Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Chinese Winnti Group Intensifies Financially Motivated Attacks

Hackers are increasingly executing financially motivated attacks and all due to the lucrative potential of monetizing the stolen data, ransoms, and fraudulent activities. The digital revolution of businesses has invented more openings to exploit financial transactions and access sensitive financial…

PrestaShop Website Under Injection Attack Via Facebook Module

A critical vulnerability has been discovered in the “Facebook” module (pkfacebook) from Promokit.eu for PrestaShop. The vulnerability, CVE-2024-36680, allows a guest to perform SQL injection attacks on affected module versions. CVE-2024-36680 – Vulnerability Details The vulnerability stems from the Ajax…

Hackers Attacking Vaults, Buckets, And Secrets To Steal Data

Hackers target vaults, buckets, and secrets to access some of the most classified and valuable information, including API keys, logins, and other useful data kept within these storage solutions. These storage solutions’ centralized and often inadequately protected nature makes them…

Mailcow Mail Server Vulnerability Let Attackers Execute Remote Code

Two critical vulnerabilities (CVE-2024-31204 and CVE-2024-30270) affecting Mailcow versions before 2024-04 allow attackers to execute arbitrary code on the server. An attacker can exploit these vulnerabilities by sending a specially crafted email to an administrator.  When the administrator views the…

Hackers Weaponizing Windows Shortcut Files for Phishing

LNK files, a shortcut file type in Windows OS, provide easy access to programs, folders, or websites. Created automatically during shortcut creation or manually by users, LNK files contain the target location and other information useful for threat intelligence.  It…

Hackers Exploit Progressive Web Apps to Steal Passwords

In a concerning development for cybersecurity, hackers are increasingly leveraging Progressive Web Apps (PWAs) to execute sophisticated phishing attacks aimed at stealing user credentials. This emerging threat has been highlighted by security researcher mr.d0x, who has detailed the technique in…

Threat Actor Claims Breach of Jollibee Fast-Food Gaint

A threat actor has claimed responsibility for breaching the systems of Jollibee Foods Corporation, the Philippines’ largest fast-food chain. Deepwebkonek, a company known for sharing information related to cyber threats and breaches, made the announcement via a post on the…

Threat Actors Claiming Breach of Accenture Employee Data

Threat actors have claimed responsibility for a significant data breach involving Accenture, one of the world’s leading consulting firms. The news broke on Twitter, with the account DarkWebInformer posting a detailed status update on the incident. According to the post,…

Diamorphine Rootkit Exploiting Linux Systems In The Wild

Threat actors exploit Linux systems because they are prevalent in organizations that host servers, databases, and other important resources.  Exploiting vulnerabilities in Linux systems allows attackers to gain access to sensitive data, disrupt services, or deploy malware.  Besides this, the…

Amtrak Data Breach: Hackers Accessed User’s Email Address

Amtrak notified its customers regarding a significant security breach involving its Amtrak Guest Rewards accounts. The breach between May 15, 2024, and May 18, 2024, allowed unauthorized parties to access users’ accounts. The company believes the hackers obtained login credentials…

Chrome Security Update – Patch for 6 Vulnerabilities

Google has announced a new update for the Chrome browser, rolling out version 126.0.6478.114/115 for Windows and Mac and 126.0.6478.114 for Linux. This update, which will be distributed over the coming days and weeks, addresses several security vulnerabilities. Users are…

Hackers Weaponize Windows Installer (MSI) Files to Deliver Malware

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by a threat actor group, Void Arachne. This group has targeted Chinese-speaking users by distributing malicious Windows Installer (MSI) files. The campaign leverages popular software and AI technologies to lure unsuspecting…

Hackers Using VPNs To Exploit Restrictions & Steal Mobile Data

Hackers are offering “free” mobile data access on Telegram channels by exploiting loopholes in telecom provider policies, which target users in Africa and Asia and involve sharing configuration files to mimic zero-rated traffic.  The channels function as technical support hubs…

Stuxnet, The Malware That Propagates To Air-Gapped Networks

Stuxnet, a complex worm discovered in 2010, targeted Supervisory Control and Data Acquisition (SCADA) systems used in industrial facilities. By exploiting multiple vulnerabilities, including zero-days, it breached air-gapped networks (isolated systems) and disrupted Iranian nuclear centrifuges controlled by Siemens Step7…

New PhaaS Platform Lets Attackers Bypass Two-Factor Authentication

Several phishing campaign kits have been used widely by threat actors in the past. One popular PhaaS (Phishing-as-a-Platform) was Caffeine, which was first identified and reported by Mandiant researchers.  MRxC0DER, an Arabic-speaking threat actor, developed and maintained the caffeine kit.…