Hackers are increasingly executing financially motivated attacks and all due to the lucrative potential of monetizing the stolen data, ransoms, and fraudulent activities. The digital revolution of businesses has invented more openings to exploit financial transactions and access sensitive financial…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
PrestaShop Website Under Injection Attack Via Facebook Module
A critical vulnerability has been discovered in the “Facebook” module (pkfacebook) from Promokit.eu for PrestaShop. The vulnerability, CVE-2024-36680, allows a guest to perform SQL injection attacks on affected module versions. CVE-2024-36680 – Vulnerability Details The vulnerability stems from the Ajax…
Beware Of Zergeca Botnet with Advanced Scanning & Persistence Features
A new botnet named Zergeca has emerged, showcasing advanced capabilities that set it apart from typical Distributed Denial of Service (DDoS) botnets. Discovered by the XLab Cyber Threat Insight Analysis (CTIA) system on May 20, 2024, Zergeca has already demonstrated…
Beware Of Illegal OTT Platforms That Exposes Sensitive Personal Information
A recent rise in data breaches from illegal Chinese OTT platforms exposes that user information, including names and financial details, is vulnerable to exploitation by criminals. The leaked information can be used for phishing attacks, financial fraud, and even harassment,…
Hackers Attacking Vaults, Buckets, And Secrets To Steal Data
Hackers target vaults, buckets, and secrets to access some of the most classified and valuable information, including API keys, logins, and other useful data kept within these storage solutions. These storage solutions’ centralized and often inadequately protected nature makes them…
Mailcow Mail Server Vulnerability Let Attackers Execute Remote Code
Two critical vulnerabilities (CVE-2024-31204 and CVE-2024-30270) affecting Mailcow versions before 2024-04 allow attackers to execute arbitrary code on the server. An attacker can exploit these vulnerabilities by sending a specially crafted email to an administrator. When the administrator views the…
Chinese UNC3886 Actors Exploiting VMware, Fortinet 0-days For Spying
In 2021, UNC3886, a suspected China nexus cyber espionage actor, was found to be targeting strategic organizations on a large scale, utilizing multiple vulnerabilities in FortiOS and VMware to install backdoors on the infected machines. Fortinet and VMware have released…
New Highly Evasive SquidLoader Attacking Employees Mimic As Word Document
Researchers discovered a new malware loader named SquidLoader targeting Chinese organizations, which arrives as an executable disguised as a Word document attached to phishing emails. It uses evasion techniques to avoid detection and analysis. Then it downloads a malicious payload…
Hackers Weaponizing Windows Shortcut Files for Phishing
LNK files, a shortcut file type in Windows OS, provide easy access to programs, folders, or websites. Created automatically during shortcut creation or manually by users, LNK files contain the target location and other information useful for threat intelligence. It…
Hackers Exploit Progressive Web Apps to Steal Passwords
In a concerning development for cybersecurity, hackers are increasingly leveraging Progressive Web Apps (PWAs) to execute sophisticated phishing attacks aimed at stealing user credentials. This emerging threat has been highlighted by security researcher mr.d0x, who has detailed the technique in…
Threat Actor Claims Breach of Jollibee Fast-Food Gaint
A threat actor has claimed responsibility for breaching the systems of Jollibee Foods Corporation, the Philippines’ largest fast-food chain. Deepwebkonek, a company known for sharing information related to cyber threats and breaches, made the announcement via a post on the…
Threat Actors Claiming Breach of Accenture Employee Data
Threat actors have claimed responsibility for a significant data breach involving Accenture, one of the world’s leading consulting firms. The news broke on Twitter, with the account DarkWebInformer posting a detailed status update on the incident. According to the post,…
Diamorphine Rootkit Exploiting Linux Systems In The Wild
Threat actors exploit Linux systems because they are prevalent in organizations that host servers, databases, and other important resources. Exploiting vulnerabilities in Linux systems allows attackers to gain access to sensitive data, disrupt services, or deploy malware. Besides this, the…
Amtrak Data Breach: Hackers Accessed User’s Email Address
Amtrak notified its customers regarding a significant security breach involving its Amtrak Guest Rewards accounts. The breach between May 15, 2024, and May 18, 2024, allowed unauthorized parties to access users’ accounts. The company believes the hackers obtained login credentials…
Chrome Security Update – Patch for 6 Vulnerabilities
Google has announced a new update for the Chrome browser, rolling out version 126.0.6478.114/115 for Windows and Mac and 126.0.6478.114 for Linux. This update, which will be distributed over the coming days and weeks, addresses several security vulnerabilities. Users are…
Hackers Weaponize Windows Installer (MSI) Files to Deliver Malware
Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by a threat actor group, Void Arachne. This group has targeted Chinese-speaking users by distributing malicious Windows Installer (MSI) files. The campaign leverages popular software and AI technologies to lure unsuspecting…
Hackers Using VPNs To Exploit Restrictions & Steal Mobile Data
Hackers are offering “free” mobile data access on Telegram channels by exploiting loopholes in telecom provider policies, which target users in Africa and Asia and involve sharing configuration files to mimic zero-rated traffic. The channels function as technical support hubs…
Stuxnet, The Malware That Propagates To Air-Gapped Networks
Stuxnet, a complex worm discovered in 2010, targeted Supervisory Control and Data Acquisition (SCADA) systems used in industrial facilities. By exploiting multiple vulnerabilities, including zero-days, it breached air-gapped networks (isolated systems) and disrupted Iranian nuclear centrifuges controlled by Siemens Step7…
New PhaaS Platform Lets Attackers Bypass Two-Factor Authentication
Several phishing campaign kits have been used widely by threat actors in the past. One popular PhaaS (Phishing-as-a-Platform) was Caffeine, which was first identified and reported by Mandiant researchers. MRxC0DER, an Arabic-speaking threat actor, developed and maintained the caffeine kit.…
Threat Actors Claiming Breach of AMD Source Code on Hacking Forums
A threat actor named ” IntelBroker ” claims to have breached AMD in June 2024 and is now selling the allegedly stolen data on hacking forums. The compromised information reportedly includes sensitive data such as future AMD product plans, specification…