Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

A new RAT malware has been discovered to be targeting Android devices. This malware is capable of executing additional commands compared to other RAT malware. This malware can also perform phishing attacks by disguising itself as legitimate applications like Snapchat,…

Read more →

BlackBerry reported a new iOS LightSpy malware, but Huntress researchers found it to be a macOS variant targeting Intel or Apple Silicon with Rosetta 2-enabled devices.  This caused media confusion, as Apple’s recent spyware alert likely referred to Pegasus spyware,…

Read more →

Kaiser Permanente, one of the largest healthcare providers in the United States, was the victim of a cyber attack that compromised the personal information of approximately 13.4 million users. This incident, which involved unauthorized access to the systems of City…

Read more →

A serious concern has arisen for iPhone users in the European Union as a newly discovered flaw in Apple’s Safari browser has the potential to expose them to tracking and malicious activities. The vulnerability lies in the fact that third-party…

Read more →

Researchers have uncovered a novel infection chain associated with the DarkGate malware. This Remote Access Trojan (RAT), developed using Borland Delphi, has been marketed as a Malware-as-a-Service (MaaS) offering on a Russian-language cybercrime forum since at least 2018. The DarkGate…

Read more →

Gemini 1.5 Pro is the latest version of the Gemini AI malware analysis platform, which is set to transform the cybersecurity industry. With its innovative features, it enables security teams to detect, investigate, and respond to malware threats with unprecedented…

Read more →

In the world of cloud computing, Amazon Web Services (AWS) is a giant that offers a wide range of services that cater to various needs, from storage to computation. Among these services, AWS S3 (Simple Storage Service) is a trendy…

Read more →

The popular open-source platform Grafana, widely used for monitoring and observability, has been found to contain a severe SQL injection vulnerability. This flaw allows attackers with valid user credentials to execute arbitrary SQL commands, potentially leading to data leakage and…

Read more →

Cybersecurity experts have meticulously traced the timeline of a sophisticated ransomware attack that spanned 29 days from the initial breach to the deployment of Dagon Locker ransomware. This case study not only illuminates cybercriminals’ efficiency and persistence but also underscores…

Read more →

A large botnet-as-a-service network originating from China was discovered, which comprises numerous domains, over 20 active Telegram groups, and utilizes other domestic communication channels.  The infrastructure that supports this botnet, located in China, raises concerns about the potential for large-scale,…

Read more →

Microsoft released multiple product security patches on their April 2024 Patch Tuesday updates. One of the vulnerabilities addressed was CVE-2024-26218, associated with the Windows Kernel Privilege Escalation vulnerability, which had a severity of 7.8 (High).  This vulnerability relates to a…

Read more →

A new ransomware named KageNoHitobito has been targeting Windows users across various countries. It encrypts their data and demands a ransom through sophisticated means. This article delves into the mechanics of the KageNoHitobito ransomware and its attack methodology and provides…

Read more →

Hackers often focus on flaws in Microsoft products since they are commonly employed in various institutions and personal computers, which means they have a bigger area to attack.  This is because these systems could be used as an entry point…

Read more →

A new family of mobile malware known as “Brokewell” has been found to have a wide range of device takeover capabilities.  This seriously threatens the banking sector by giving attackers remote access to all the resources made available via mobile…

Read more →

Okta has issued a warning about the increasing prevalence of credential-stuffing attacks. These attacks, which leverage stolen user credentials to gain unauthorized access to accounts, are facilitated by the widespread use of residential proxy services. This alarming trend underscores the…

Read more →

A recent malware campaign used a VBA macro in a Word document to download and execute a 64-bit Rust binary. This binary employs fileless injection techniques to load a malicious AgentTesla payload into its memory space.  The malware leverages CLR…

Read more →

Some router models have identified a security vulnerability that allows attackers to bypass authentication. To exploit this vulnerability, an attacker must know the WiFi password or have an Ethernet connection to a device on the victim’s network.  Firmware updates that…

Read more →

Hackers often target CrushFTP servers as they contain sensitive data and are used for file sharing and storage. This makes them attractive targets for data theft and ransomware attacks for the threat actors.  Besides this, the vulnerabilities in CrushFTP servers…

Read more →

DDoS attacks are a significant and growing risk that can overpower websites, crash servers, and block out authorized users with never-ending waves of offensive traffic. More than 13 million DDoS attacks were recorded in 2023 alone, which reveals the real…

Read more →

Hackers have leveraged an old Microsoft Office vulnerability, CVE-2017-8570, to deploy the notorious Cobalt Strike Beacon, targeting systems in Ukraine. It has been closely monitoring the situation and has successfully detected all stages of the attack. CVE-2017-8570: The Initial Vector…

Read more →