Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

 Mobile Guardian, a leading Mobile Device Management (MDM) vendor, experienced unauthorized access to its platform on August 4th. The incident has impacted iOS and ChromeOS devices enrolled globally in the Mobile Guardian system. What Happened On August 4th at 2…

Read more →

Singapore authorities have successfully intercepted and reclaimed over USD 40 million defrauded in a sophisticated business email compromise (BEC) scam. The operation, facilitated by INTERPOL’s Global Rapid Intervention of Payments (I-GRIP) mechanism, marks the largest-ever recovery of fraudulently obtained funds…

Read more →

A threat actor has claimed responsibility for breaching Gregory’s Foods, a well-known supplier of frozen bread, bun, and cookie doughs, among other bakery products. The announcement was made on a dark web forum, where the alleged hacker stated that a…

Read more →

Cybersecurity experts have uncovered a sophisticated Android spyware, LianSpy, targeting users to steal sensitive data. This spyware employs advanced evasion techniques, making it a significant threat to Android device users worldwide. How LianSpy Operates LianSpy begins its operation by determining…

Read more →

A threat actor has reportedly claimed responsibility for leaking a database belonging to SisaCloud, Thailand’s School Information System Advance. This alarming news was first reported by DailyDarkWeb on their social media platform, X.com, raising significant concerns about the security of…

Read more →

Hackers often make use of fake AI editor websites for several illicit purposes with malicious intent.  Among their prime activities are deceiving users into providing personal information, downloading malware, making payments for fraudulent services, and many more. Recently, cybersecurity researchers…

Read more →

Attackers uploaded malicious Python packages targeting Raydium and Solana users to PyPI, leveraging a StackExchange post to distribute the malware.  The multi-stage malware stole sensitive data, drained cryptocurrency wallets, and established persistent backdoor access, bypassing Windows security protections, underscoring the…

Read more →

The notorious Mirai botnet has been observed exploiting a recently disclosed directory traversal vulnerability in Apache OFBiz. This Java-based framework, supported by the Apache Foundation, is used for creating ERP (Enterprise Resource Planning) applications, which are critical for managing sensitive…

Read more →

Fighting Ursa, a Russian APT, has employed a car sales phishing lure to distribute the HeadLace backdoor malware targeting diplomats since March 2024. This strategy mirrors previous campaigns by the group and other Russian threat actors.  The attack leveraged public,…

Read more →

The Exodus Market, a haven for exiled criminals, has grown to become a significant player in the black market economy. The user “ExodusMarket” originally announced Exodus Market for Logs on the Cracked forum on February 10, 2024, after it was…

Read more →

Mint-Stealer is a Malware-as-a-Service tool designed to exfiltrate sensitive data from compromised systems stealthily and targets a broad spectrum of data, including web credentials, cryptocurrency wallet details, gaming credentials, VPN configurations, messaging app data, and FTP client information.  Employing encryption…

Read more →

⁤Hackers often attack ISP service providers for several illicit purposes. The most significant ones are disrupting internet services, stealing sensitive data, and many more.  ⁤Besides this, such compromise also provides hackers with control over a vast number of connected devices,…

Read more →

The wide use and the huge user base of Android often lucrative the threat actors.  As threat actors often use Android malware to exploit vulnerabilities in the Android operating system.  This enables them to perform several illicit activities like stealing…

Read more →

Security researchers have found a new way for hackers to steal sensitive information like passwords by eavesdropping on HDMI cables. This is a worrying development for computer users. Researchers at Universidad de la República in Uruguay discovered that hackers can…

Read more →

A newly discovered vulnerability in Windows File Explorer has raised alarms within the cybersecurity community. Identified as CVE-2024-38100, this security flaw allows attackers to escalate privileges by exploiting a seemingly innocuous wallpaper feature. CVE-2024-38100 – Windows File Explorer Elevation of…

Read more →

The IRS-Criminal Investigation, the US Department of Justice (DOJ), and the Federal Bureau of Investigation (FBI), in partnership with the German Federal Criminal Police Office (BKA) and the Attorney General’s Office in Frankfurt, successfully seized the domain of the online…

Read more →

Microsoft has addressed several critical vulnerabilities in its Chromium-based Edge browser. Users of the affected versions are strongly advised to update to the latest version to mitigate potential security risks. According to the Asec Ahnlab reports, the vulnerabilities were found…

Read more →

Hackers have been actively exploiting a critical vulnerability in the WordPress plugin 简数采集器 (Keydatas). The vulnerability, CVE-2024-6220, allows unauthenticated threat actors to upload arbitrary files to a vulnerable site, potentially leading to remote code execution and complete site takeover. This…

Read more →

Today, the National Crime Agency (NCA) revealed the successful shutdown of Russian Coms, a sophisticated fraud platform responsible for defrauding thousands of victims worldwide. Established in 2021, this platform facilitated over 1.3 million scam calls to 500,000 unique UK phone…

Read more →

A new variant of the TgRAT malware, initially discovered in 2022 targeting Windows systems, has been observed attacking Linux servers. This evolution marks a significant shift in the malware’s capabilities, broadening its potential impact on a wider range of systems.…

Read more →

A recently discovered vulnerability in Bitdefender’s GravityZone Update Server has raised significant security concerns. Identified as CVE-2024-6980, this flaw allows attackers to execute server-side request forgery (SSRF) attacks, potentially compromising sensitive data and systems. With a CVSS score of 9.2,…

Read more →

A forwarded Telegram video advertises heavily discounted, high-profile cryptocurrency projects, enticing viewers with links to a seemingly legitimate second-tier exchange and a concealed malicious link.  Through the use of this social engineering strategy, which is intended to lull victims into…

Read more →

Delta Air Lines has enlisted the legal expertise of David Boies, chairman of Boies Schiller Flexner, to seek damages from cybersecurity firm CrowdStrike and tech giant Microsoft. This follows a catastrophic system crash on July 19 that resulted in the…

Read more →

Users use Voice Over Wi-Fi (VoWiFi) quite frequently nowadays, as it’s a technology that enables them to make voice calls over a Wi-Fi network. This technology does so without relying on traditional cellular networks.  Besides this, doing so allows the…

Read more →

Following extensive analyses and investigations by German security authorities, the Federal Government has officially attributed responsibility for a significant cyberattack on the Federal Office of Cartography and Geodesy (BKG) at the end of 2021 to Chinese state actors. The federal…

Read more →

Despite robust defenses, Cross-Site Scripting (XSS) remains a persistent web vulnerability, as its exploitation has become increasingly challenging. A recent discovery highlights how integrating OAuth, a modern authentication standard, with vulnerable websites can resurrect XSS risks.  By manipulating OAuth flows…

Read more →

The World Wide Web Consortium (W3C) has strongly opposed Google’s decision to halt the deprecation of third-party cookies. The W3C has updated its Technical Architecture Group (TAG) finding to emphasize the necessity of removing third-party cookies due to their inherent…

Read more →

Cybersecurity firm TrustedSec has unveiled a powerful new tool called Specula. It exploits a longstanding vulnerability in Microsoft Outlook to transform it into a Command and Control (C2) server. This revelation has sent shockwaves through the cybersecurity community, highlighting a…

Read more →

Texas Attorney General Ken Paxton has secured a $1.4 billion settlement with Meta Platforms Inc. (formerly known as Facebook) over the unauthorized capture and use of millions of Texans’ personal biometric data. This settlement marks the largest privacy settlement ever…

Read more →

Google has rolled out a new security update for its Chrome browser, addressing several critical vulnerabilities. The update on the Stable channel brings Chrome to version 127.0.6533.88/89 for Windows and Mac, and 127.0.6533.88 for Linux. The update will be distributed…

Read more →

Progress, the company behind MOVEit Transfer, has issued a critical security alert addressing a newly discovered vulnerability in its MOVEit Transfer product. The flaw, CVE-2024-6576, has been classified as a high-severity issue, with a CVSS score of 7.3, indicating a…

Read more →

The popular audiobook and podcast platform uBook has been affected by a data breach that exposed the personal information of 710,000 users. According to a tweet by ThreatMon, the breach, which occurred in July 2024, was announced by a member…

Read more →

A serious flaw in OpenSSH servers, dubbed “regreSSHion,” affects macOS systems and could allow a remote attacker to execute arbitrary code. A few weeks ago, Qualys’ threat research unit discovered this vulnerability, which has been identified as regreSSHion and tracked…

Read more →

 A threat actor has taken to social media to claim responsibility for hacking into a Microsoft employee’s device. The announcement was made via a Telegram post, accompanied by a video purportedly showing the breach’s aftermath, as per a tweet by…

Read more →

Hackers prefer ransomware attacks primarily because they offer the highest chance of financial gain. By locking victims’ information systems and asking for payment to release them, ransomware attacks lock victims’ information systems and demand payment to unlock them. Considering such…

Read more →

Hackers use phishing emails to mislead recipients into providing personal data like usernames, passwords, credit card numbers, or social security numbers. This method exploits human emotions and trust, allowing a threat actor to compromise an account, steal an identity, or…

Read more →

The SocGholish downloader has been in operation since 2017 and it is still evolving. This malware, which poses as a browser update, is favored by multiple threat groups such as the Russian-operated Evil Corp (Manatee Tempest) and the Initial Access…

Read more →

A threat actor has allegedly claimed responsibility for breaching Cyepro Solutions, a company known for its cloud solutions tailored to the automotive sales industry. The breach, reportedly in July 2024, has potentially compromised the personal information of approximately 97,000 individuals.…

Read more →

In March 2024, a new variant of the AcidRain wiper malware dubbed “AcidPour” was noticed. It targets Linux data storage devices and permanently erases data from the targeted systems, making them inoperative. It targets crucial sectors of Linux devices such…

Read more →

Cybersecurity firm Group-IB has uncovered a sophisticated cybercrime operation targeting Spanish banking customers. The criminal group GXC Team has been using AI-powered phishing tools and Android malware to steal sensitive banking information. This article delves into the GXC Team’s operational…

Read more →

DigiCert, a leading digital certificate provider, has announced the revocation of thousands of certificates due to a domain validation error. This decision follows the discovery of a critical issue in their Domain Control Validation (DCV) process, which has affected approximately…

Read more →

Adversaries are employing Large Language Models to generate malicious code, delivered via phishing emails, for downloading diverse payloads, including Rhadamanthys, NetSupport, CleanUpLoader, ModiLoader, LokiBot, and Dunihi.  It indicates a concerning trend of threat actors leveraging AI to automate malware creation…

Read more →

A large-scale cyberattack orchestrated by Ukrainian intelligence led to disruptions in the Russian banking sector. According to a source from Ukrainian intelligence, ATM services at several top Russian banks were rendered inoperative, leaving customers unable to withdraw cash. The attack…

Read more →

A critical local privilege escalation vulnerability has been discovered in RaspAP, an open-source project designed to transform Raspberry Pi devices into wireless access points or routers. Identified as CVE-2024-41637, this flaw has been rated with a severity score of 9.9…

Read more →

Hackers continuously exploit malicious Python packages to attack developer environments and inject harmful code that enables them to steal sensitive information, install malware, or create backdoors. The method takes advantage of the widely-used repositories for packaging consequently creating a widespread…

Read more →

Onyx Sleet, a cyber espionage group also known as SILENT CHOLLIMA, Andariel, DarkSeoul, Stonefly, and TDrop2, mainly targets the military, defense sector, and technology in the United States, South Korea, and India. The group historically used spear-phishing, but they have…

Read more →

A malicious campaign emerged on June 21, 2024, distributing a JavaScript file hosted on grupotefex.com, which executes an MSI installer, subsequently dropping a Brute Ratel Badger DLL into the user’s AppData.  The command-and-control framework Brute Ratel then downloads and inserts…

Read more →

Hackers often attack secure boot during the boot process to execute unauthorized code, which gives them the ability to bypass a system’s security measures. By compromising Secure Boot, they can install rootkits and malware at a low level, gaining persistent…

Read more →

Cisco has issued patches for multiple products affected by a critical vulnerability in the RADIUS protocol. The vulnerability, identified as CVE-2024-3596, was disclosed by security researchers on July 7, 2024. This flaw allows an on-path attacker to forge responses using…

Read more →

The French government has investigated a malware attack that compromised approximately 3,000 machines within the country. The attack, part of a more extensive botnet operation affecting millions globally, has raised serious concerns about cybersecurity as France prepares to host the…

Read more →

San Francisco, CA – OpenAI has announced the launch of SearchGPT, a groundbreaking prototype designed to revolutionize how users search for information online. This innovative tool combines the advanced capabilities of OpenAI’s AI models with real-time web data to provide…

Read more →

Play Ransomware and LockBit Ransomware have reportedly allied to enhance their capabilities in launching cyber attacks. This collaboration, which involves a significant financial transaction and training exchange, has raised alarms among cybersecurity experts and organizations worldwide. Financial Transaction and Training…

Read more →

A hacktivist entity known as USDoD has asserted that it has leaked CrowdStrike’s “entire threat actor list” and claims to possess the company’s “entire IOC [indicators of compromise] list,” which purportedly contains over 250 million data points. Details of the…

Read more →

Google Chrome has introduced a revamped download experience with comprehensive warnings about potentially malicious files. This update is part of Chrome’s ongoing effort to keep users secure while interacting with downloaded content. Last year, Google Chrome unveiled a redesigned downloads…

Read more →

Researchers have uncovered a vulnerability in Microsoft’s Windows Hello for Business (WHfB) that allows attackers to bypass its robust authentication mechanism. This flaw, which downgrades the authentication process to a less secure method, has raised concerns about the security of…

Read more →

Cybersecurity experts have uncovered a sophisticated variant of the LummaC2 malware that leverages the popular Steam gaming platform as a Command-and-Control (C2) server. This new tactic marks a significant evolution in the malware’s distribution and operational mechanisms, posing a heightened…

Read more →

Several prominent Russian bank clients experienced issues with their mobile apps and websites. According to Downdetector, complaints began to surge around 09:30 Moscow time. The affected banks included Gazprombank, Alfa-Bank, VTB, and Rosbank. By midday, Post Bank clients also reported…

Read more →

A rudimentary ransomware targets Turkish businesses through phishing emails with “.ru” domain sender addresses. Clicking a PDF attachment’s link triggers downloading a malicious executable from a compromised GitHub account.  The executable encrypts crucial files with the “.shadowroot” extension, highlighting a…

Read more →

A significant vulnerability was discovered in BlueStacks, the world’s fastest Android emulator and cloud gaming platform. When used against a victim, this gives attackers complete access to the machine. The American technology business BlueStacks, also known as BlueStacks by now.gg,…

Read more →

Shared frameworks are often prone to hackers’ abuses as they have been built into various applications, which offer a range of systems that can be exploited at the same time. By attacking shared framework vulnerabilities, hackers can get into many…

Read more →

Malicious Python packages uploaded by “dsfsdfds” to PyPI infiltrated user systems by exfiltrating sensitive data to a Telegram bot likely linked to Iraqi cybercriminals.  Active since 2022 and containing more than 90,000 Arabic messages, it has functioned as both a…

Read more →

Despite having simple gameplay, the new Telegram clicker game Hamster Kombat has become very well-liked among gamers who use cryptocurrencies because of the potential rewards of a brand-new cryptocoin that the developers intend to launch.  The game’s success has spawned…

Read more →

BreachForumsV1, a notorious online platform for facilitating illegal activities, has reportedly suffered a massive data breach. According to a recent post on X by DailyDarkWeb, the database of BreachForumsV1 has been leaked, exposing a treasure trove of sensitive information. The…

Read more →

Google has unveiled the latest version of its Chrome browser, Chrome 127, which is now available on the Stable channel. The update, identified as version 127.0.6533.72/73 for Windows and Mac, and 127.0.6533.72 for Linux, will be rolled out over the…

Read more →

As enterprises increasingly migrate their workloads to cloud infrastructure, the need for robust security measures becomes more pressing. Unlike traditional data centers, cloud environments offer business agility at a reduced cost, making them attractive targets for cybercriminals. Defending cloud infrastructure,…

Read more →

A massive breach in cybersecurity has occurred at Leidos Holdings Inc., which is a key provider of information technology services to the United States government. Hackers have released internal information, which has raised significant worries regarding the safety of sensitive…

Read more →

Threat actors often attack cloud services for several illicit purposes. Google Cloud is targeted due to its extensive and powerful resources, which could be abused for a multitude of malicious activities. The vast amounts of data and computing power that…

Read more →

Threat actors often attack dating apps to steal personal data, including sensitive data and location details, which can be used in identity theft, blackmailing people, or other malicious activities. Since these applications are a goldmine of personal experiences and chats,…

Read more →

The United States has designated Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, two members of the Russian hacktivist group Cyber Army of Russia Reborn (CARR), for their roles in cyber operations targeting U.S. critical infrastructure. Pankratova, the group’s leader, and…

Read more →

Threat actors have been found exploiting a recently discovered bug in CrowdStrike’s software that causes a Blue Screen of Death (BSOD) on affected systems. This vulnerability has given cybercriminals a unique opportunity to spread malware, posing significant risks to users…

Read more →

The National Crime Agency (NCA) has successfully infiltrated and dismantled one of the most notorious Distributed Denial of Service (DDoS) for hire services, digitalstress.su. This criminal marketplace, responsible for tens of thousands of attacks weekly worldwide, was taken down through…

Read more →

A new Linux variant of Play ransomware targets VMware ESXi environments, which encrypts virtual machine files and appends the “.PLAY” extension by leveraging obfuscation techniques to bypass detection and is compressed with a Windows variant in a RAR archive.  It…

Read more →

SonicWall has disclosed a critical heap-based buffer overflow vulnerability in its SonicOS IPSec VPN. This flaw, identified as CVE-2024-40764, can potentially allow unauthenticated, remote attackers to cause a Denial of Service (DoS) condition. The vulnerability has been rated with a…

Read more →

Hackers often register new domains for phishing attacks, spreading malware, and other deceitful activities.  Such domains are capable of pretending to be trusted entities, which helps to make individuals disclose their sensitive details or download harmful content. Cybersecurity researchers at…

Read more →

Daikin, the world’s largest air conditioner manufacturer, has become the latest target of the notorious Meow hacking group. The USA branch of Daikin has been listed as a victim, with hackers demanding a ransom of $40,000. The incident has raised…

Read more →

There are 3,664 emojis that can be used to express emotions, ideas, or objects in digital communication. While seemingly harmless, criminals are increasingly exploiting emojis for covert communication in illegal activities. This allows them to conduct transactions and target victims…

Read more →

SocGholish malware, also known as FakeUpdates, has exhibited new behavior since July 4th, 2024, as the infection chain still begins with a compromised website prompting a fake browser update.  Downloading the update triggers malicious code that fetches additional malware. Unlike…

Read more →

The Identity Theft Resource Center® (ITRC), a nationally recognized nonprofit organization established to support identity crime victims, released its U.S. data breach findings for the second quarter (Q2) and the first half (H1) of 2024. The results are staggering, revealing…

Read more →

UK police have arrested a 17-year-old boy from Walsall in connection with a notorious cyber hacking group. This group has targeted significant organizations worldwide, including MGM Resorts in the United States, with sophisticated ransomware attacks. Arrest Made in Coordinated Effort…

Read more →

A significant data breach has been reported by a threat actor known as ‘Hana,’ who claims to have compromised the personal information of 453,646 users of Dettol India. The breach was announced via a post on the social media platform…

Read more →

A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users, leading to widespread reports of Blue Screen of Death (BSOD) errors. The issue, affecting multiple versions of the company’s sensor software, has prompted urgent investigations and…

Read more →

A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users, leading to widespread reports of Blue Screen of Death (BSOD) errors. The issue, affecting multiple versions of the company’s sensor software, has prompted urgent investigations and…

Read more →

Chainalysis has launched Operation Spincaster, an initiative to disrupt approval phishing scams that have drained billions from victims’ wallets. This operation, which brings together public and private sectors, has yielded promising results and offers a blueprint for future anti-fraud efforts.…

Read more →

Meeting apps are often targeted and turned into weapons by hackers as they are largely employed for communication and collaboration, frequently carrying sensitive data and user groups that are wide.  Such platforms gain trust among their users as of their…

Read more →

Hackers exploit open-source tools to execute attacks because they are readily available, well-documented, and often have extensive community support, making them easy to modify and deploy.  Besides this, open-source tools can be customized to evade detection, automate tasks, and leverage…

Read more →

Threat actors often attack VMware ESXi servers since they accommodate many virtual machines, which link to a variety of systems via one breach.  Compromising an ESXi server can bring the targeted services down. Additionally, valuable resources and data are stored…

Read more →

Meeting apps are often targeted and turned into weapons by hackers as they are largely employed for communication and collaboration, frequently carrying sensitive data and user groups that are wide.  Such platforms gain trust among their users as of their…

Read more →

Since October 2023, MuddyWater, which is an Iranian threat group linked to MOIS, has escalated its phishing campaigns in Middle East countries, specifically Israel. In their approach, they use already compromised email accounts to spread malicious content across various sectors.…

Read more →

HTTP Request Smuggling is a flaw in web security that is derived from variations in the way different web servers or intermediaries, such as load balancers and proxies handle HTTP request sequences. By creating malicious HTTP requests that exploit these…

Read more →

Researchers at Bitdefender Labs remain ever-vigilant, informing users about the latest scams and internet perils that threaten their security and finances. The latest discovery involves cybercriminals exploiting an alleged assassination attempt on former US President Donald Trump to conduct extensive…

Read more →

The Volcano Demon group has been discovered spreading a new ransomware called LukaLocker, which targets Idealease Inc., a truck leasing company. The malware targets several security, monitoring, and backup services, including antivirus software like Trend Micro, Malware Bytes, Sophos, and…

Read more →

Quick take: Resonance, a full-spectrum cybersecurity firm building security solutions for Web2 and Web3 apps has launched Harmony. The asset monitoring tool allows IT teams, organisations, startups and entrepreneurs to make strong detective and preventive measures accessible at any technical…

Read more →

Phishing attacks are becoming increasingly sophisticated, and the latest strategy targeting employees highlights this evolution. This new phishing attempt impersonates a company’s Human Resources (HR) department, presenting a significant threat to corporate security. In this article, we’ll dissect the recent…

Read more →

MirrorFace threat actors have been targeting media, political organizations, and academic institutions since 2022, shifting focus to manufacturers and research institutions in 2023.  The attack method evolved from spear phishing to exploiting vulnerabilities in external assets, specifically in Array AG…

Read more →

In 2022, HardBit Ransomware emerged as version 4.0. Unlike typical ransomware groups, this ransomware doesn’t use leak sites or double extortion. Their tactics include data theft, encryption, and ransom requests with threats of other attacks. Cybersecurity researchers at Cybereason identified…

Read more →

X-Labs identified basic ransomware targeting Turkish businesses, delivered via PDF attachments in suspicious emails from the internet[.]ru domain.  PDF links trigger exe payload downloads, which encrypt files with the “.shadowroot” extension, which is actively compromising various global organizations, including healthcare…

Read more →

The hackers weaponize 7zip files to pass through security measures and deliver malware effectively. These archived files can hide malicious content, which makes it more difficult for antivirus programs to identify threats. In early 2024, Cofense researchers discovered a new…

Read more →

Cyble Research & Intelligence Labs (CRIL) researchers have identified a cyber threat targeting the upcoming Paris Olympics. On June 23, 2024, a Russian hacktivist group known as the “People’s Cyber Army” (Народная Cyber Армия) and their allies, HackNeT, announced their…

Read more →

A critical vulnerability has been discovered in the Cellopoint Secure Email Gateway, identified as CVE-2024-6744. This flaw assigned a CVSS score of 9.8, poses a severe risk to organizations using this email security solution. CVE-2024-6744: A Critical Vulnerability According to…

Read more →

A Houthi-aligned group has been deploying Android surveillanceware called GuardZoo since October 2019 to target military personnel in the Middle East by leveraging social engineering tactics and using military-themed lures to trick victims into downloading the malware.  Based on a…

Read more →