Software as a Service (SaaS) security refers to the measures and practices employed to protect SaaS solutions’ data, applications, and infrastructure. SaaS is a cloud computing model where software applications are hosted and delivered over the internet, rather than installed…
Category: GBHackers – Latest Cyber Security News | Hacker News
Hacker Group Infrastructure That Uses Weaponized MS Word Docs Uncovered
Gamaredon, also known as Primitive Bear, Actinium, or Shuckworm, is a Russian Advanced Persistent Threat (APT) group active since at least 2013. It is a very aggressive threat group that employs prolonged attacks that are highly disguised and particularly aggressive. The…
Beware of Fake Browser Updates that Install Malware on Systems
In recent times, it’s been observed that fake malware-loaded browser updates are gaining rapid growth in the threat landscape. Rapid7 researchers recently identified a Fake Browser Update lure that tricks users into running malicious binaries, using a new loader to…
Hive0117 Group Attacking Employees of Energy, Finance, & Software Industries
Hive0117 group has launched a new phishing campaign, which targets individuals working for significant industries in the energy, banking, transportation, and software security sectors with headquarters in Russia, Kazakhstan, Latvia, and Estonia. This group is known for disseminating the fileless…
Notepad++ v8.5.7 Released: Fix for 4 Security Vulnerabilities
Notepad++ v8.5.7 has been released, which has several bug fixes and new features. There has also been Integrity and authenticity validation, added Security enhancement and fixed a memory leak while reading Utf8-16 files. Multiple vulnerabilities in Notepad++ relating to Heap…
Hackers Using Microsoft Teams to Deliver DarkGate Malware Via HR-themed Messages
Recent reports indicate that threat actors have been using Microsoft Teams to deliver DarkGate Loader malware. The campaign originated from two compromised external Office 365 accounts identified to be “Akkaravit Tattamanas” (63090101@my.buu.ac.th) and “ABNER DAVID RIVERA ROJAS” (adriverar@unadvirtual.edu.co) DarkGate loader…
Hackers Exploit Zero-Day Flaw in Software Used by Resorts and Hotels
In the evolving hospitality industry landscape, where vacation rental software has transitioned from luxury to necessity, a growing concern emerges regarding cybersecurity. This software, while primarily simplifying booking, guest interactions, and property management, stores sensitive data such as credit card…
Researchers Uncover Phishing Empire Attacking 56,000+ Microsoft 365 Accounts
Recent reports indicate that a new threat actor named “W3LL” has been discovered running a large phishing empire completely hidden until now. It was also found that this threat actor played a major role in compromising Microsoft 365 business email…
North Korean Hackers Use 0-Day Exploits to Attack Security Researchers
Google’s Threat Analysis Group (TAG) has issued an update regarding an ongoing campaign by North Korean threat actors targeting security researchers. This campaign, which first came to light in January 2021, involved using 0-day exploits to compromise the security of…
Hackers Steal NTLMv2 Hashes using Custom Powershell Scripts
A new sophisticated stealing campaign named “Steal-It” has been discovered that exfiltrates NTLMv2 hashes using customized versions of Nishang’s Start-CaptureServer PowerShell script. It is believed that the Steal-It campaign may be attributed to APT28 (aka Fancy Bear) based on its…
North Korean Hackers Actively Attacking Security Researchers
Google’s Threat Analysis Group (TAG) has issued an update regarding an ongoing campaign by North Korean threat actors targeting security researchers. This campaign, which first came to light in January 2021, involved using 0-day exploits to compromise the security of…
Apple Discloses 2 Zero-Day Flaws Exploited to Hack iPhones & Mac
Two Zero-Day flaws have been discovered on Apple Devices affecting macOS, iOS, and iPadOS. The vulnerabilities involve an arbitrary code execution and a buffer overflow. Reports indicate that these vulnerabilities are being actively exploited. This is considered a high-risk vulnerability…
SSO Implementation Flaw In Cisco Broadworks Let Attackers Forge Credentials
A single sign-on (SSO) implementation flaw in the Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform might make it possible for a remote, unauthenticated attacker to forge credentials to access a vulnerable system. This “Critical” severity vulnerability has…
Global Ticketing Giant Hacked: Attackers Accessed Customers’ Payment Data
A Global Ticketing Giant company, See Tickets, recently reported a data breach that exposed the payment card information of over 300,000 customers. See Tickets, owned by Vivendi Ticketing, revealed the latest breach in a complaint with Maine’s attorney general. The ticketing business…
Multiple ArubaOS vulnerabilities Let Attackers Execute Arbitrary Code
Multiple vulnerabilities have been discovered in Aruba 9200 and 9000 Series Controllers and Gateways running ArubaOS. The vulnerabilities related to Buffer Overflow and Hardware Root of Trust bypass. Aruba has released a security advisory for addressing these vulnerabilities. At the…
Internal discussions of a large ransomware-as-a-service Group Exposed
RaaS (Ransomware-as-a-service) is actively strengthening the ransomware attacks, but understanding their operations is restricted by illegality. That’s why ransomware attacks have surged in scale and complexity over the past decade, driven by RaaS models like Conti (formerly Ryuk). However, the…
Chinese Hack of Microsoft Consumer Key Stemmed From its Engineer’s Corporate Account
Storm-0558, a threat actor based in China, has recently gained access to a Microsoft account consumer key. This has allowed them to infiltrate and compromise 25 organizations, including those within government agencies. Since May 15, 2023, they have been using…
Hackers Use Weaponized LNK Files to Deploy RedEyes Malware
AhnLab Security Emergency Response Center (ASEC) has issued a warning about a significant security threat involving the distribution of malicious LNK files. This threat, known as RedEyes (ScarCruft), has transitioned from CHM format to LNK format, posing new challenges for…
PHPFusion Flaw Allows Attackers to Read Critical System Data
On Tuesday, Synopsys addressed High and medium vulnerabilities CVE-2023-2453, and CVE-2023-4480 discovered in PHPFusion by the researchers. PHPFusion is an open-source content management system (CMS) designed for managing personal or commercial websites and is offered under the GNU Affero General…
PHPFusion Critical Flaw Allows Attackers to Read Critical System Data
On Tuesday, Synopsys addressed High and medium vulnerabilities CVE-2023-2453, and CVE-2023-4480 discovered in PHPFusion by the researchers. PHPFusion is an open-source content management system (CMS) designed for managing personal or commercial websites and is offered under the GNU Affero General…
Russian APT28 Hacking Group Attacking Critical Power Infrastructure
The АРТ28 hacking group, suspected to have ties to Russian special services, has made an audacious attempt to breach the critical power infrastructure of Ukraine. This latest cyberattack has raised alarms within the cybersecurity community and heightened concerns over the…
Hackers Steal Over $5,700 from ATMs Using Raspberry Pi
The Raspberry Pi is a budget-friendly Linux computer system board that features GPIO pins for physical computing and IoT exploration. However, besides this, threat actors also abuse this board for several illicit purposes as well. Recent arrests in Lubbock involve…
Hackers Use Flipper Zero Device to Attack Nearby iPhones with Notification Pop-ups
Flipper Zero Devices have been discovered with the capability to perform Denial of Service attacks on iPhones. Threat actors can probably spam the iPhones with so many pop-ups prompting about nearby AirTag, Apple TV, AirPods, and other Apple devices. Moreover,…
Caldera: A New Security Tool to Emulate Attacks in Critical Infrastructure
MITRE has CISA (America’s cyber defense agency) unveiled a collection of plugins designed to extend the capabilities of Caldera into the Operational Technology (OT) environment. MITRE Caldera is a cyber security platform designed to easily automate adversary emulation, assist manual…
Hackers Using BlueShell Malware to Attack Windows, Linux, and Mac Systems
The usage of Blueshell malware spikes up by various threat actors to target Windows, Linux, and other operating systems across Korea and Thailand. Blueshell backdoor malware has been active since 2020 and written in GO language, believed to be created…
Nascent Malware Attacking npm, PyPI, and RubyGems Developers
Phylum analyzes source code and metadata for all registry-pushed packages. This year, in millions of packages they are aiming to examine nearly a billion files, as this will enable them to get unique insights into package behaviors across ecosystems. That’s…
Diving Deeper Into Windows Event logs for Security Operation Center (SOC) – Guide
Cyber Security operations center is protecting organizations and the sensitive business data of customers. It ensures active monitoring of valuable assets of the business with visibility, alerting and investigating threats, and a holistic approach to managing risk. Analytics service can…
X to Collect Biometric Data For Premium Users to Add Verification Layer
The social network formerly known as Twitter, X, has released its latest data-gathering policy announcement. This includes collecting user information, such as educational history and biometric data. According to the policy, X may collect and use user biometric information for…
Hacker Group Disguised as Marketing Company to Attack Enterprise Targets
In a recent development, NSFOCUS Security Labs has detected a fresh APT34 phishing attack. During this operation, APT34, believed to originate from Iran and also known as OilRig or Helix Kitten, assumed the identity of a marketing services company named…
Multiple IBM Sterling Secure Proxy Vulnerabilities Allow Remote Code Execution
Multiple vulnerabilities have been found in IBM Sterling Secure Proxy, mostly related to Denial of Service and Information Disclosure. It also consisted of a code execution vulnerability and an unidentified vulnerability. The severities of these vulnerabilities vary from 4.5 (Medium)…
PoC Exploit Released for VMware Aria Authentication Bypass Vulnerability
VMware Aria Operations for Network was discovered with an Authentication Bypass vulnerability previously, which had a critical severity. VMware has released patches for fixing this vulnerability. However, a Proof-of-concept and the patch file provided by VMware have been briefed. CVE-2023-34039…
ShinyHunters Hacker group Claims to Have Hacked Pizza Hut Australia customer data
Pizza Hut Australia has fallen victim to a cyberattack resulting in unauthorized access and potential compromise of customer data. DataBreaches has uncovered alarming details about this breach, with a hacking group known as ShinyHunters claiming responsibility for the attack. According…
NCSC Warns of Specific Vulnerabilities in AI Models Like ChatGPT
A large language model (LLM) is a deep learning AI model or system that understands, generates, and predicts text-based content, often associated with generative AI. In the current technological landscape, we have robust and known models like:- Cybersecurity analysts at…
Microsoft Says Goodbye to Wordpad, Snipping Tool, and Other Utilities
Microsoft Windows announced deprecated features for Windows clients 11 and 10. In this article, we’ll delve into the features and functionalities that are no longer actively developed for Windows clients. Please note that the information below is subject to change…
Schweitzer Labs Windows Software Flaws Allow Remote Code Execution
QuickSet and Grid Configurator of Schweitzer Labs were found to be vulnerable to multiple vulnerabilities that threat actors can exploit. Nearly, 9 new vulnerabilities were found which include 4 High severity and 5 Medium severity vulnerabilities. The High severity vulnerabilities…
Nmap 7.94 Released: What’s New!
The latest version of Nmap, 7.94, was released on its 26th birthday. The most significant upgrade was the migration of Zenmap and Ndiff from Python 2 to Python 3 across all platforms. This new version of Nmap 7.94 was upgraded…
CISA:Notorious Chisel Android Malware Steals Data and Monitors Traffic
With the rise of new technological innovations and security mechanisms, threat actors are also upgrading their skills and evolving rapidly. These evolutions have resulted in an alarming increase in the quick growth of Android malware. Recently, CISA (The United States’…
CISA Report on Notorious Chisel Android Malware that Steals Data and Monitors Traffic
With the rise of new technological innovations and security mechanisms, threat actors are also upgrading their skills and evolving rapidly. These evolutions have resulted in an alarming increase in the quick growth of Android malware. Recently, CISA (The United States’…
Promptmap – Tool to Test Prompt Injection Attacks on ChatGPT Instances
Prompt injection refers to a technique where users input specific prompts or instructions to influence the responses generated by a language model like ChatGPT. However, threat actors mainly use this technique to mod the ChatGPT instances for several malicious purposes.…
Forever 21 Systems Hacked: 500,000+ Users Affected
In a recent development, Forever 21 disclosed a cyber incident that came to light on March 20, 2023, affecting a limited number of its systems. Forever 21 is a multinational fast fashion retailer headquartered in Los Angeles, California, United States.…
Hackers Exploit Openfire Vulnerability To Deploy Kinsing Malware
The Kinsing malware has resurfaced with a new attack method that exploits the Openfire vulnerability tracked as CVE-2023-32315. A path traversal attack caused by this vulnerability allows an unauthorized user access to the Openfire setup environment. Researchers from Aqua Nautilus report that…
BadBazaar Malware Attacking Android Users via Weaponized Telegram & Signal Apps
The Android BadBazaar malware is being distributed through the Google Play store, Samsung Galaxy Store, and dedicated websites mimicimg Signal Plus Messenger and FlyGram malicious applications. These active campaigns are connected to the China-aligned APT organization known as GREF. Uyghurs and other Turkic ethnic minorities…
New Targeted Smishing Campaign Attacking the US Citizens to Steal Payment Data
Smishing is a type of cyberattack in which attackers use SMS (text messages) to trick individuals into revealing the following type of Personal and financial data or information:- In attacks like this, threat actors mimic government, bank, or postal agencies…
Hackers Launch MiTM Attack to Bypass VMware Tools SAML Authentication
VMware has been reported with a SAML token signature bypass vulnerability, which a threat actor can exploit to perform VMware Guest operations. CVE ID has been assigned for this vulnerability, and the severity was mentioned as 7.5 (High). VMware tools…
Multiple Splunk Enterprise Flaws Let Attackers Execute Arbitrary Code
Splunk Enterprise has multiple vulnerabilities that can lead to Cross-site Scripting (XSS), Denial of Service (DoS), Remote code execution, Privilege Escalation, and Path Traversal. The severities of these vulnerabilities range between 6.3 (Medium) to 8.8 (High). Splunk has addressed these…
Cisco BroadWorks Application Software Flaw Let Attackers conduct XSS Attack
Cisco released a fix for the medium impact vulnerability found on CommPilot Application Software, allowing cross-site scripting against the user interface. The Cisco BroadWorks CommPilot Application allows authenticated users to upload configuration files on the platform. The lack of file…
Paramount Media Hacked: Attackers Obtain Access to User Personal Information
In a shocking turn of events, Paramount Media recently fell victim to a significant data breach, leading to the unauthorized access of user personal information. Paramount Media Networks(founded as MTV Networks in 1984 and known under this name until 2011)…
Multiple Flaws in ArubaOS Switches Let Attackers Execute Remote Code
Multiple vulnerabilities have been identified in ArubaOS-Switch Switches, specifically pertaining to Stored Cross-site Scripting (Stored XSS), Denial of Service (DoS), and Memory corruption. Aruba has taken measures to mitigate these vulnerabilities and has subsequently published a security advisory. ArubaOS-Switch is…
Dismantling Qakbot Botnet – FBI’s Largest Cyber Operation Ever
Qakbot (aka QBot, Pinkslipbot) is a sophisticated banking Trojan malware that can spread through various methods. Once installed on a system, Qakbot can collect:- The FBI, along with the Justice Department, led a multinational operation to dismantle the complete infrastructure…
Google Chrome Security Update: High-Severity Vulnerability Patched
Google has updated the Stable and Extended Stable channels for Mac, Linux, and Windows to version 116.0.5845.140/.141 to address a security issue in Chrome. One “high-severity” security patch is included in this version. This upgrade will roll out over the…
DarkGate Loader Delivered Through Stolen Email Threads to Lure Victims
The research revealed high malspam activity of DarkGate malware distributed via phishing emails to the users either through MSI files or VBs script payloads. Darkgate malware has been active since 2018 and has the ability to download and execute files…
Email Authentication Protocols: SPF, DKIM, and DMARC – A Detailed Guide
Email communication is essential for personal and professional contact in the modern digital environment. Email is widely used, making it a perfect target for cybercriminals, leading to increased phishing attempts, spam, and email spoofing. Strong email security measures are becoming…
Hackers Exploiting Juniper RCE Flaw Following PoC Release
There were multiple vulnerabilities in the Juniper SRX and EX Series, which were reported previously. These vulnerabilities have a medium severity if they are separated. However, combining them together results in a pre-auth RCE, which is a critical vulnerability. Following…
Stealthy Android Malware Attacking Mobile Users Via Fake App Stores
A recently discovered Android Trojan, dubbed “MMRat,” poses a serious threat to mobile banking security. Unlike other forms of malware, this Trojan is designed to evade detection from traditional antivirus software. The security experts at TrendMicro have identified the Trojan…
What is Static Network Address Translation?
Static NAT is a type of NAT that maps one public IP address to one private IP address. Every time a device with a private IP address on your network tries to access the internet, its traffic will be routed…
Threat Actors Abuse Google Groups to Send Fake order Notifications
Threat actors continue to evolve their spam tactics by utilizing legitimate Google Groups to send Fake order messages to target multiple users. Fake order scams work by notifying victims about the purchase status or confirmation that originally was not placed…
Hackers Can Exploit Skype Vulnerability to Find User IP Address
Hackers can now capture your IP address and expose your physical location by sending a Skype link, even if you don’t click it. An IP address, which stands for “Internet Protocol address,” is like a unique digital home address for…
Hackers Abuse Azure AD Abandoned Reply URLs to Escalate Privilege
Recent reports indicate that there has been a privilege escalation vulnerability discovered, which arises due to abandoned Active Directory URLs. Threat actors can use this flaw to gain illegal authorization codes that can be used against Microsoft Power Platform API…
Mom’s Meals Breached: Over 1.2 Million Consumers Data Exposed
PurFoods, LLC, operating under the trade name Mom’s Meals, has announced the compromise of personal information affecting its clients and employees. The company acknowledged that its cybersecurity defenses had been compromised, allowing unauthorized access to a treasure trove of consumer…
Two Men Arrested Following Poland’s Railway System Signals Hack
Authorities in Poland arrested two individuals on suspicion of planning an unlawful hack into the communication network of the national railway, which caused delays in train service in some areas. The Polish PKP railway’s radio communication system was hacked on Friday…
Microsoft Edge Privilege Escalation Flaw – Update Now!
Microsoft Edge has published a release note that mentioned a Privilege escalation vulnerability with the CVE ID of CVE-2023-36741 and has a CVSS Score of 8.3 (High). This vulnerability exists in the Microsoft-Edge Chromium-based versions prior to 116.0.1938.62. An unauthorized…
Lockbit 3.0 Builder Leaked: Anyone Can Blend Ransomware
It has come to the attention of researchers that the LockBit 3.0 builder has suffered from a leak, which now allows anyone to create various versions of the LockBit ransomware according to their own preferences. This poses a serious security…
Hackers Embed Weaponized Word File into a PDF to Evade Detection
To avoid detection, hackers employed a new method dubbed “MalDoc in PDF” to insert a malicious Word file into a PDF file. Despite having magic numbers and a PDF-specific file format, a file created with MalDoc in PDF may be opened…
Hackers Disruptred Poland’s Railway System Signals
Poland’s Railway infrastructure, a crucial transit route for Western weapons transported to Ukraine, has been compromised by cybercriminals. The signals were intermingled with recordings of the Russian national anthem and a speech by President Vladimir Putin, according to the Polish…
Cisco Nexus 3000 and 9000 Series Switches Flaw Let Attackers Trigger DoS Attack
A Denial-of-Service vulnerability has been discovered in the Cisco Nexus 3000 and 9000 series switches, which could allow a threat actor to cause a denial-of-service condition due to a flaw in the IS-IS (Intermediate System-to-Intermediate System) protocol. ISIS is one…
Cloud Hosting Provider Lost all Customer Data Following Ransomware Attack
There has been a cyber attack on two cloud hosting providers, namely CloudNordic and Azero Cloud, both of which are owned by Certiqa Holding. The cyber attack has resulted in a complete data loss for all of their customers. The…
Cisco NX-OS Software Flaw Let Attacker Trigger a DoS Attack
A high-severity vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software might allow an unauthenticated local attacker to force an affected device to unintentionally reload. NX-OS is a network operating system for Cisco Systems’ Nexus-series Ethernet switches and…
Hackers Continue to Exploit Barracuda ESG Zero-Day Flaw: FBI Flash Alert
The recent discovery of a zero-day vulnerability (CVE-2023-2868) in Barracuda Networks Email Security Gateway (ESG) appliances has brought significant concern. CVE-2023-2868 is a remote command injection vulnerability that grants unauthorized execution of system commands with administrator privileges on Barracuda ESG…
Wireshark 4.0.8 Release: What’s New!
The most widely used network protocol analyzer in the world, Wireshark, has released version 4.0.8. It is employed for network analysis, troubleshooting, software and communications protocol development, and education. This new version includes bug fixes, improved protocol support, and a…
What are Brute Force Attacks, and How to Protect Your APIs Against them?
Brute force attacks have been one of the most common attack types. In Q1 2022, brute force made up 51% of all attacks! These attacks often pave the way for other types of threats and have devastating consequences for the…
Simplify Secure Enterprise Device Management With QR Codes
Corporate mobile devices have become essential to everyday tasks for employees, but this convenience also comes with security risks. The challenge lies in managing and securing multiple devices, especially without a proper solution. This is where mobile device management (MDM)…
NoFilter: Tool that Escalates Privilege Abusing Windows Filtering Platform
Privilege escalation is a commonly employed attack vector in the Windows operating system environment. Attackers often leverage offensive tools such as Meterpreter, CobaltStrike, or Potato tools to execute code such as “NT AUTHORITY\SYSTEM.” These tools typically employ token duplication and…
Kali Linux 2023.3 Released: What’s New!
Kali Linux 2023.3 is now available, and it includes a variety of new packages and tools, as well as the usual upgrades. The release of Kali Linux 2023.3 arrives three months after Kali Linux 2023.2. This upgrades the kernel from Debian…
GroundPeony Group Exploiting Zero-day Flaw to Attack Government Agencies
A cyber attack group – GroundPeony, targeting the Taiwanese government, was discovered in March 2023; it used several tactics, such as tampering with legitimate websites for distributing malware, URL obfuscation, and multi-stage loaders. Further investigations revealed that a China-nexus attack…
Hackers Threaten Patients Following a Massive Cyberattack on a Hospital
One of the renowned hospitals in Israel became the victim of a data breach, and patients were blackmailed with a financial motive. According to an Israel Hayom report, Maayanei HaYeshua Medical Center in Bnei Brak was attacked, and the sensitive…
How Malware Sandboxes Strengthen Your Cybersecurity
Cyberattacks are becoming increasingly sophisticated, threatening organizations’ critical infrastructure and sensitive data more than ever. Core solutions such as SIEMs are often insufficient to ensure complete protection against malware infections, especially new and unexplored ones. As a result, security specialists…
Carderbee Hacking Group Uses Legitimate Software in Supply Chain Attack
For a supply chain attack and to plant the Korplug backdoor (aka PlugX) on the systems of the targeted victims, an unknown APT group was found to be using the “Cobra DocGuard.” Cobra DocGuard is a legit software package that…
Apache XML Graphics Batik Flaw Exposes Sensitive Information
Two Server-Side Request Forgery (SSRF) vulnerabilities were found in Apache Batik, which could allow a threat actor to access sensitive information in Apache Batik. These vulnerabilities exist in the Apache XML Graphics Batik and are given CVE IDs CVE-2022-44729 and…
Researchers Uncovered the Developer of CypherRAT and CraxsRAT
Researchers have identified a new Malware-as-a-Service (MaaS) operator called ‘EVLF DEV’ as being behind the creation of CypherRAT and CraxsRAT. EVLF has been selling CraxsRAT, one of the most extremely dangerous Android RATs accessible today, for the past three years, with…
Ivanti Sentry Flaw: Let Attackers Access Critical APIs Used for Configuration
An unauthenticated critical API access vulnerability was found in the Ivanti Sentry interface, which could allow a threat actor to gain access to sensitive APIs that can be used to access the Ivanti administrator portal and configure Ivanti Sentry. This…
Juniper Networks Junos OS Let Attacker Remotely Execute Code
Multiple vulnerabilities have been discovered on Junos OS, which can be combined to execute a preAuth remote code execution vulnerability on Junos OS on SRX and EX Series. An unauthenticated network-based attacker can exploit these vulnerabilities by chaining them. Junos…
Apache Ivy Injection Flaw Let Attackers Exfiltrate Sensitive Data
A blind XPath injection vulnerability was discovered in Apache Software Foundation Apache Ivy, which allows threat actors to exfiltrate data and access sensitive information that is restricted to only the machine that runs Apache Ivy. This vulnerability exists in the…
Juniper Networks Junos OS let Attacker Remotely Execute Code
Multiple vulnerabilities have been discovered on Junos OS, which can be combined to execute a preAuth remote code execution vulnerability on Junos OS on SRX and EX Series. An unauthenticated network-based attacker can exploit these vulnerabilities by chaining them. Junos…
DotRunpeX Malware Injector Widely Delivers Known Malware Families to Attack Windows
DotRunpeX is one of the new and stealthiest .NET injectors that employs the “Process Hollowing” method, through which this malware distributes a diverse range of other malware strains. Cybersecurity researchers at Check Point recently revealed the real-world use and campaign-related…
Interpol Arrested 14 cybercriminals and uncovered 20,674 suspicious cyber networks
The recent Africa Cyber Surge II operation conducted by INTERPOL and AFRIPOL has revealed a stark reality – the surge in digital insecurity and cybercriminals threats across Africa. This operation spanned 25 African countries and successfully identified 20,674 suspicious cyber…
3,000+ Android Malware Using Unique Compression Methods to Avoid Detection
Android Smartphones lay a vital role in our daily life, as they help us to stay connected and, not only that even it also helps in performing several daily tasks like:- But, besides this, it also attracts the attention of…
10 Best Linux Distributions In 2023
The Linux Distros is generally acknowledged as the third of the holy triplet of PC programs, along with Windows and macOS. Here we have provided you with a top 10 best Linux distros in 2023 for all professionals. Hence Linux…
Cyber Criminals Exploiting Google Drive, OneDrive to Hide Malicious Traffic
Threat actors are actively modifying their TTPs to counter the advanced security mechanisms and tools to accomplish their illicit goals for several malicious purposes. Hiding malicious traffic in cloud storage platforms is not a new concept completely, and it seems…
Cuba Ransomware Armed with New Weapons to Attack U.S Infrastructure
The Cuba ransomware seems to be gaining more pace with each passing year, and this ransomware has been operating and active since 2019. Until now, the operators of the Cuba ransomware have executed several high-profile attacks to target many industries…
The Number of MSPs Offering Virtual CISO Services Will Grow Fivefold By Next Year: Cynomi Study
Cynomi, the leading AI-powered virtual Chief Information Security Officer (vCISO) platform vendor for Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs) and consulting firms, has published the results of its first annual report, “The State of the Virtual CISO…
Artificial Airplane Mode – New iOS 16 Hack Blocks All Apps Except Attackers Online
The Airplane mode in smartphones ensures safe device use on flights, as this feature prevents interference with critical flight systems by deactivating all the wireless functions of the smartphone. Besides this, the Airplane Mode’s role extends beyond travel, serving as:…
Cyber Criminals Attacking Web Services to Breach Organisations
Web servers are a prime target for threat actors due to their open and volatile nature. However, these servers must remain open to provide various web services to users. Web services that are provided on Windows servers by the Web…
Hackers Selling SMS Bomber Attack Tools on Underground Forums
In the current world of cybersecurity, security threats are evolving at a rapid pace, as there are always new problems to deal with. Among the ever-evolving threats, SMS Bomber attacks are one of the modern attacks in the current threat…
Cisco Unified Communications Manager Flaw Let Attacker Launch SQL Injection Attacks
An SQL injection vulnerability was discovered in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME). Cisco Unified CM is used for handling voice and video calls,…
HPE Aruba Networking Product Vulnerabilities Allow File Overwrite
The vulnerabilities, CVE-2023-38401 and CVE-2023-38402, affect the HPE Aruba Networking Virtual Intranet Access (VIA) client for the Microsoft Windows operating system. If the exploit is successful, the attacker can overwrite arbitrary files. HPE Aruba Networking has issued an upgrade to…
Beware of New Hacking Attack Targeting LinkedIn Accounts Worldwide
An ongoing campaign has resulted in the compromise of multiple LinkedIn accounts. However, the motive behind this campaign remains unclear at this time. Numerous users have reported instances of their LinkedIn accounts being temporarily locked, hacked, or permanently deleted. In…
Monti Ransomware’s Linux Variant Attacks the Financial & Healthcare Industries
The Monti ransomware was found in June 2022 that attracted notice due to its close resemblance to the Conti ransomware, both in name and tactics, drawing attention from cybersecurity experts and organizations. Monti ransomware group has been observed to employ…
Gigabud RAT Attacking Android Users to Steal Banking Credentials
Recent reports indicate that GigaBud malware has been targeting more than 99 financial institutions in Thailand, Indonesia, Vietnam, the Philippines, and Peru. GigaBud is an undocumented Android Remote Access Trojan (RAT) and has been active since July 2022. Investigating the…
New SectopRAT Steals Browser Passwords, 2FA Codes
LummaC, an information stealer, is being disseminated on Russian-speaking forums through a Malware-as-a-Service (MaaS) approach. Sensitive data from affected devices is intended to be stolen by this malware. Cryptocurrency wallets, browser add-ons, two-factor authentication credentials, and numerous files are some…
ATM Fleet Monitoring Software Flaws Let Attackers Hack ATMs Remotely
ScrutisWeb is a secure solution that aids global organizations in monitoring ATMs, enhancing issue response time, and this solution is accessible through any browser. The following things could be done with the help of this secure solution:- Cybersecurity researchers at…