Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Hackers exfiltrate data first before encrypting it to increase their bargaining power during ransom negotiations.  Threats of public exposure of private information accelerate up the urgency for victims to pay a ransom immediately. Secureworks Counter Threat Unit researchers are tracking…

Read more →

Security researchers have uncovered a new strain of Android malware that masquerades as the popular Google Chrome browser to steal sensitive banking information from unsuspecting users. The malware, dubbed “Mamont Spy Banker,” has been found to target Android devices highly…

Read more →

Hackers target Apple device users because they are perceived to be of higher social classes. This leads to targets who are richer than others and who can possibly provide more money to the hackers in one way or another. Besides…

Read more →

In today’s digital landscape, email security has become a critical concern for businesses of all sizes. As cyber threats continue to evolve, it’s essential for Managed Service Providers (MSPs) to equip their clients with the necessary tools and knowledge to…

Read more →

Ahmed exploited a vulnerability in a decentralized cryptocurrency exchange’s smart contract by injecting fabricated pricing data, which triggered the generation of inflated fees totaling $9 million, which he subsequently withdrew in cryptocurrency.  Following the theft, Ahmed attempted to extort the…

Read more →

A new exploit campaign has emerged, targeting organizations that utilize Fortinet’s FortiClient EMS. Dubbed “Connect:fun” by Forescout Research – Vedere Labs, this campaign leverages a critical vulnerability identified as CVE-2023-48788. The campaign has been active since at least 2022 and…

Read more →

Omni Hotels & Resorts has revealed that it was the target of a recent cyberattack, which resulted in the theft of customer information. The hospitality giant has been working closely with a leading cybersecurity response group to investigate the incident…

Read more →

TA558, a financially motivated threat actor identified in 2018, is targeting several countries but with utmost priority in Latin America. Over 320 attacks have been observed from this particular threat actor, which involve using various tools and malware and compromising…

Read more →

A group of cybercriminals known as “Blackjack” has launched a devastating attack on industrial control systems (ICS) worldwide. The group’s custom-built malware, dubbed “Fuxnet,” has successfully disabled 87,000 sensors across various critical infrastructure sectors, posing a grave threat to global…

Read more →

Cisco’s Duo Security, a leading multi-factor authentication (MFA) service, has suffered a significant data breach. The April 1, 2024, incident involved unauthorized access to telephony data used for MFA purposes. The breach was produced through a sophisticated phishing attack that…

Read more →

In a groundbreaking move, the U.S. Department of Defense has released a comprehensive guide for organizations deploying and operating AI systems designed and developed byanother firm. The report, titled “Deploying AI Systems Securely,” outlines a strategic framework to help defense…

Read more →

Cybersecurity researchers at Kaspersky have uncovered evidence that cybercriminal groups are customizing the virulent LockBit 3.0 ransomware for targeted attacks against organizations worldwide. This allows the threat actors to tailor the malware for maximum impact and effectiveness against specific targets.…

Read more →

A new remote code execution vulnerability has been identified to be affecting multiple Microsoft products including .NET, .NET Framework and Visual Studio. This vulnerability has been assigned CVE-2024-21409, and its severity has been given as 7.3 (High). This vulnerability is…

Read more →

The revival of the LightSpy malware campaign has been observed, focusing on Indian Apple device users. This sophisticated mobile spyware, suspected to have origins in China, is being used for espionage, targeting a select group of individuals, including journalists, activists,…

Read more →

The Web3 movement is going from strength to strength with every day that passes. Slowly but surely, it’s building a new iteration of the internet that promises to give power back to the people through the concept of decentralization and…

Read more →

A new malware known as LightSpy has been targeting Android and iOS users. This sophisticated surveillance tool raises alarms across the cybersecurity community due to its extensive capabilities to exfiltrate sensitive user data. LightSpy is a modular malware implant designed…

Read more →

In a recent security bulletin, Palo Alto Networks disclosed a critical vulnerability in its GlobalProtect Gateway, identified as CVE-2024-3400. This flaw, rooted in the PAN-OS operating system, has already been exploited in a limited number of attacks, raising alarms across…

Read more →

The software supply chain is filled with various challenges, such as untracked security vulnerabilities in open-source components and inconsistent update uptake.  The lighttpd vulnerability was silently fixed in 2018 without any CVE assignment in a single instance of vulnerability detection.…

Read more →

A LastPass employee recently became the target of an attempted fraud involving sophisticated audio deepfake technology. This incident underscores the urgent need for heightened cybersecurity awareness and the implementation of robust verification processes within organizations. The Rise of Deepfake Technology…

Read more →

DuckDuckGo has launched Privacy Pro, a new subscription service that promises to enhance user privacy across the web. This innovative offering combines a VPN service with additional privacy features integrated into DuckDuckGo’s existing privacy-focused browser. A Closer Look at Privacy…

Read more →