A new player has emerged on the cybercrime landscape the ransomware group “Pryx.” Pryx has claimed its first attack, announcing that it has compromised the systems of Rowan College at Burlington County (RCBC.edu) and stolen 30,000 university applications. This announcement…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Threat Actors Selling Shopify Commerce Platform Data on Dark Web
Threat actors have been found selling sensitive data from the Shopify commerce platform on the dark web. This alarming news was first reported by DarkWebInformer on their social media Twitter account, raising significant concerns about the security of e-commerce platforms…
TotalEnergies Cyber Attack: Data of 210,715 Customers Exposed
TotalEnergies Clientes SAU has reported a significant cyberattack that has compromised the personal data of 210,715 customers. The incident has raised serious concerns about data security and the integrity of digital infrastructures in the energy sector. Unauthorized Access Detected TotalEnergies…
Hiap Seng Industries Servers Attacked by Ransomware
Hiap Seng Industries, a prominent engineering and construction company, has fallen victim to a ransomware attack that compromised its servers. The company has swiftly taken measures to contain the breach and ensure the continuity of its business operations. Immediate Containment…
Gogs Vulnerabilities Let Attackers Hack Instances And Steal Source Code
Gogs is a standard open-source code hosting system used by many developers. Several Gogs vulnerabilities have been discovered recently by the cybersecurity researchers at SonarSource. Gogs can be hacked through these flaws, which put its instances at risk of source…
Juniper SRX Vulnerability Allows Attackers Trigger DoS Condition
A vulnerability in Junos OS on SRX Series devices allows attackers to trigger a DoS attack by sending crafted valid traffic, which is caused by improper handling of exceptional conditions within the Packet Forwarding Engine (PFE) and leads to PFE…
Critical WordPress Plugin Flaw Exposes 90,000+ WordPress Sites
A critical vulnerability has been discovered in the popular WordPress plugin “Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce.” The flaw, identified as CVE-2024-6172, has been assigned a CVSS score of 9.8, indicating its…
Hackers Claiming of Sandbox Escape RCE in 0-DAY Google Chrome
A group of hackers has claimed to have discovered a critical zero-day vulnerability in Google Chrome. This exploit, which reportedly enables a sandbox escape and remote code execution (RCE), could potentially compromise millions of users worldwide. The announcement was made…
Rafel RAT Attacking Android Devices To Gain Unauthorized Access
The Rafel RAT is an advanced Android-targeting Remote Access Trojan which poses a great cybersecurity danger. This malicious program has become popular due to its prominence for breaking into device security and taking away confidential details. Knowing the origin of…
Hackers Using Polyglot Files In the Wild, Here Comes PolyConv For Detection
Polyglot files have to fit in several file format specifications and respond differently depending on the calling program. This poses a significant risk to endpoint detection and response (EDR) systems and file uploaders, which mainly rely on format identification for…
Google to offer $250,000 for Full VM Escape Zero-day Vulnerability
Google has unveiled kvmCTF, a new vulnerability reward program (VRP) explicitly targeting the Kernel-based Virtual Machine (KVM) hypervisor. This initiative, first announced in October 2023, underscores Google’s commitment to enhancing the security of foundational technologies like Linux and KVM, which…
CapraRAT Mimics As Popular Android Apps Attacking Android Users
Transparent Tribe (aka APT36) has been active since 2016, focusing on social engineering strategies to target Indian government and military personnel. The CapraTube campaign of Transparent Tribe (aka APT36) was revealed in September 2023, in which threat actors employed weaponized…
Hackers Using Dropbox And Google Docs To Deliver Orcinius Malware
A new Orcinius Trojan has been discovered, employing VBA Stomping to hide its infection. The multi-stage trojan uses Dropbox and Google Docs to stay updated and deliver second-stage payloads. Typically, VBA stomping removes the VBA source code in a Microsoft…
Rapid7 to Acquire Noetic Cyber to Enhance Attack Surface Visibility
Rapid7, Inc., a leader in extended risk and threat detection, has announced a definitive agreement to acquire Noetic Cyber, a pioneering company in cyber asset surface management (CAASM). This strategic move aims to bolster Rapid7’s existing cybersecurity solutions by integrating…
Grasshopper Hackers Mimic As Penetration Testing Service To Deploy Malware
Hackers often mimic penetration testing services to disguise their malicious activities as legitimate security assessments. By imitating authorized security testing, attackers can exploit the trust and access typically granted to legitimate penetration testers, allowing them to move more freely within…
Water Sigbin Exploiting Oracle WebLogic Server Flaw
Water Sigbin (8220 Gang) exploits vulnerabilities (CVE-2017-3506, CVE-2023-21839) in Oracle WebLogic servers to deliver cryptocurrency miners using PowerShell scripts. They use a multi-stage loading technique with a .Net Reactor protecting the payload to deploy the PureCrypter loader and XMRig miner,…
Cisco NX-OS Zero-Day Command Injection Vulnerability Let Hackers Gain Root Access
Cisco has disclosed a critical vulnerability in its widely-used NX-OS network operating system that could allow attackers to execute arbitrary commands with root privileges on affected devices. The company urges customers to upgrade to patched versions as soon as possible.…
regreSSHion – OpenSSH RCE Vulnerability Impacts 700K Linux Systems
The Qualys Threat Research Unit has identified a newly discovered vulnerability in OpenSSH, dubbed “regreSSHion” (CVE-2024-6387). This critical flaw, which allows unauthenticated remote code execution (RCE) as root, affects over 700,000 Linux systems exposed to the internet. The regreSSHion vulnerability…
TeamViewer Confirms that Russian Actors Behind the Recent Hack
TeamViewer has confirmed that the cyberattack on its systems was orchestrated by Russian threat actors, specifically the APT29 or Midnight Blizzard group. The attack, detected on June 26, 2024, was contained in TeamViewer’s internal corporate IT environment. Importantly, the company…
Threat Actor IntelBroker Claims Leak of Cognizant OIPA Database
The notorious threat actor known as IntelBroker has claimed responsibility for leaking a database belonging to Cognizant’s Oracle Insurance Policy Administration (OIPA) system. The announcement was made via Twitter on the dark web, sending shockwaves through the cybersecurity community and…