsApp to install the Pegasus spyware on certain user devices without their permission. This means…

Read more →

Threat actors employ phishing scams to trick individuals into giving away important details like login credentials or financial data.  It is a method of cheating human confidence due to social engineering, making it cheap and hence widely used as a…

Read more →

The Middle East and Africa (MEA) region has witnessed a surge in ransomware-as-a-service (RaaS) attacks, posing a grave threat to digital security. This comprehensive report delves into the key findings, attack trends, the impact on businesses, and the crucial preventive…

Read more →

The United States Department of Justice (DoJ) has charged an Iranian national, Alireza Shafie Nasab, for his alleged involvement in a sophisticated cyber-espionage campaign targeting American entities. The indictment, unsealed recently, reveals a multi-year operation that compromised governmental and private…

Read more →

SolarWinds cyberattack was one of the largest attacks of the century in which attackers used the Golden SAML attack in post-breach exploitation to affect thousands of organizations all over the world including the United States government for deploying malicious code…

Read more →

Researchers have developed what they claim to be one of the first generative AI worms, named Morris II, capable of autonomously spreading between AI systems. This new form of cyberattack, reminiscent of the original Morris worm that wreaked havoc on…

Read more →

Researchers have developed what they claim to be one of the first generative AI worms, named Morris II, capable of autonomously spreading between AI systems. This new form of cyberattack, reminiscent of the original Morris worm that wreaked havoc on…

Read more →

The Golden Corral Corporation, a popular American restaurant chain, has suffered a significant data breach, compromising the personal information of over 180,000 past and present employees, dependents, and beneficiaries. You can analyze a malware file, network, module, and registry activity…

Read more →

A new wave of cyber threats has emerged as the RisePro information stealer targets Windows users, compromising sensitive data and causing significant security concerns. RisePro, which shares similarities with the Vidar stealer, is a Trojan-type malware that infiltrates systems to…

Read more →

The Common Weakness Enumeration (CWE) project, a cornerstone in the cybersecurity landscape, has unveiled its latest iteration, version 4.14, introducing significant updates and enhancements to bolster the security of both hardware and software systems. This release underscores the collaborative effort…

Read more →

CutOut.Pro, an AI-powered photo and video editing platform, has reportedly suffered a data breach, exposing personal information belonging to over 20 million users. The breach was first brought to light by an individual using the alias ‘KryptonZambie’ on the BreachForums…

Read more →

The Golden Corral Corporation, a popular American restaurant chain, has suffered a significant data breach, compromising the personal information of over 180,000 past and present employees, dependents, and beneficiaries. You can analyze a malware file, network, module, and registry activity…

Read more →

Threat actors target and abuse VPN flaws because VPNs are often used to secure sensitive data and communications, making them valuable targets for exploitation.  By exploiting the VPN flaws, threat actors can gain unauthorized access to networks, intercept confidential data,…

Read more →

Malicious hackers sometimes jailbreak language models (LMs) to exploit bugs in the systems so that they can perform a multitude of illicit activities.  However, this is also driven by the need to gather classified information, introduce malicious materials, and tamper…

Read more →

Anycubic 3D printer owners have been caught off guard by a series of unauthorized messages warning them of a critical security flaw. The incident has raised concerns about the safety of internet-connected devices and the potential for exploitation. You can…

Read more →

To safeguard the privacy and security of American citizens, President Joe Biden has issued an Executive Order to prevent the sale and transfer of sensitive personal data to countries deemed as threats, notably China and Russia. This decisive action represents…

Read more →

Kali Linux recently released version 2024.1, the first release of the year 2024, with new Micro Mirror free software CDN, a theme refresh, additional Desktop environment changes, NetHunter updates, and four new tools. Kali Linux is one of the most…

Read more →

LockBit 3.0 is a sophisticated ransomware identified as a significant threat to organizations worldwide. This ransomware variant is designed to encrypt files on infected systems, rendering them inaccessible until a ransom is paid. LockBit” is a ransomware-as-a-service (RaaS) group active since September…

Read more →

Acemagic, a Chinese manufacturer of mini PCs, has been found to ship devices laden with malware, raising significant concerns about cybersecurity and consumer safety. Further investigations revealed that other models, including the AD15 and S1, also harbored similar malicious software.…

Read more →

Security researchers have uncovered a massive campaign of repository confusion attacks on GitHub, affecting over 100,000 repositories and potentially millions more. This sophisticated cyberattack targets developers by tricking them into downloading and using malicious repositories disguised as legitimate ones. You…

Read more →

The Lazarus Group, a well-known cybercriminal organization, has recently exploited a zero-day vulnerability in Windows to gain kernel privileges, a critical level of system access. This vulnerability, identified as CVE-2024-21338, was found in the appid.Sys AppLocker driver was patched by…

Read more →

Over the years, several reports associated with cybercriminals have been based in Russia and Western countries. This is due to the fact that many sophisticated cyber attacks and data leaks originate from these regions. Though this is the case, there…

Read more →

Threat actors use weaponized PDF files for initial infection. This is because they can be embedded with malicious code, PDF readers’ vulnerabilities are exploited, and users are tricked into activating the payload. Since they are common trusted file types, PDFs…

Read more →

The Predator Files project, coordinated by the European Investigative Collaborations (EIC), has highlighted the extensive use of Predator spyware by customers of Intellexa surveillance solutions. The intrusion set, known as Lycantrox, was exposed by Sekoia.io in collaboration with Amnesty International,…

Read more →

To raise awareness of the ALPHV Blackcat ransomware as a service (RaaS) that targets the US healthcare industry, the FBI, CISA, and the Department of Health and Human Services (HHS) have collaborated to release a joint Cybersecurity Advisory (CSA). To get…

Read more →

In the ever-evolving landscape of cybersecurity threats, a new variant of the AMOS (Atomic) Stealer malware has emerged, targeting macOS users with sophisticated techniques to steal sensitive information. Bitdefender’s recent analysis sheds light on this alarming development, revealing the malware’s…

Read more →

In a significant cybersecurity incident, loanDepot, a prominent player in the loan and mortgage industry, announced a data breach that potentially compromised the sensitive personal information of approximately 16.9 million individuals. This breach, identified in early January 2024, has raised…

Read more →

Cybersecurity experts have raised alarms as a new version of the notorious WarZone Remote Access Trojan (RAT) has been spotted being advertised on various hacking forums. The latest iteration, known as WarZone RAT v3, boasts enhanced features and capabilities, making…

Read more →

Cybersecurity experts have raised alarms over a new threat vector targeting Python developers: typo-squatting on the Python Package Index (PyPI). The notorious Lazarus group, known for its cyber espionage and sabotage activities, has been implicated in the release of malicious…

Read more →

Cybersecurity experts have raised alarms over a new threat vector targeting Python developers: typo-squatting on the Python Package Index (PyPI). The notorious Lazarus group, known for its cyber espionage and sabotage activities, has been implicated in the release of malicious…

Read more →

Researchers from ANY.RUN reported a new wave of DCRat malware, known for its wide array of harmful functions, selling the membership for the low cost of $5. The detailed report covers the distribution, dynamic, and static analysis of DCRat, also…

Read more →

Hackers have exploited a vulnerability in a 14-year-old Content Management System (CMS) editor, FCKeditor, to launch SEO poisoning attacks against government and educational websites worldwide. This campaign has compromised numerous sites, redirecting unsuspecting users to malicious or scam websites through…

Read more →

FortiGuard Labs has released a report detailing the emergence and impact of the Abyss Locker ransomware, which has been targeting Microsoft Windows and Linux platforms. Abyss Locker, believed to be based on the HelloKitty ransomware source code, has been stealing…

Read more →

Attackers have been using keywords like “remittance” and “receipts” to spread phishing scripts using Telegram to steal user data indiscriminately. In the past, phishing script files were disseminated using various strategies and techniques, like asking users to log in before…

Read more →

Four new vulnerabilities have been discovered in some of the Zyxel Firewall and access point (AP) versions that are associated with Denial of Service, OS Command Injection, and Remote code execution. These vulnerabilities have been assigned with CVE-2023-6397, CVE-2023-6398, CVE-2023-6399,…

Read more →

The current large surge in cyber threats has left many organizations grappling for security so ThreatHunter.ai is taking decisive action. Recognizing the critical juncture at which the digital world stands, ThreatHunter.ai is now offering their cutting-edge cybersecurity services free of…

Read more →

A critical security flaw has been identified in the Ultimate Member plugin for WordPress, which could potentially put over 200,000 websites at risk. The vulnerability was discovered by Christiaan Swiers and reported through the Wordfence Bug Bounty Program, earning him…

Read more →

ConnectWise, a prominent software company, issued an urgent security bulletin on February 19, 2024, revealing two significant vulnerabilities in its self-hosted ScreenConnect servers. These vulnerabilities were initially reported on February 13 through a vulnerability disclosure program and were not actively…

Read more →

PIKABOT is a polymorphic malware that constantly modifies its code, making it hard to recognize and easily bypasses the Endpoint Detection and Response (EDR) systems.  Obfuscation, encryption, and anti-analysis techniques help the object avoid these traditional security measures.  PIKABOT is…

Read more →

It has come to light that a group known as Anonymous Sudan is actively promoting a new Distributed Denial of Service (DDoS) botnet service named “Skynet-GodzillaBotnet.” An advertisement circulating online showcases a red dragon logo with the word “SKYNET.” The…

Read more →

It has come to light that a group known as Anonymous Sudan is actively promoting a new Distributed Denial of Service (DDoS) botnet service named “Skynet-GodzillaBotnet.” An advertisement circulating online showcases a red dragon logo with the word “SKYNET.” The…

Read more →

Scattered Spider is a threat group responsible for attacking several organizations since May 2022 by using techniques like social engineering, ransomware, extortion, SIM Swapping and many other tactics. There were also reports that this threat group was affiliated with the…

Read more →

In a significant escalation of cyber threats, the 8220 Gang, a notorious Chinese-based hacker group, has intensified its attacks on cloud-based infrastructure, targeting both Linux and Windows users to mine cryptocurrency. This latest campaign, from May 2023 through February 2024, marks a concerning advancement in the group’s tactics and poses a heightened risk to cloud security worldwide.…

Read more →

Concerning a development for organizations leveraging Apache’s big-data solutions, a new variant of the Lucifer DDoS botnet malware targeting Apache Hadoop and Apache Druid servers has been identified. This sophisticated malware campaign exploits existing vulnerabilities and misconfigurations within these systems…

Read more →

HackerGPT is a cutting-edge AI tool designed explicitly for the cybersecurity sector, particularly beneficial for individuals involved in ethical hacking, such as bug bounty hunters. This advanced assistant is at the cutting edge of cyber intelligence, offering a vast repository…

Read more →

AV (antivirus) companies normally do not sell user’s browsing data, as it goes against their commitment to user privacy and security. Their business model relies on protecting against cyber threats rather than exploiting user data.  But, recently, The Federal Trade…

Read more →

In a significant move to bolster the security of generative AI systems, Microsoft has announced the release of an open automation framework named PyRIT (Python Risk Identification Toolkit). This innovative toolkit enables security professionals and machine learning engineers to proactively…

Read more →

Outlook has identified a security flaw that affects how it handles certain hyperlinks.  Malware actors actively exploit the vulnerability in real-world attacks. The assigned CVE number for this vulnerability is CVE-2024-21413, with a severity rating of 9.8 (Critical). Microsoft has…

Read more →

In a strategic move to enhance its cyber risk management capabilities, Resilience has announced the acquisition of BreachQuest, an innovative incident response technology firm. This acquisition marks a significant step in Resilience’s efforts to combat the escalating threat of Business…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA), the Environmental Protection Agency (EPA), and the Federal Bureau of Investigation (FBI) have collaborated to develop a highly significant cybersecurity guide that is specifically intended for Water and Wastewater Systems (WWS) entities. This…

Read more →

The oil and gas sector faces a significant cybersecurity threat with the emergence of a new and sophisticated Malware-as-a-Service (MaaS) infostealer known as Rhadamanthys Stealer. This advanced phishing campaign has successfully reached its intended targets within the industry, raising concerns…

Read more →

Linux, traditionally viewed as a more secure operating system than Windows, has experienced a notable increase in malware attacks. In 2022, Linux malware incidents surged by 50%, significantly increasing and highlighting the critical need for robust analysis and defense mechanisms.…

Read more →

Hackers target Apex code vulnerabilities in Salesforce to exploit security weaknesses, gain unauthorized access to sensitive data, or manipulate the system. Apex is a powerful language that enables the customization of Salesforce with Java-like syntax. It executes logic, controls transactions,…

Read more →

In a startling revelation that has sent shockwaves through the cybersecurity community, a massive data leak has exposed the inner workings of I-Soon (上海安洵), a Chinese tech security firm with deep ties to the country’s government agencies, including the Ministry…

Read more →

In a significant move against cybercrime, the U.S. government has announced a bounty of up to $15 million for information that could lead to the identification, arrest, or conviction of individuals associated with the notorious LockBit ransomware group. This announcement…

Read more →

An updated version of the ObserverStealer known as AsukaStealer was observed to be advertised as malware-as-a-service that was capable of collecting data from desktop screenshots, Steam Desktop Authenticator application, FileZilla sessions, Telegram sessions, Discord tokens, browser extensions, and cryptocurrency wallets. This…

Read more →

Threat actors abuse Google Drive for several malicious activities due to its widespread use, easy file sharing, and collaboration features. These things provide a convenient platform to host and distribute malware. Integration with legitimate services makes detecting and blocking malicious…

Read more →

In a startling incident underscoring the growing menace of cybercrime, a woman’s Swiggy account was hacked, leading to fraudulent orders worth Rs 97,000. The Delhi Police swiftly acted on the complaint, arresting two individuals, Aniket Kalra (25) and Himanshu Kumar…

Read more →

A new cybersecurity threat targeting Facebook advertisers in Vietnam, known as VietCredCare, has emerged. This information stealer has been active since at least August 2022 and is designed to hijack corporate Facebook accounts by automatically filtering out Facebook session cookies…

Read more →

Google has recently unveiled Chrome 122, a significant milestone for the widely used web browser. The most recent release, compatible with Windows, Mac, and Linux operating systems, includes a set of crucial security patches and novel functionalities that enrich the…

Read more →

Researchers have discovered that threat actors have been using open-source platforms and codes for several purposes, such as hosting C2 infrastructure, storing stolen data, and delivering second and third-stage downloaders or rootkit programs. Two open-source PyPI packages were discovered to…

Read more →

The malware, termed Migo by the creators, attempts to infiltrate Redis servers to mine cryptocurrency on the Linux host. The campaign employed many Redis system-weakening commands to potentially disable data store security features that could hinder their initial attempts at access. Additionally, the…

Read more →

Security Onion Solutions has recently rolled out the latest version of its network security monitoring tool, Security Onion 2.4.50. This updated version comes equipped with an array of new features and bug fixes, making it an even more critical tool…

Read more →