Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

ANY.RUN now integrates with OpenCTI, a cyber threat intelligence platform that allows automatic enrichment of OpenCTI observations with malware data directly from ANY.RUN analysis.  Users can access indicators like TTPs, hashes, IPs, and domains without manual data source checks.  The…

Read more →

The RA World ransomware, previously known as the RA Group, has been a significant threat to organizations worldwide since its emergence in April 2023. Focusing on the healthcare and financial sectors, ransomware has predominantly targeted entities in the United States…

Read more →

The cybersecurity landscape has been shaken by the discovery that a single piece of malware, known as RedLine, has stolen over 170 million passwords in the past six months. This alarming statistic has placed RedLine at the forefront of cyber…

Read more →

Google has announced an upgrade to its Safe Browsing technology to provide Chrome users with real-time protection against phishing, malware, and other malicious sites. This enhancement is set to revolutionize how users navigate the web, ensuring safety without compromising privacy.…

Read more →

Threat actors can exploit ChatGPT’s ecosystem for several illicit purposes, such as crafting prompts to generate malicious code, phishing lures, and disinformation content. Even threat actors can exploit ChatGPT’s exceptional capabilities to craft and launch a multitude of sophisticated and…

Read more →

The operators of DarkGate successfully leveraged a patched Windows Defender SmartScreen vulnerability, identified as CVE-2024-21412, as a zero-day attack to disseminate the complex and ever-evolving DarkGate malware. The vulnerability tracked as CVE-2024-21412, with a CVSS base score of 8.1, is a Microsoft Defender…

Read more →

Viber, known for its encrypted messaging and voice services, boasts millions of users worldwide who rely on its platform for secure communication. The breach, if confirmed, represents one of the largest in recent history, potentially exposing a vast amount of…

Read more →

Hackers have been found utilizing weaponized LNK files to deploy a strain of AutoIt malware, raising alarms across the cybersecurity community. Unpacking the LNK Malware The infection chain begins with a seemingly innocuous LNK file, which, upon closer inspection, reveals…

Read more →

Organizations have many tools when investigating cyber threats, but two stand out: Threat Intelligence Platforms (TIPs) and sandboxes. Each solution provides distinct advantages, yet combining their capabilities can lead to a more practical approach to detecting, analyzing, and responding to…

Read more →

Threat actors have been observed hosting phishing documents on legitimate digital document publishing (DDP) sites as part of continuous session harvesting and credential attempts.  Since DDP sites are unlikely to be blocked by web filters, have a good reputation, and…

Read more →

Microsoft Copilot for security was a generative AI solution that can help security and IT professionals handle their security operations much more efficiently. This was claimed to be the industry’s first generative AI solution for strengthening an organization’s security expertise. …

Read more →

A federal jury in Washington, D.C., has convicted Roman Sterlingov, a dual Russian-Swedish national, for operating the notorious darknet cryptocurrency mixer, Bitcoin Fog. This service, which has operated since 2011, facilitated the laundering of approximately $400 million in cryptocurrency, marking…

Read more →

The “State of the UAE—Cybersecurity Report 2024,” a collaborative effort by the UAE Cyber Security Council and CPX Holding, has released the United Arab Emirates (UAE) cybersecurity landscape. The report presents a detailed examination of the cyber threats that the…

Read more →

Hackers target these platforms due to their hosting of valuable resources and data. For financial gain or some other bad motive, the hackers intrude on these platforms to steal data, deploy malicious software, or launch other cyber attacks. Cybersecurity analysts…

Read more →

Organizations using SAP products are urged to prioritize patching vulnerabilities outlined in the latest SAP Security Notes, which was released on 12th March 2024 on SAP Security Patch Day. SAP Security Notes are official communications from SAP that detail newly…

Read more →

Fortinet has disclosed a critical vulnerability in its FortiOS and FortiProxy captive portal systems, potentially allowing attackers to execute arbitrary code through specially crafted HTTP requests. This revelation underscores the ongoing challenges in safeguarding digital infrastructures against sophisticated threats. Technical…

Read more →

Threat actors use malicious PyPI packages to infiltrate systems and execute various attacks like data exfiltration, ransomware deployment, or system compromise.  By masquerading as legitimate Python libraries all these packages can easily bypass security measures.  This allows it to infect…

Read more →

The Stanford University data breach involved a ransomware attack by the Akira ransomware gang. The breach occurred between May 12, 2023, and September 27, 2023, with the university discovering the attack on September 27, 2023. The compromised information varied but…

Read more →

In the wake of the LockBit ransomware group’s takedown, a shift has occurred within the cybercriminal underworld, leading to a sharp rise in activities by the Akira ransomware collective. This group, known for its sophisticated attacks, particularly against healthcare entities…

Read more →

The Andariel threat group was observed conducting persistent attacks against domestic businesses, specifically installing MeshAgent for remote screen control while conducting the attack. MeshAgent collects basic system information for remote management and performs activities such as power and account management,…

Read more →