Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Mobile Device Management Vendor Mobile Guardian Hacked

 Mobile Guardian, a leading Mobile Device Management (MDM) vendor, experienced unauthorized access to its platform on August 4th. The incident has impacted iOS and ChromeOS devices enrolled globally in the Mobile Guardian system. What Happened On August 4th at 2…

Authorities have Uncovered USD 40 Million from Hackers

Singapore authorities have successfully intercepted and reclaimed over USD 40 million defrauded in a sophisticated business email compromise (BEC) scam. The operation, facilitated by INTERPOL’s Global Rapid Intervention of Payments (I-GRIP) mechanism, marks the largest-ever recovery of fraudulently obtained funds…

New LianSpy Attacking Android Users to Steal Sensitive Data

Cybersecurity experts have uncovered a sophisticated Android spyware, LianSpy, targeting users to steal sensitive data. This spyware employs advanced evasion techniques, making it a significant threat to Android device users worldwide. How LianSpy Operates LianSpy begins its operation by determining…

Threat Actor Allegedly Claims Leak of SisaCloud Database

A threat actor has reportedly claimed responsibility for leaking a database belonging to SisaCloud, Thailand’s School Information System Advance. This alarming news was first reported by DailyDarkWeb on their social media platform, X.com, raising significant concerns about the security of…

Beware Of Fake AI Editor Website That Steals Your Login Credentials

Hackers often make use of fake AI editor websites for several illicit purposes with malicious intent.  Among their prime activities are deceiving users into providing personal information, downloading malware, making payments for fraudulent services, and many more. Recently, cybersecurity researchers…

Hackers Abused StackExchange Platform To Deliuver Malicious Python Package

Attackers uploaded malicious Python packages targeting Raydium and Solana users to PyPI, leveraging a StackExchange post to distribute the malware.  The multi-stage malware stole sensitive data, drained cryptocurrency wallets, and established persistent backdoor access, bypassing Windows security protections, underscoring the…

Hackers Hijacked ISP Service Provider To Poison Software Updates

⁤Hackers often attack ISP service providers for several illicit purposes. The most significant ones are disrupting internet services, stealing sensitive data, and many more.  ⁤Besides this, such compromise also provides hackers with control over a vast number of connected devices,…

Authorities Seized Cryptonator Site & Charged the Admin

The IRS-Criminal Investigation, the US Department of Justice (DOJ), and the Federal Bureau of Investigation (FBI), in partnership with the German Federal Criminal Police Office (BKA) and the Attorney General’s Office in Frankfurt, successfully seized the domain of the online…

TgRAT Malware Attacking Linux Servers with New Variant

A new variant of the TgRAT malware, initially discovered in 2022 targeting Windows systems, has been observed attacking Linux servers. This evolution marks a significant shift in the malware’s capabilities, broadening its potential impact on a wider range of systems.…

Beware Of Malicious Crypto Management App That Drains Your Wallet

A forwarded Telegram video advertises heavily discounted, high-profile cryptocurrency projects, enticing viewers with links to a seemingly legitimate second-tier exchange and a concealed malicious link.  Through the use of this social engineering strategy, which is intended to lull victims into…

OAuth Vulnerability Exposes 1 Million Websites To XSS Attacks

Despite robust defenses, Cross-Site Scripting (XSS) remains a persistent web vulnerability, as its exploitation has become increasingly challenging. A recent discovery highlights how integrating OAuth, a modern authentication standard, with vulnerable websites can resurrect XSS risks.  By manipulating OAuth flows…

Threat Actor Allegedly Claiming Breach of Cyepr

A threat actor has allegedly claimed responsibility for breaching Cyepro Solutions, a company known for its cloud solutions tailored to the automotive sales industry. The breach, reportedly in July 2024, has potentially compromised the personal information of approximately 97,000 individuals.…

Threat Actots Leveraging ChatGPT To Craft Sophisticated Attacks

Adversaries are employing Large Language Models to generate malicious code, delivered via phishing emails, for downloading diverse payloads, including Rhadamanthys, NetSupport, CleanUpLoader, ModiLoader, LokiBot, and Dunihi.  It indicates a concerning trend of threat actors leveraging AI to automate malware creation…

Ukraine Hacked Russian Banks, Leading Major Disruption

A large-scale cyberattack orchestrated by Ukrainian intelligence led to disruptions in the Russian banking sector. According to a source from Ukrainian intelligence, ATM services at several top Russian banks were rendered inoperative, leaving customers unable to withdraw cash. The attack…

Hackers Attacking Users Searching For W2 Form

A malicious campaign emerged on June 21, 2024, distributing a JavaScript file hosted on grupotefex.com, which executes an MSI installer, subsequently dropping a Brute Ratel Badger DLL into the user’s AppData.  The command-and-control framework Brute Ratel then downloads and inserts…

OpenAI Launches SearchGPT Prototype

San Francisco, CA – OpenAI has announced the launch of SearchGPT, a groundbreaking prototype designed to revolutionize how users search for information online. This innovative tool combines the advanced capabilities of OpenAI’s AI models with real-time web data to provide…

Play & LockBit Ransomware Join Hands to Launch Cyber Attacks

Play Ransomware and LockBit Ransomware have reportedly allied to enhance their capabilities in launching cyber attacks. This collaboration, which involves a significant financial transaction and training exchange, has raised alarms among cybersecurity experts and organizations worldwide. Financial Transaction and Training…

Google Chrome Warns of Malicious Files While Downloading

Google Chrome has introduced a revamped download experience with comprehensive warnings about potentially malicious files. This update is part of Chrome’s ongoing effort to keep users secure while interacting with downloaded content. Last year, Google Chrome unveiled a redesigned downloads…

LummaC2 Malware Using Steam Gaming Platform as C2 Server

Cybersecurity experts have uncovered a sophisticated variant of the LummaC2 malware that leverages the popular Steam gaming platform as a Command-and-Control (C2) server. This new tactic marks a significant evolution in the malware’s distribution and operational mechanisms, posing a heightened…

Ukraine Hackers Hit Major Russian banks with DDoS attacks

Several prominent Russian bank clients experienced issues with their mobile apps and websites. According to Downdetector, complaints began to surge around 09:30 Moscow time. The affected banks included Gazprombank, Alfa-Bank, VTB, and Rosbank. By midday, Post Bank clients also reported…

Hackers Abusing Google Cloud For Phishing

Threat actors often attack cloud services for several illicit purposes. Google Cloud is targeted due to its extensive and powerful resources, which could be abused for a multitude of malicious activities. The vast amounts of data and computing power that…

Emojis Are To Express Emotions, But CyberCriminals For Attacks

There are 3,664 emojis that can be used to express emotions, ideas, or objects in digital communication. While seemingly harmless, criminals are increasingly exploiting emojis for covert communication in illegal activities. This allows them to conduct transactions and target victims…

Data Breach Increases by Over 1,000% Annually

The Identity Theft Resource Center® (ITRC), a nationally recognized nonprofit organization established to support identity crime victims, released its U.S. data breach findings for the second quarter (Q2) and the first half (H1) of 2024. The results are staggering, revealing…

CrowdStrike Update Triggers Widespread Windows BSOD Crashes

A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users, leading to widespread reports of Blue Screen of Death (BSOD) errors. The issue, affecting multiple versions of the company’s sensor software, has prompted urgent investigations and…

CrowdStrike Update Triggers Widespread Windows Crashes

A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users, leading to widespread reports of Blue Screen of Death (BSOD) errors. The issue, affecting multiple versions of the company’s sensor software, has prompted urgent investigations and…

Hackers Exploiting Legitimate RMM Tools With BugSleep Malware

Since October 2023, MuddyWater, which is an Iranian threat group linked to MOIS, has escalated its phishing campaigns in Middle East countries, specifically Israel. In their approach, they use already compromised email accounts to spread malicious content across various sectors.…

Cybercriminals Exploit Attack on Donald Trump for Crypto Scams

Researchers at Bitdefender Labs remain ever-vigilant, informing users about the latest scams and internet perils that threaten their security and finances. The latest discovery involves cybercriminals exploiting an alleged assassination attempt on former US President Donald Trump to conduct extensive…

Beware! of New Phishing Tactics Mimic as HR Attacking Employees

Phishing attacks are becoming increasingly sophisticated, and the latest strategy targeting employees highlights this evolution. This new phishing attempt impersonates a company’s Human Resources (HR) department, presenting a significant threat to corporate security. In this article, we’ll dissect the recent…

HardBit Ransomware Using Passphrase Protection To Evade Detection

In 2022, HardBit Ransomware emerged as version 4.0. Unlike typical ransomware groups, this ransomware doesn’t use leak sites or double extortion. Their tactics include data theft, encryption, and ransom requests with threats of other attacks. Cybersecurity researchers at Cybereason identified…

New ShadowRoot Ransomware Attacking Business Via Weaponized PDF’s

X-Labs identified basic ransomware targeting Turkish businesses, delivered via PDF attachments in suspicious emails from the internet[.]ru domain.  PDF links trigger exe payload downloads, which encrypt files with the “.shadowroot” extension, which is actively compromising various global organizations, including healthcare…

New Poco RAT Weaponizing 7zip Files Using Google Drive

The hackers weaponize 7zip files to pass through security measures and deliver malware effectively. These archived files can hide malicious content, which makes it more difficult for antivirus programs to identify threats. In early 2024, Cofense researchers discovered a new…