Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

In response to a recent data breach at Sisense, a provider of data analytics services, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) advised customers to reset their login credentials. Sisense’s AI and machine learning-driven analytics platform is used for data…

Read more →

In Q1 2024, Check Point Research (CPR) witnessed a notable increase in the average number of cyber attacks per organization per week, reaching 1308. This marked a 5% increase from Q1 2023 and a 28% increase from the last quarter…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive concerning a breach in Microsoft’s corporate email system. The directive, ED 24-02, outlines the urgent steps required to mitigate the risks posed by Midnight Blizzard, a nation-state-sponsored cyber…

Read more →

Around 300,000 taxi passengers’ personal information was left exposed on the internet, causing concern in the UK and Ireland. Cybersecurity researcher Jeremiah Fowler discovered the breach involving Dublin-based taxi dispatch system provider iCabbi and subsequently reported it to vpnMentor. Fowler…

Read more →

Around 300,000 taxi passengers’ personal information was left exposed on the internet, causing concern in the UK and Ireland. Cybersecurity researcher Jeremiah Fowler discovered the breach involving Dublin-based taxi dispatch system provider iCabbi and subsequently reported it to vpnMentor. Fowler…

Read more →

TA547 has been targeting German organizations with an email campaign delivering the Rhadamanthys malware. Proofpoint has observed TA547 using Rhadamanthys, an information stealer that is utilized by multiple cybercriminal threat actors. The emails, which impersonated the German retail company Metro,…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its latest initiative: opening its advanced malware analysis system, Malware Next-Gen, to the public. Malware Next-Gen represents a paradigm shift in analyzing and countering cyber threats and malware. With scalability and…

Read more →

WebDAV incidents simulate an offensive attack employing a WebDAV server to distribute malware to a client PC. Attackers store malicious payloads and attract users into downloading and executing them. It then analyzes a real-world scenario involving AsyncRat/Purelogs malware to understand…

Read more →

In a sophisticated cyberattack campaign uncovered on April 10, 2024, cybercriminals are exploiting GitHub’s search functionality to distribute a particularly insidious form of malware, known as “Keyzetsu clipper,” targeting cryptocurrency wallets. This new wave of attacks highlights cybercriminals’ evolving tactics…

Read more →

Fortra’s Robot Schedule Enterprise Agent permits a low-privileged user to elevate privileges to the local system level.  The problem arises from the agent’s failure to adequately secure its service executable, which an attacker can exploit by swapping out the executable…

Read more →

Cybersecurity experts have uncovered a failed attempt by the notorious Russia-based Turla Advanced Persistent Threat (APT) group to infiltrate an Albanian organization. This incident is part of a broader cyber espionage campaign targeting European countries, with Poland also falling victim…

Read more →

A comprehensive four-year study of brute-force attacks against SSH servers has revealed an alarming increase in the frequency and sophistication of these cyber attacks on internet-connected systems. The research by scientists at the University of Utah provides unprecedented insight into…

Read more →

Law enforcement authorities successfully penetrated EncroChat, an encrypted chat program that is frequently used by criminals, in a ground-breaking operation that has shocked the world of organized crime. This operation led to the arrest of hundreds of individuals involved in…

Read more →

Cyber GRC software company Cypago has announced a new automation solution for artificial intelligence (AI) governance, risk management and compliance. This includes implementation of NIST AI RMF and ISO/IEC 42001, the newest AI security and governance frameworks. With more and…

Read more →

Attackers are now leveraging encrypted phishing emails that utilize Scalable Vector Graphics (SVG) files to execute malicious JavaScript code. The phishing campaign begins with an email masquerading as a notification for a new voice message. Recipients are prompted to click…

Read more →

Bitdefender, the cybersecurity firm, has unveiled a series of critical vulnerabilities in LG’s WebOS TVs, affecting over 91,000 devices worldwide. These flaws, identified as CVE-2023-6317, CVE-2023-6318, CVE-2023-6319, and CVE-2023-6320, could allow attackers to gain unauthorized root access, posing risks to…

Read more →

On April Patch Tuesday, Microsoft fixed 149 bugs—one of the biggest security update releases in the company’s history.  Many of its software products, such as Microsoft Office and its SQL Server database package, have fixed vulnerabilities. The majority of vulnerabilities…

Read more →

Group Health Cooperative of South Central Wisconsin (GHC-SCW) has announced a significant breach in their cybersecurity, leading to unauthorized access and theft of personal information by ransomware actors. This incident has raised alarms about the security measures to protect sensitive…

Read more →

A new critical vulnerability has been discovered in two of the Rust standard libraries, which could allow a threat actor to execute shell commands on vulnerable versions. This vulnerability has been assigned CVE-2024-24576, and its severity has been given as…

Read more →

The cybersecurity community is again on high alert as the notorious botnet group RUBYCARP, known for its SSH brute force attacks, has resurfaced with new tools and tactics. The Sysdig Threat Research Team (Sysdig TRT) has been closely monitoring the…

Read more →