Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Denial-of-service (DoS) attacks are usually exploited by hackers to interrupt regular network and website functioning, with motives of making money or for political reasons or simply to create a mess.  The websites or networks can be made unavailable through the…

Read more →

An Iranian hacker group has claimed to have infiltrated the networks of the Dimona nuclear facility located in Israel’s Negev desert. Israeli cybersecurity teams are diligently working to verify the authenticity of the documents allegedly leaked during this cyber incident.…

Read more →

Group-IB, a cybersecurity firm, helped INTERPOL and Brazil dismantle the Grandoreiro banking trojan operation, as their expertise in threat intelligence and investigation was key.  Malware samples collected during independent investigations in Brazil and Spain (2020-2022) were analyzed by Group-IB and…

Read more →

Recent updates for Windows Server have been linked to significant disruptions in IT infrastructure, with numerous reports of domain controllers experiencing crashes and forced reboots. The issues have been traced back to the March 2024 cumulative updates for Windows Server…

Read more →

GitHub has leaped application security by introducing a new feature that promises to revolutionize how developers address code vulnerabilities. The new tool, code scanning autofix, is now available in public beta for all GitHub Advanced Security customers, harnessing the power…

Read more →

Operational Technology (OT) is a technology that interfaces with the physical world and includes Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA), and Distributed Control Systems (DCS).  OT is different from IT in that OT prioritizes safety, reliability,…

Read more →

AndroxGh0st is a malware that specifically targets Laravel applications. The malware scans and extracts login credentials linked to AWS and Twilio from .env files. AndroxGh0st was previously classified as an SMTP cracker since it exploits SMTP using various strategies such…

Read more →

GlorySprout stealer, advertised on the XSS forum in early March 2024, is a C++ stealer sold for $300 with lifetime access and temporary payload encryption, that includes a loader, anti-CIS execution, and a non-functional grabber module.  Taurus Stealer, a C++…

Read more →

In April 2023, Microsoft announced that it would be undertaking a multi-year effort to reduce domain fragmentation among authenticated, user-facing Microsoft 365 apps and services by bringing them onto a single, consistent and cohesive domain: cloud.microsoft. This consolidation will help improve security, administration,…

Read more →

A popular WordPress plugin, Automatic (premium version), developed by ValvePress, has been found to harbor critical security vulnerabilities that put over 40,000 websites at risk. This plugin, known for its capability to create posts from various sources, including YouTube, Twitter,…

Read more →

Researchers have discovered the workings of the MalSync malware known as the “DuckTail” or “SYS01”. The analysis of the malware revealed the infection vectors, command line usage, malware capabilities, and other information. The malware seems to have a targeted approach…

Read more →

Tor Project’s Anti-Censorship Team has made a groundbreaking announcement that promises to bolster the fight against internet censorship. On the World Day Against Cyber Censorship occasion, the team proudly introduced WebTunnel, a revolutionary new type of Tor bridge. This innovative…

Read more →

In a stark warning issued by the White House, it has been revealed that cyberattacks are increasingly targeting water and wastewater systems across the United States. These critical infrastructures are essential for providing clean and safe drinking water to communities,…

Read more →

A new evasive Azorult campaign that uses HTML smuggling to deliver a malicious JSON payload from an external website.  The JSON file is then loaded using reflective code loading, a fileless technique that bypasses disk-based detection and also employs an…

Read more →

The Andariel threat group has been discovered to be using MeshAgent when attacking Korean companies. The group has previously attacked Korean Asset management solutions for installing malware, such as AndarLoader and ModeLoader.  However, MeshAgent is used alongside other remote management…

Read more →

BunnyLoader is a rapidly developing malware that can steal information, credentials, and cryptocurrencies while also delivering new malware to its victims. Since its first detection in September 2023, the BunnyLoader malware as a service (MaaS) has regularly enhanced its features.  According…

Read more →

A new campaign has been identified as DEEP#GOSU is likely linked to the Kimsuky group, and it employs a new script-based attack chain that uses numerous PowerShell and VBScript stagers to stealthily infect systems.  Its features included data exfiltration, keylogging, clipboard monitoring, dynamic…

Read more →

A renowned software documentation platform has confirmed a security breach that led to the unauthorized access of 91 GitHub tokens. This incident has raised alarms about the potential exposure of private repositories and the overall security measures to protect sensitive…

Read more →

Over 900 websites inadvertently expose over 10 million passwords, many of which are in plaintext, alongside sensitive billing information and personally identifiable information (PII) of approximately 125 million users. This massive data exposure is attributed to misconfigured Firebase instances, a…

Read more →

In a cyberattack campaign dubbed “PhantomBlu,” hundreds of employees across various US-based organizations were targeted with phishing emails masquerading as messages from an accounting service. This campaign represents a significant evolution in the tactics, techniques, and procedures (TTPs) employed by…

Read more →