Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Threat actors have claimed responsibility for a data breach involving Heineken employees. The news broke through a post on the social media platform tweeted by the account DarkWebInformer, which specializes in monitoring and reporting on dark web activities. Details of…

Read more →

ELLIO, a provider of real-time, highly accurate intelligence for filtering of unwanted network traffic and cybernoise, and ntop, a provider of open-source and commercial high-speed traffic monitoring applications, have announced a partnership to enhance visibility into malicious traffic originating from…

Read more →

DDoS-as-a-Service botnets are used by hackers to facilitate the most easily and cheaply launch of devastating distributed denial-of-service (DDoS) attacks. Purposely, these botnets are made up of hacked devices that can be rented or leased to cause service disruptions or…

Read more →

Attackers in South Korea are distributing malware disguised as cracked software, including RATs and crypto miners, and registering themselves with the Task Scheduler to ensure persistence.  Even after removing the initial malware, the Task Scheduler triggers PowerShell commands to download…

Read more →

Ever since Russia’s invasion of Ukraine on February 24, 2022, there have been heavy tensions between the nations and worldwide. After this incident, Ukraine imposed an eviction and termination moratorium on utility services for unpaid debt, ending in January 2024.…

Read more →

Hackers target IT industries as they hold valuable data, possess critical infrastructure, and often have access to sensitive information from various sectors.  Compromising IT companies can provide hackers with high-impact opportunities for espionage, financial gain, and disruption of essential services.…

Read more →

In recent cyberattacks, hackers are actively exploiting stored cross-site scripting (XSS) vulnerabilities in various WordPress plugins. According to Fastly reports, these vulnerabilities, identified as CVE-2024-2194, CVE-2023-6961, and CVE-2023-40000, are targeted due to inadequate input sanitization and output escaping, allowing attackers…

Read more →

VirusTotal, a leading online service for analyzing files and URLs for viruses, worms, trojans, and other malicious content, is celebrating its 20th anniversary. Since its inception in 2004, VirusTotal has become an indispensable tool for cybersecurity professionals and enthusiasts worldwide.…

Read more →

eSentire’s Threat Response Unit (TRU) uncovered a sophisticated malware campaign involving fake browser updates. This campaign has been responsible for delivering two dangerous malware variants:BitRAT and Lumma Stealer. The attackers use fake update mechanisms to trick users into downloading malicious…

Read more →

A new vulnerability related to authentication bypass was discovered in the Progress Telerik Report server. The CVE for this vulnerability has been assigned CVE-2024-4358, and its severity has been given as 9.8 (Critical). This vulnerability exists in Telerik Report Server…

Read more →

CryptoChameleon, a phishing tool detected in February 2024, was developed by someone anonymous and is used by threat actors to collect personal data such as usernames and passwords of mobile phone users. A thorough investigation has exposed many CryptoChameleon fast-flux…

Read more →

A critical vulnerability has been discovered in Spring Cloud Data Flow, a microservices-based platform for streaming and batch data processing in Cloud Foundry and Kubernetes. The flaw, identified in the Skipper server component, allows attackers to compromise the server by…

Read more →

Okta, a leading identity and access management company, has warned about credential stuffing attacks targeting its Customer Identity Cloud (CIC). The company has identified that threat actors are exploiting the cross-origin authentication feature within CIC. As part of its Okta…

Read more →

In a shocking revelation, a threat actor has allegedly leaked sensitive data belonging to Shell, one of the world’s leading energy companies. According to a tweet from Data Web Informer, the May 2024 data was posted on a popular hacking…

Read more →

Hackers target and exploit GitHub repositories for a multitude of reasons and illicit purposes. The widespread use of GitHub and the diverse range of codebases hosted on the platform make it an attractive target for threat actors seeking valuable information…

Read more →

Hackers employ DNS for various purposes like redirecting traffic to enable man-in-the-middle attacks, infecting malware through harmful sites, and flooding DNS servers with fake requests such as DDoS. DNS is everywhere and is a basic part of internet communication, making…

Read more →

Malicious traffic floods targeted systems, servers, or networks in Distributed Denial of Service (DDoS) attacks are actively exploited by hackers.  Sometimes, DDoS attacks are used as a distraction from other criminal activities, for extortion, to gain a competitive advantage, or…

Read more →

A new vulnerability has been discovered in macOS Sonoma that is associated with privilege escalation. This vulnerability has been assigned with CVE-2024-27842 and the severity is yet to be categorized. This vulnerability exists in the Universal Disk Format (UDF) filesystem…

Read more →

GNOME desktop manager was equipped with a new feature which allowed remote users to create graphical sessions on the system by configuring the system daemon. This daemon runs as a dedicated “gnome-remote-desktop” and also provides a D-bus interface on the…

Read more →

Today marks a significant milestone for Malcat users with the release of version 0.9.6, introducing Kesakode, a remote hash lookup service. This innovative tool is tightly integrated into Malcat’s UI and is designed to match known functions, strings, and constant…

Read more →

 A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software’s web-based management interface. This vulnerability could potentially allow authenticated, remote attackers to conduct SQL injection attacks on affected systems. This vulnerability, tracked as CVE-2024-20360, poses significant risks,…

Read more →

Hackers have exploited an obscure WordPress plugin to inject malware into websites, specifically targeting WooCommerce online stores to steal credit card information. This alarming trend highlights the persistent threat cybercriminals pose and the need for robust security measures in the…

Read more →

Google has released a patch for a zero-day exploit in its Chrome browser. The vulnerability, identified as CVE-2024-5274, involves a confusion issue in the V8 JavaScript engine, which could allow attackers to execute arbitrary code on affected systems. CVE-2024-5274 –…

Read more →

State-sponsored hackers recently exploited vulnerabilities in MITRE’s Networked Experimentation, Research, and Virtualization Environment (NERVE). They used rogue virtual machines (VMs) to evade detection and maintain persistence in a cyberattack. The attack, attributed to a China-linked group tracked as UNC5221, underscores…

Read more →

In multiple aggressive phishing attempts, the financially motivated organization UAC-0006 heavily targeted Ukraine, utilizing ZIP and RAR attachments to distribute SMOKELOADER malware. The most recent attacks involve emails that carry Microsoft Access files and ZIP archives that, when opened, install…

Read more →

Hackers target military and government networks for varied reasons, primarily related to spying, which involves interference in the functioning of critical infrastructure.  This is mainly because these networks hold sensitive data and command systems that if tampered with can be…

Read more →

Zero Trust Maturity measures the extent to which an organization has adopted and implemented the Zero Trust security model.  It calculates how fully a company has adopted Zero Trust’s foundational concepts, such as stringent authentication of each user, device, and…

Read more →

The scalability and flexibility of cloud platforms recently boosted the emerging trend of cryptomining attacks in the cloud. Unlike on-premises infrastructure, whereby it is difficult to scale up resources, cloud environments enable attackers to deploy resources for cryptomining rapidly, making…

Read more →

Gift cards are attractive to hackers since they provide quick monetization for stolen data or compromised systems. Reselling gift cards is simple, and they can also be converted into money, which makes them a comparatively risk-free means of ensuring threat…

Read more →

A new practical and powerful Denial of service attack has been discovered that exploits DNS queries and responses. This new attack has been termed “DNSBomb,” which transforms different security mechanisms employed by DNS, including reliability enhancement, security protection, timeout, query…

Read more →

Cybersecurity researchers have identified a series of malicious software packages targeting MacOS users. These packages, found on the Python Package Index (PyPI) and NPM, have been meticulously analyzed to uncover their malicious intent and sophisticated attack mechanisms. GuardDog: The Sentinel…

Read more →

Phishing attacks have evolved into increasingly sophisticated schemes to trick users into revealing their personal information. One such method that has gained prominence involves phishing emails masquerading as PDF viewer login pages. These deceptive emails lure unsuspecting users into entering their email addresses and passwords, compromising their online security. Forcepoint X-Labs has recently observed many phishing emails targeting various government departments in the Asia-Pacific (APAC)…

Read more →

Law enforcement agencies have successfully dismantled several dark web marketplaces offering illicit goods. Dubbed “Operation SpecTor,” this coordinated crackdown marks a significant victory in the ongoing battle against cybercrime and illegal online activities. This news was shared on the Dark…

Read more →

A new study by researchers at the University of Maryland has uncovered a privacy vulnerability in Apple’s Wi-Fi Positioning System (WPS) that allows attackers to track users’ locations and movements globally. The findings raise serious concerns about the potential for…

Read more →

A consumer-grade spyware app named pcTattletale has been discovered running on the check-in systems of at least three Wyndham hotels across the United States. This alarming discovery was made by TechCrunch, which reported that the app stealthily captured screenshots of…

Read more →

OpenText, a leader in information management solutions, has announced the acquisition of Pillr technology, a cloud-native, multi-tenant Managed Detection and Response (MDR) platform designed for Managed Service Providers (MSPs). This strategic move aims to improve OpenText’s cybersecurity capabilities, enabling it…

Read more →

Microsoft has shifted its scripting options for web development and task automation. The company is replacing VBScript with more advanced alternatives such as JavaScript and PowerShell to provide users with the most modern and efficient tools. This article explores what…

Read more →

Hackers exploit ransomware as it enables them to extort money from victims by encrypting their data and demanding a ransom for its release.  While this method is highly lucrative and often difficult to trace back to the perpetrators. Sentinel One…

Read more →

Hackers exploit the Microsoft Build Engine because it can execute code and build applications.  This engine provides an easy means for them to send harmful payloads using legitimate software development tools.  Moreover, inside corporate environments, Build Engine’s trusted nature enables…

Read more →

A new strain of malware known as Stealerium has been identified. It targets Wi-Fi networks and Microsoft Outlook to steal login credentials. This sophisticated malware poses a significant threat to individual users and organizations, highlighting the need for heightened vigilance…

Read more →

A group of hackers has claimed to have accessed the database of Qatar National Bank (QNB), one of the largest financial institutions in the Middle East. The announcement was made via a post on Twitter by the account MonThreat. ANYRUN…

Read more →

A phishing email with a malicious zip attachment initiates the attack. The zip contains a single executable disguised as an Excel file using Left-To-Right Override characters (LTRO).  LTRO makes the filename appears to have a harmless .xlsx extension (e.g., RFQ-101432620247flexe.xlsx)…

Read more →

OmniVision Technologies, Inc. (OVT) recently disclosed a significant security breach that compromised its clients’ personal data. The company, known for its advanced digital imaging solutions, reported that the incident occurred between September 4, 2023, and September 30, 2023. During this…

Read more →

In a recent investigation into Amazon Web Services (AWS) security breaches, Mandiant uncovered a troubling scenario client-specific secrets were leaked from Atlassian’s code repository tool, Bitbucket, and exploited by threat actors to gain unauthorized access to AWS accounts. This revelation…

Read more →

The widely used team workspace corporate wiki Confluence has been discovered to have a critical remote code execution vulnerability. This vulnerability has been assigned with CVE-2024-21683 with a severity of 8.3 (High).  This vulnerability affects multiple versions of Confluence Data…

Read more →

Western Sydney University has informed approximately 7,500 individuals today of an unauthorized access incident involving its IT network. The breach, first identified in January 2024, affected the University’s Microsoft Office 365 environment, including email accounts and SharePoint files. The earliest…

Read more →

Memcyco Inc., provider of digital trust technology designed to protect companies and their customers from digital impersonation fraud, released its inaugural 2024 State of Website Impersonation Scams report. Notably, Memcyco’s research indicates that the majority of companies do not have…

Read more →

North Korean hacking groups are suspected of hijacking the personal email accounts of high-ranking military officials. The Defense Ministry confirmed that a joint investigation is underway, involving both the police and military police. A dedicated task force has been established…

Read more →

Microsoft has been prioritizing security in Windows, as they introduced Secured-Core PCs to protect from hardware to cloud attacks and expanded passwordless offerings with passkeys for better identity protection.  Passkeys are protected by Windows Hello technology, and to further enhance…

Read more →

A new critical vulnerability has been discovered in Fluent Bit’s built-in HTTP server, which has been termed “Linguistic Lumberjack” (CVE-2024-4323). Exploiting this vulnerability can also lead to a denial of service, information disclosure, or remote code execution. Its severity has…

Read more →

A Russian influence campaign, DoppelGänger, leverages fake news websites (typosquatted and independent) to spread disinformation, undermining support for Ukraine. Structura and SDA are running the campaign, which started in May 2022 and targets France, Germany, and other countries.  Inauthentic social…

Read more →

Team82 has uncovered multiple critical vulnerabilities in Honeywell’s ControlEdge Virtual Unit Operations Center (UOC). These vulnerabilities within the EpicMo protocol implementation could potentially allow attackers to execute remote code without authentication. Honeywell has since addressed these issues, but the discovery…

Read more →

X-Force identified a phishing campaign targeting Latin American users since March 2024, where emails impersonate legitimate entities like tax and utility services, urging recipients to click links for invoices or account statements.  Clicking the link redirects users in specific countries…

Read more →

Fluent Bit, a widely used open-source data collector and processor, has been found to have a major memory loss flaw. Many big cloud providers use Fluent Bit for their logging because it is easy to use and can be scaled…

Read more →

Researchers have shown a proof-of-concept (PoC) attack for a zero-day remote code execution (RCE) flaw in the QTS operating system from QNAP. Users of QNAP’s Network-Attached Storage (NAS) devices, which are common in both small and big business settings, are…

Read more →

A critical remote code execution vulnerability has been discovered in the git clone which was assigned with CVE-2024-32002 and the severity has been given as 9.0 (Critical). This particular vulnerability existed in the clone command that is widely used.  Git…

Read more →

In the big data era, pre-training large vision transformer (ViT) models on massive datasets has become prevalent for enhanced performance on downstream tasks.  Visual prompting (VP), introducing learnable task-specific parameters while freezing the pre-trained backbone, offers an efficient adaptation alternative…

Read more →

In a recent encounter, the Akira ransomware group exploited a novel privilege escalation technique, where the attackers infiltrated the victim’s virtual environment to steal the NTDS.dit file, a critical file containing domain user accounts and passwords stored on domain controllers. …

Read more →

The U.S. Securities and Exchange Commission (SEC) has made changes to Regulation S-P that require financial companies to report data leaks within 30 days. This is a big step toward protecting consumers. This new rule, which goes into force on…

Read more →

Two Chinese people have been arrested on suspicion of being involved in a complex cryptocurrency trading scam that stole more than $73 million from people. In the Central District of California, the accusation was made public. It charges Daren Li,…

Read more →

A proof-of-concept (PoC) exploit for a critical zero-day vulnerability (CVE-2024-4947) in Google Chrome has been made public. The potential for exploitation of this vulnerability, which impacts the V8 JavaScript engine, has generated considerable apprehension among members of the cybersecurity community.…

Read more →

Kinsing malware, known for exploiting vulnerabilities on Linux cloud servers to deploy backdoors and cryptominers, has recently expanded its target to include Apache Tomcat servers.  The malware utilizes novel techniques to evade detection by hiding itself within seemingly innocuous system…

Read more →

The dark web has seen the release of a new vulnerability that targets SonicWALL SSL-VPN devices. Recently, the exploit, which lets people enter private networks without permission, was sold on a well-known dark web market. The news was first shared…

Read more →

Hackers prefer phishing as it exploits human vulnerabilities rather than technical flaws which make it a highly effective and low-cost attack method.  Phishing attacks can be easily scaled to target a large number of individuals, increasing the likelihood of success.…

Read more →

ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine, to target infected systems, which extracts text from images, and the malware scans these extracted strings for phrases related to passwords or cryptocurrency wallets.  If a…

Read more →

Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices, which makes it an attractive target for gaining unauthorized access or spreading malware.  Besides this, its open-source nature allows threat actors to study the code and…

Read more →

A very important message from the Norwegian National Cyber Security Centre (NCSC) says that Secure Socket Layer/Transport Layer Security (SSL/TLS) based VPN solutions, like SSLVPN and WebVPN, should be replaced with safer options. Bad people are still taking advantage of…

Read more →

Santander has confirmed that there was a major data breach that affected its workers and customers in Spain, Uruguay, and Chile. Concerns have been made about data security and privacy following the breach, which was found to have started with…

Read more →

The U.S. government has offered a prize of up to $5 million for information that leads to the arrest and severance of North Korean IT workers working around the world. This plan, which was announced on Thursday, is meant to…

Read more →

Russia leverages a mix of state-backed Advanced Persistent Threat (APT) groups and financially motivated cybercriminals to achieve its strategic goals, as APT groups conduct espionage to gather valuable political and economic information.  The Russian government may recruit financially motivated groups,…

Read more →

Researchers discovered four significant vulnerabilities in the ThroughTek Kalay Platform, which powers 100 million IoT-enabled devices. Notably, ThroughTek Kalay’s influence emphasizes the importance of protecting homes, companies, and integrators alike with its widespread presence in security cameras and other devices.…

Read more →

The App Store will close over 370 million developer and customer accounts in 2023. Apple takes this move to fight fraud and provide a safe and dependable platform for consumers and developers. Apple has led app distribution since 2008, setting…

Read more →

In April 2024, security researchers revisited CVE-2023-36033, a Windows DWM Core Library elevation of privilege vulnerability that was previously discovered and exploited in the wild. As part of their investigation into exploit samples and potential attack vectors, they stumbled upon…

Read more →

Multiple security flaws affecting VMware Workstation and Fusion have been addressed by upgrades published by VMware. If these vulnerabilities are successfully exploited, attackers may be able to obtain privileged data from the device, execute arbitrary code, and cause a denial…

Read more →

VirusTotal has announced a major change to its Crowdsourced AI project: it has added a new AI model that can examine strange macros in Microsoft Office files. This model, created by Dr. Ran Dubin from Ariel University and the ByteDefend…

Read more →

Nissan says that the personal information of more than 53,000 workers has been stolen. The huge automaker is now taking proactive steps to help those who have been affected and limit the damage that could occur from the stolen data.…

Read more →

Nissan says that the personal information of more than 53,000 workers has been stolen. The huge automaker is now taking proactive steps to help those who have been affected and limit the damage that could occur from the stolen data.…

Read more →

Two critical vulnerabilities have been discovered in D-Link DIR-X4860 routers which were associated with Authentication bypass due to HNAP port and remote code execution. Moreover, exploiting these vulnerabilities together could lead to a complete compromise of the vulnerable device. However,…

Read more →

Wireshark, the world’s foremost and widely used network protocol analyzer, has recently released version 4.2.5, which brings a host of new features and improvements. This latest update promises to enhance the user experience and provide even more powerful tools for…

Read more →

Researchers identified a PDF exploit targeting Foxit Reader users that uses a design flaw that presents security warnings with a default “OK” option, potentially tricking users into executing malicious code.  The exploit is actively being used and bypasses typical detection…

Read more →

Adobe has addressed several critical code execution flaws across a broad spectrum of its products. This move underscores the company’s commitment to software security and protecting its user base against potential cyber threats. Free Webinar on Live API Attack Simulation: Book…

Read more →

Hackers exploit the Windows zero-day vulnerabilities, as they offer great advantages. This means that no patches or defenses exist for zero-day vulnerabilities as software vendors are unaware of them, consequently, hackers have a certain period to start their attacks before…

Read more →

Google has issued an urgent security update for its Chrome browser after discovering a zero-day vulnerability that is currently being exploited by attackers. The vulnerability, tracked as CVE-2024-4761, affects the V8 JavaScript engine and could potentially allow attackers to execute arbitrary code on the user’s computer. Google has responded quickly with a patch, urging all users to update their browsers immediately to…

Read more →

A critical vulnerability has been discovered in Fortinet’s FortiOS SSL-VPN and FortiProxy SSL-VPN. The flaw, identified as FG-IR-23-225, allows attackers to spoof IP addresses and bypass security controls by sending specially crafted packets. It affects multiple versions of FortiOS and…

Read more →

A court has sentenced the developer of the cryptocurrency mixing service Tornado Cash to over five years in prison. The developer was found guilty of designing and operating a platform that laundered billions of dollars, including proceeds from high-profile cybercrimes.…

Read more →

Hackers exploit social engineering, which avoids technical security systems, by manipulating the psychology and behavior of a human being. Social engineering techniques, such as baiting emails or pretexting phone calls, manipulate victims into providing confidential information or performing actions that…

Read more →

Tor Project has announced the release of Tor Browser 13.0.15. Available now on the Tor Browser download page and through their distribution directory, this new version introduces a series of significant updates and bug fixes that promise to improve the…

Read more →

Hackers target smart homes due to the increased interconnected devices with often insufficient security measures.  Smart homes provide a wealth of personal and sensitive information, including access to security cameras, smart locks, and personal data stored on connected devices. Cybersecurity…

Read more →

Attackers launched a campaign distributing trojanized installers for WinSCP and PuTTY in early March 2024, as clicking malicious ads after searching for the software leads to downloads containing a renamed pythonw.exe that loads a malicious DLL.  The DLL side-loads a…

Read more →

In a concerning development for Dell Technologies, a threat actor known as Menelik has reportedly accessed and scraped sensitive customer data from a Dell support portal. This latest security breach, which follows a previous incident involving the theft of physical…

Read more →

The New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) has detected a formidable new cyber threat. Dubbed LockBit Black, this ransomware campaign is leveraging a botnet to distribute millions of weaponized emails, posing a significant risk to individuals and organizations.…

Read more →

As a sneaky scheme, hackers use DNS tunneling to bypass traditional security measures. By wrapping malicious data inside DNS queries and responses, they can smuggle out sensitive information or talk to command and control servers without getting caught. DNS tunneling…

Read more →

A notorious threat actor has decided to sell the INC Ransomware code for an unbelievable $300,000. As a result of this change, the number of cyber threats has significantly increased, putting many more businesses at risk of damaging hacks. A…

Read more →

In a recent development, Zscaler Inc., a prominent cybersecurity firm, has concluded its investigation into a potential data breach initially reported last week. The company confirmed that the breach was confined to an isolated test environment on a single server…

Read more →

In a sophisticated cyberattack campaign, hackers are using the online meeting platform GoToMeeting to distribute a Remote Access Trojan known as Remcos. This alarming development underscores cybercriminals’ evolving tactics of leveraging trusted software to breach security defenses and gain unauthorized…

Read more →

iTunes has been found to have an arbitrary code execution vulnerability that might allow attackers to execute malicious code. To fix this vulnerability, Apple has issued a security advisory. It also stated that until an investigation is complete and updates…

Read more →

OpenAI, the top lab for researching artificial intelligence, just released GPT-4o, its newest advance in AI technology. In the field of generative AI, this newest and most advanced model is a big step forward because it can work with voice,…

Read more →

In collaboration with Red Balloon Security, Narf Industries, and Niyo Little Thunder Pearson (ONEGas, Inc.), MITER has unveiled EMB3D, a comprehensive threat model designed to address the growing cybersecurity risks faced by embedded devices in critical infrastructure sectors. Embedded devices,…

Read more →

Tycoon 2FA, a recently emerged Phishing-as-a-Service (PhaaS) platform, targets Microsoft 365 and Gmail accounts, which leverage an Adversary-in-the-Middle (AitM) technique to steal user session cookies, bypassing multi-factor authentication (MFA) protections.  By acting as an intermediary between the user and the…

Read more →

Hackers very frequently target the finance and insurance sectors due to the large volumes of sensitive data that they own. These areas manage huge quantities of valuable as well as critical financial information, personal identities, and intellectual property. When their…

Read more →