Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Veracode, a leading provider in the cybersecurity space, has officially announced its acquisition of Longbow Security. This strategic move is poised to revolutionize how organizations manage and mitigate risks in multi-cloud environments, offering a unified solution to the complex challenges…

Read more →

Professor Ross Anderson, who passed away on March 28, 2024. Anderson, a pioneer in security engineering, was the author of the seminal book ‘Security Engineering’, which has educated countless professionals and academics on the complexities of securing systems. Born on…

Read more →

Active since 2023, the Mysterious Werewolf cluster has shifted targets to the military-industrial complex (MIC) by using phishing emails with a weaponized archive.  The archive contains a seemingly legitimate PDF document along with a malicious CMD file, and when the…

Read more →

Activision, the powerhouse behind popular titles such as Call of Duty, is currently embroiled in an investigation into a hacking campaign aimed at its players. The primary objective of cybercriminals is to siphon off player credentials, focusing on gaming accounts…

Read more →

Imperva SecureSphere WAF, a security tool for on-premise web applications, has a vulnerability in some versions that allows attackers to bypass filters when inspecting POST data.  By sneaking malicious content past the WAF, attackers could potentially exploit security flaws in…

Read more →

A startling revelation has identified a dangerous security vulnerability in the xz compression utility, specifically within its liblzma library. This vulnerability has been found to compromise SSH server security. Xz Utils is a tool found almost everywhere in Linux. It…

Read more →

Hackers have been found leveraging Microsoft OneNote files as a vector to compromise systems across various industries. The campaign, under the radar of cybersecurity experts, showcases a new trend in cyber threats, exploiting commonly used office applications to gain unauthorized…

Read more →

DinodasRAT, also known as XDealer, is a sophisticated C++ backdoor targeting multiple operating systems. It is designed to enable attackers to monitor and extract sensitive information from compromised systems covertly. Notably, a Windows variant of this RAT was employed in…

Read more →

The notorious WarzoneRAT malware has made a comeback, despite the FBI’s recent efforts to dismantle its operations. Initially detected in 2018, WarzoneRAT was disrupted by the FBI in mid-February when they seized the malware’s infrastructure and arrested two individuals linked…

Read more →

EclecticIQ cybersecurity researchers have uncovered a cyberespionage operation dubbed “Operation FlightNight” targeting Indian government entities and energy companies.  The attackers, likely state-sponsored, leveraged a modified version of the open-source information stealer HackBrowserData to steal sensitive data. EclecticIQ identified that the…

Read more →

Businesses increasingly rely on Software as a Service (SaaS) applications to drive efficiency, innovation, and growth. However, this shift towards a more interconnected digital ecosystem has not come without its risks. According to the “2024 State of SaaS Security Report”…

Read more →

Android devices are popular among hackers due to the platform’s extensive acceptance and open-source nature. However, it has a big attack surface with over 2.5 billion active Android devices all over the world. It also poses challenges when it comes…

Read more →

A comprehensive survey conducted by Keeper Security, in partnership with TrendCandy Research, has shed light on the growing concerns within the cybersecurity community. The survey, which gathered insights from over 800 IT and security executives globally, reveals a stark reality:…

Read more →

Utilizing sandbox analysis for behavioral, network, and process examination provides a foundation for reverse engineering .NET malware.  The write-up outlines the importance of sandbox analysis in preparing for reverse engineering by highlighting what to expect and focus on, given that…

Read more →

In 2023, C2A Security added multiple OEMs and Tier 1s to its portfolio of customers, successful evaluations, and partnerships such as BMW Group, Daimler Truck AG, Marelli, NTT Data, Siemens, and Valeo, among others. C2A Security’s DevSecOps Platform, ‘EVSec’, has…

Read more →

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered platform designed to redefine how we work. This innovative solution aims to streamline communication, enhance collaboration, and boost productivity. It addresses the challenges of dispersed teams…

Read more →

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and education. The latest update, Wireshark 4.2.4, includes a host of fixes and updates to further cement its position as the go-to tool for network professionals and…

Read more →

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information and grant unauthorized access. It’s an effective social engineering technique that can bypass even robust technical security measures.  Phishing kits and services provide a low-cost, low-effort…

Read more →

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and turning them into bots for the Faceless proxy service. TheMoon bots grew to over 40,000 in early 2024 and enabled Faceless to gain nearly 7,000 new…

Read more →

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including two zero-day exploits showcased at the prestigious Pwn2Own 2024 hacking competition. The update, which affects Chrome users on Windows, Mac, and Linux, elevates the browser version…

Read more →