Category: GBHackers – Latest Cyber Security News | Hacker News

Google has introduced a new data deletion policy for the Google Play Store with the intention of giving customers more knowledge and control over their in-app data. Because Google wants users to be able to delete their data without reinstalling…

Read more →

Law enforcement agencies seized the domains for Genesis Market, one of the world’s biggest marketplaces for cyber fraud. Genesis has been connected to millions of financially driven cyber incidents worldwide, from fraud to ransomware attacks. Genesis served as a one-stop shop…

Read more →

Researchers from Checkpoint found a new and previously unknown ransomware variant dubbed “Rorschach” with highly sophisticated features that target U.S. companies. Rorschach ransomware carries technically unique and customized features and one of the fastest ransomware observed by the speed of…

Read more →

Western Digital (WD), a renowned manufacturer of Scandisk drives, has announced a data breach on its network, resulting in unauthorized access to data on multiple systems by attackers. WD is a company based in the United States that specializes in…

Read more →

Uber faces various cyber attacks that result in the disclosure of employee email addresses, company reports, and information related to IT assets. The servers of Genova Burns, a legal services firm, have been compromised, resulting in the theft of driver…

Read more →

The Tor browser guarantees that your communication remains operational through a decentralized network of transfers maintained by volunteers located worldwide. It safeguards your internet connection from prying eyes by preventing any individual from monitoring the websites you visit, shields your…

Read more →

Ferrari’s woes seem to be continuing from F1 tracks to their data. And surprisingly, ransomware today encrypts files as fast as a Ferrari V8 goes from 0 to 60 mph. The current ransomware attack means cybercriminals now have access to…

Read more →

New information has surfaced regarding a security flaw patched by Microsoft in Azure Service Fabric Explorer (SFX). The vulnerability had the potential to result in unauthorized remote code execution. The vulnerability has been discovered by the security researchers at Orca…

Read more →

The discovery of a novel malware piece targeting Linux servers has been attributed to an unknown Chinese state-sponsored hacking group. ExaTrack, a French security firm, recently reported that the malware in question was named Mélofée. There is a strong link…

Read more →

It has been reported by the Recorded Future’s Insikt Group that RedGolf, a Chinese state-sponsored threat actor group, was using a backdoor designed especially for Windows and Linux systems called KEYPLUG to infiltrate networks. As one of the world’s most…

Read more →

Our lives are now enriched by the availability of LLMs that are easily accessible on the internet, so we have tools such as the ChatGPT that can help us breathe life into even the most abstract ideas. As a result,…

Read more →

The Threat Analysis Group (TAG) of Google unveiled recently that commercial spyware vendors targeted Android and iOS devices using zero-day vulnerabilities patched last year. In November 2022, the first campaign was discovered by security analysts targeting iOS and Android users.…

Read more →

A fundamental security issue in the design of the IEEE 802.11 WiFi protocol standard, according to a technical study written by Domien Schepers, Aanjhan Ranganathan, and Mathy Vanhoef of imec-DistriNet, KU Leuven, allows attackers to deceive access points into exposing…

Read more →

The Ecuadorian free-to-air television network Ecuavisa recently reported that a USB device was detonated inside an organization’s newsroom. The explosion occurred due to a USB drive the station mailed to a journalist covering the story. In the middle of the…

Read more →

The National Crime Agency (NCA) of the United Kingdom revealed that it had built several fake DDoS-for-hire service websites to track down cybercriminals who use these platforms to attack businesses. Also, this declaration follows the Agency’s decision to designate one of…

Read more →

Recently, Twitter has acknowledged that some of its confidential source code has been exposed on the popular coding platform GitHub. To address this issue, Twitter has sent GitHub a copyright infringement notice. The petition demands GitHub identify the individual who…

Read more →

After the finale of Pwn2Own Vancouver 2023, the Masters of Pwn, Synacktiv (@Synacktiv), received $1,035,000 (plus a car) for their amazing achievements and hard work! They received a Tesla Model 3 and 53 points, along with $530,000. The annual computer…

Read more →

In response to a recent vulnerability identified in Outlook, Microsoft recently published a proper guide for its customers to help them discover the associated IoCs. That Outlook vulnerability in question has been tracked as “CVE-2023-23397” with a CVSS score of…

Read more →

There were a number of users whose email addresses were exposed accidentally by ChatGPT’s website recently. While OpenAI asserted that the cause was a bug in the Redis client open-source library. In ChatGPT, users can browse all their query history…

Read more →

Researchers from Unit 42 have been monitoring a widespread campaign of harmful JavaScript (JS) injections. The campaign aims to redirect unsuspecting victims to dangerous content, including adware and fraudulent pages. Websites continue to be infected by this threat in 2023,…

Read more →

Thousands of Facebook accounts have been stolen due to a trojanized version of the legitimate ChatGPT extension for Google Chrome. The trojanized version of the ChatGPT extension managed to gain popularity with more than 9,000 downloads. Cybercriminals replicated the genuine…

Read more →

Lions Gate Entertainment Corporation, doing business as Lionsgate, exposed users’ IP addresses and data on the content they saw on its movie-streaming service.  According to Cybernews analysts, Lionsgate Play, a video streaming service, had exposed user information via an open…

Read more →

In a collaborative effort, the German Federal Office for the Protection of the Constitution (BfV) and the National Intelligence Service of the Republic of Korea (NIS) has released a significant cybersecurity advisory. This advisory cautions against the stealthy actions of…

Read more →

The ShellBot threat has turned out to be a new type of malware designed to target Linux SSH servers poorly managed as part of a new campaign. As stated in a report published by AhnLab Security Emergency Response Center (ASEC),…

Read more →

Recently, Google declared its plan to reduce the maximum validity for public TLS (SSL) certificates from 398 to 90 days. Under its “Moving Forward, Together” plan, Google intended to limit the maximum public TLS certificate validity to 90 days via…

Read more →

Mandiant researchers have recently reported that 55 zero-day vulnerabilities were actively exploited in 2022, most against the following brands and their products:- Researchers state that hackers are still targeting zero-day vulnerabilities in malicious campaigns. It has been reported that most…

Read more →

In recent years, the BFSI Sector (Banking, Financial Services, and Insurance) has become a primary target for cyber attackers. A 2022 report by IBM revealed that the average cost of a data breach in the financial industry reached a staggering…

Read more →

A threat actor recently contacted Ferrari S.p.A., an Italian luxury sports car manufacturer headquartered in Maranello, demanding a ransom for access to specific client contact information. The company suffered a significant data breach, and consumers’ personal information may now be…

Read more →

HinataBot The post <strong>HinataBot – A New Botnet Could Launch Massive 3.3 Tbps DDoS Attacks</strong> appeared first on GBHackers – Latest Cyber Security News | Hacker News. This article has been indexed from GBHackers – Latest Cyber Security News |…

Read more →

As a result of a recent data breach, the NBA notified all its fans about the fact that a significant amount of personal information was compromised. While using the information gathered, phishing attacks can be conducted by the threat actors…

Read more →

The relatively new Trigona ransomware strain, according to Unit 42 researchers, was particularly active in December 2022, targeting industries in the manufacturing, finance, construction, agriculture, marketing, and high technology industries. “Trigona’s threat operator engaging in behavior such as obtaining initial…

Read more →

An Android Trojan dubbed “FakeCalls” was spotted by the Check Point Research team. This malware can pretend to be one of more than 20 financial applications and imitate phone conversations with the bank or financial service employees. This tactic is…

Read more →

CISA has updated its list of security flaws that have been actively exploited, including a critical vulnerability affecting Adobe ColdFusion versions 2021 and 2018. The vulnerability is tracked as (CVE-2023-26360), Adobe ColdFusion Improper Access Control flaw. These flaws provide serious…

Read more →

As a result of a joint effort of the CISA, FBI, and MS-ISAC, a public advisory was published recently. This public advisory claims that between November 2022 and the beginning of January 2023, attackers gained access to the server of…

Read more →

There has been a recent cyber attack on Amazon’s popular security camera company, Ring, which was attributed to a ransomware group ALPHV that uses the BlackCat malware.  This group has now claimed responsibility for the attack and is now threatening…

Read more →

A powerful new AI model called GPT-4 has been released recently by OpenAI, which is capable of comprehending images and texts. The company describes this as the next-stage milestone in its effort to scale up deep learning. In November 2022,…

Read more →

The cybersecurity analysts at cloudSEK recently asserted that monthly YouTube videos containing links to stealer malware, such as Vidar, RedLine, and Raccoon, have increased by 200-300% since November 2022. These videos are supposed to be tutorials; however, it has been…

Read more →

Guardio Labs discovered a Chrome Extension that promotes rapid access to fake ChatGPT functionality capable of stealing Facebook accounts and establishing hidden account backdoors. Using a maliciously imposed Facebook app “backdoor” that grants the threat actors super-admin powers stands out.…

Read more →

Offensive security released Kali Linux 2023.1 with new tools for purple and blue teamers for defensive security. On March 13th Kali Linux penetration distro completed 10 years of providing amazing services to the cyber security community. On celebrating its 10th…

Read more →

Researchers from the Korea University School of Cyber Security, Seoul, have recently presented a new covert channel attack known as CASPER, which has been developed as part of a research project that is currently in progress. In addition to this,…

Read more →

Businesses from all industries are aware of the benefits of cloud computing. Some organizations are just getting started with migration as part of digital transformation initiatives, while others are implementing sophisticated multi-cloud, hybrid strategies. However, data security in cloud computing…

Read more →

As per the latest findings of ThreatFabric, a version of the Android banking trojan with the name Xenomorph has been discovered in the wild as a new variant of the trojan. Mobile banking has been gaining a lot of attention…

Read more →

Recently, security analysts at SentinelOne got to know about an infamous IceFire ransomware that has been found attacking both Windows and Linux enterprise networks. An IceFire ransomware attack encrypts the files of the victim and demands payment in exchange for…

Read more →

When a DDoS attack is conducted, the server being targeted receives a large number of garbage requests. As a result, the server’s capacity is depleted, and a large number of garbage requests are being sent. As Akamai reported recently, one…

Read more →

The “Customer Proprietary Network Information (CPNI)” from some wireless accounts was accessed by an unauthorized person, according to AT&T, who discovered the breach in a vendor’s system. Over 9 million AT&T customers were informed that some of their information had…

Read more →

The breach of a Washington, DC, health insurance marketplace may have allowed hackers’ access to members of the House and Senate’s sensitive personal information, it was revealed on Wednesday. The lawmakers’ staff members and their families also suffered. DC Health…

Read more →

There have been recent revelations by Microsoft that an old version of the SHEIN Android application has been found reading the contents of the clipboard on Android devices irregularly. With more than 100 million downloads from the Google Play Store,…

Read more →

A new information stealer has been recently found by cybersecurity researchers at Morphisec which is called “SYS01stealer.” This stealer primarily targets entities from the following critical infrastructures:- The Morphisec intelligence team has been tracking this advanced information stealer since November…

Read more →

There has been a proof-of-concept published recently for CVE-2023-21716 that analyzes this vulnerability. This vulnerability has been marked as “Critical” and has been detected in Microsoft Word which permits remote code execution (RCE). Microsoft’s latest Patch Tuesday release in February…

Read more →

Lumen’s Black Lotus Labs recently witnessed that Hackers are currently targeting DrayTek Vigor router models 2960 and 3900 in a campaign known as ‘Hiatus’.  The primary goal of hackers is to steal data from victims and establish a covert proxy…

Read more →

Cyber Security operations center is protecting organizations and the sensitive business data of customers. It ensures active monitoring of valuable assets of the business with visibility, alerting and investigating threats, and a holistic approach to managing risk. Analytics service can…

Read more →

In a recent analysis, MQsTTang, a newly designed custom backdoor, has been scrutinized by ESET researchers. After a thorough investigation, the source of this malware has been attributed to the infamous Mustang Panda APT group by the experts. Tracing back…

Read more →

The latest release of Wireshark, version 4.0.4, has been launched by the Wireshark Team. This new version offers a host of improvements and updates that enhance protocol support, including several bug fixes. It can be used for a wide range…

Read more →

BidenCash, a new entrant in the underground carding business, has announced a 1-year anniversary promotion in which it is offering the data of 2 million credit cards for free. This leaked dataset comprises credit card information sourced from various regions…

Read more →

The cybersecurity analysts at ESET recently reported that BlackLotus, a sneaky bootkit for UEFI (Unified Extensible Firmware Interface), has gained notoriety as the primary malware known to successfully evade Secure Boot defenses, creating it a formidable danger. Even on the…

Read more →

Credit card sniffers or online skimmers are a type of harmful software that cybercriminals often create using the JavaScript programming language.  Threat actors primarily use this to steal payment card data and PII from unsuspecting individuals while they transact on…

Read more →

The theft of critical law enforcement data is currently under investigation by the U.S. Marshals Service (USMS), triggered by a ransomware attack that targeted a stand-alone USMS system.  The USMS has confirmed that the compromised information is of a sensitive…

Read more →

In 2022, the number of new mobile banking Trojan installers found by Kaspersky Lab’s cybersecurity researchers surged to 196,476, which is more than twice the number reported in 2021.  This alarming statistic underscores the increasing sophistication and frequency of cyberattacks…

Read more →

Houzez is a high-quality WordPress theme that is available for purchase on ThemeForest, a popular marketplace for digital products. This premium theme has been widely recognized for its outstanding features and has garnered an impressive 35,000 sales to date with…

Read more →

Cybersecurity experts at Sophos recently detected multiple malicious 2FA apps in App Store and Google Play that deploy malware.  While Twitter made a recent announcement stating that it no longer considers SMS-based two-factor authentication (2FA) to be sufficiently secure. Users…

Read more →

Stanford University has recently reported a security incident involving a data breach. The incident, which occurred between December 2022 and January 2023, involved the unauthorized download of files containing sensitive admission information for the Economics Ph.D. program from the university’s…

Read more →

Stanford University has recently reported a security incident involving a data breach. The incident, which occurred between December 2022 and January 2023, involved the unauthorized download of files containing sensitive admission information for the Economics Ph.D. program from the university’s…

Read more →

Telus, a Canadian national telecommunications company is looking into whether employees’ data as well as the source code for the system were stolen and then sold on a dark web marketplace. Subsequently, the threat actor published screenshots that appear to depict the…

Read more →

On January 20, 2022, News Corp identified cyberattacks on a business email and document storage system utilized by numerous News Corp businesses. According to the inquiry, News Corp has learned that, between February 2020 and January 2022, a third party illegally…

Read more →

Since January 20, 2023, there have been several instances where malicious entities have been observed exploiting a significant security vulnerability in various Zoho ManageEngine products. The vulnerability in question has been tracked by the security analysts at Bitdefender as “CVE-2022-47966”…

Read more →

According to a Mozilla analysis, the majority of the top apps’ data privacy labels on the Google Play Store are false or deceptive. “Google Play Store’s misleading Data Safety labels give users a false sense of security. Honest nutrition labels…

Read more →

There has been an emergence of a new security threat that has been causing havoc among the Asian shipping and medical laboratory industries. It’s a never-before-seen threat group dubbed Hydrochasma, actively targeting the shipping and medical organizations that are engaged…

Read more →

In the digital age, protecting your data is more important than ever. With hackers becoming increasingly sophisticated in their methods of stealing sensitive information, it’s essential that businesses and individuals alike take steps to secure their data. As transcriptions can…

Read more →

Cybercriminals can breach the security of your home WiFi and potentially cause you significant harm. Your home network may be used by malicious cyber actors to access sensitive, private, and personal data. The National Security Agency published best practices for…

Read more →

Trellix researchers discovered a new class of privilege escalation bugs based on the ForcedEntry attack, which exploited a feature of macOS and iOS to deploy the NSO Group’s mobile Pegasus malware. The new class of bugs allows arbitrary code to…

Read more →

BitSight recently detected MyloBot, an advanced botnet that has successfully infiltrated numerous computer systems, primarily situated in four countries:-  The botnet has targeted and compromised thousands of systems, demonstrating its ability to operate on a massive scale across a wide…

Read more →

Sn1per is an automated scanner that can automate the process of collecting data for exploration and penetration testing. In their work sn1per involves such well-known tools like: amap, arachni, amap, cisco-torch, dnsenum, enum4linux, golismero, hydra, metasploit-framework, nbtscan, nmap smtp-user-enum, sqlmap,…

Read more →

As of October 2022, The HardBit ransomware attack was first detected as a threat extorting cryptocurrency payments to decrypt data from organizations. Recently, version 2.0 of HardBit ransomware has been released by its operators.  It is believed that the operators…

Read more →

Nmap is an open source network monitoring and port scanning tool to find the hosts and services in the computer by sending the packets to the target host for network discovery and security auditing. Numerous frameworks and system admins additionally…

Read more →

Samsung recently unveiled a cutting-edge addition to their feature suite, known as Message Guard. This new feature is specifically designed to offer an enhanced level of security to users against malware and spyware.  Its advanced technology provides safeguards that protect…

Read more →

Twitter has recently made an announcement regarding its two-factor authentication (2FA) service. The company has disclosed that the privilege of using this service will no longer be free. This means that Twitter users who wish to enable 2FA for added…

Read more →

A Franco-Israeli criminal network engaged in extensive CEO fraud has been destroyed as a result of a combined investigation assisted by Europol. The investigation was conducted jointly by Europol, the police forces of France, Croatia, Hungary, Portugal, and Spain. In…

Read more →

Google Dorks List “Google Hacking” is mainly referred to pulling sensitive information from Google using advanced search terms that help users to search the index of a specific website, specific file type and some interesting information from unsecured Websites. Google…

Read more →

Today’s Cyber security operations center (CSOC) should have everything it needs to mount a competent defense of the ever-changing information technology (IT) enterprise. This includes a vast array of sophisticated detection and prevention technologies, a virtual sea of cyber intelligence…

Read more →

This article covers Active directory penetration testing that can help for penetration testers and security experts who want to secure their network. “Active Directory Pentesting” Called as “AD penetration Testing” is a directory service that Microsoft developed for the Windows…

Read more →

GoDaddy found malicious malware had been installed on servers in its cPanel shared hosting environment by an unauthorized third party. This results in the websites of its clients being intermittently rerouted. “We investigated and found that the intermittent redirects were…

Read more →

Google has become an inevitable thing in our day-to-day life. Especially, mobile apps are being developed every day to make life better with technology. Now the company officially announced that they are rolling out Privacy Sandbox Beta for a few…

Read more →

The Linux Distros is generally acknowledged as the third of the holy triplet of PC programs, simultaneously with Windows and macOS. Here we have provided you with a top 10 best Linux distros list 2023 for all professionals. Hence Linux…

Read more →

SSL Checker helps you in troubleshooting common SSL issues and SSL endpoint vulnerabilities. With the free SSL certificate checker tool, just you need to submit the domain name or IP address along with the port number to analyze the configuration…

Read more →

ProxyShellMiner is being distributed to Windows endpoints by a very elusive malware operation, according to Morphisec. To generate income for the attackers, “ProxyShellMiner” deploys cryptocurrency miners throughout a Windows domain using the Microsoft Exchange ProxyShell vulnerabilities. ProxyShellMiner exploits a company’s…

Read more →

SSL Checker helps you in troubleshooting common SSL issues and SSL endpoint vulnerabilities. With the free SSL certificate checker tool, just you need to submit the domain name or IP address along with the port number to analyze the configuration…

Read more →

As a result of a new zero-day vulnerability found in Apple products that can be exploited in hacking attacks, Apple has recently released an emergency security update. Here below we have mentioned the devices that are vulnerable:- This discovered vulnerability…

Read more →

DDos is a malicious attempt to disturb the legitimate packets reaching the network equipment and services. When the DDoS attack is in place, organizations may experience an outage with one or more services, as the attacker looted their resources with…

Read more →

Car manufacturers Kia and Hyundai have recently taken measures to address concerns over vehicle security following the viral popularity of TikTok videos demonstrating how to easily steal their cars.  In response, the companies are now offering car owners the option…

Read more →

Security logging and monitoring failures feature in the OWASP Top 10 list, moving up to #9 from #10 in the 2017 list. Why so? Because logging and monitoring failures hinder your effective threat detection. If the website risks are not…

Read more →

Every cybersecurity workflow starts from log data collection and management, that’s why we curated the Best SIEM Tools list that is highly demanded among enterprises that strive to maintain a stable security posture and comply with necessary regulations. This overview…

Read more →

The cybersecurity researchers at Sucuri recently discovered a critical backdoor that has managed to infiltrate thousands of websites over the past few months. A group of threat actors who are responsible for a malware campaign called “black hat redirect” has…

Read more →

Google has become an inevitable thing in our day-to-day life. Especially, mobile apps are being developed every day to make life better with technology. Now the company officially announced that they are rolling out Privacy Sandbox Beta for a few…

Read more →

The Linux Distros is generally acknowledged as the third of the holy triplet of PC programs, simultaneously with Windows and macOS. Here we have provided you with a top 10 best Linux distros list 2023 for all professionals. Hence Linux…

Read more →

Using technology powered by AI (Artificial Intelligence), scammers can now take advantage of potential victims looking for love online by deceiving them by using modern hooks. With the rapid advancement of AI technology, scammers now have a powerful ally in…

Read more →

As a result of a new zero-day vulnerability found in Apple products that can be exploited in hacking attacks, Apple has recently released an emergency security update. Here below we have mentioned the devices that are vulnerable:- This discovered vulnerability…

Read more →

DDos is a malicious attempt to disturb the legitimate packets reaching the network equipment and services. When the DDoS attack is in place, organizations may experience an outage with one or more services, as the attacker looted their resources with…

Read more →

Recently, the FortiGuard Labs team made a groundbreaking discovery of several new zero-day attacks in the PyPI packages. The source of these attacks was traced back to a malware author known as “Core1337.” This individual had published a number of…

Read more →

The email account of domain registrar Namecheap was compromised which led to a flood of DHL and MetaMask phishing emails that sought to steal the victims’ personal information and cryptocurrency wallets. Reports say the phishing attacks began at 4:30 PM…

Read more →

According to Avanan, a Check Point Software Company, hackers are employing geotargeting tools to tailor phishing attacks to certain regions. Geo Targetly is a legitimate online service that offers its own URL shortening service, similar to Bitly, called Geo Link.…

Read more →