Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

PetSmart, Inc. is a renowned retail chain operating in the United States, Canada, and Puerto Rico. It offers a comprehensive range of pet products and services such as pet supplies, grooming, training, and in-store adoptions. PetSmart prides itself on being…

Read more →

The National Security Agency (NSA) issued a Cybersecurity Information Sheet (CSI) that discusses limiting adversary lateral movement within an organization’s network to access sensitive data and vital systems. This offers instructions on how to use Zero Trust principles to strengthen internal…

Read more →

Ransomware attacks remain a formidable challenge for organizations worldwide. These attacks not only encrypt critical data, rendering it inaccessible to the rightful owners but increasingly involve the exfiltration of sensitive information.  This dual-threat approach amplifies the potential damage, as attackers…

Read more →

Apple releases emergency fixes to address two new zero-day vulnerabilities in iOS that impact iPhones. The two zero-day vulnerabilities were discovered in RTKit, tracked as CVE-2024-23296, and the iOS Kernel, tracked as CVE-2024-23225. If exploited by an attacker with kernel…

Read more →

A critical vulnerability in OpenNMS, a widely used network monitoring solution, has been identified, allowing attackers to inject malicious JavaScript payloads through a Cross-Site Scripting (XSS) flaw. This vulnerability, tracked as CVE-2023-0846, has raised significant concerns due to its potential…

Read more →

American Express has recently notified its customers of a data breach involving a third-party service provider, marking a security incident that has potentially compromised customer information. This breach underscores the vulnerabilities that can arise from third-party partnerships, even when a…

Read more →

QEMU is an open-source platform that provides a secure and private virtualized space for trying out malicious codes, exploits, and attacks on their own environments.  ⁤This controlled testing ground minimizes the risk of detection and legal matters. ⁤⁤ Moreover, QEMU…

Read more →

A prominent cybersecurity technology creator, has released its latest report, “Hi-Tech Crime Trends 2023/2024,” highlighting critical global cyber threats. The report reveals a concerning trend where over 225,000 compromised ChatGPT credentials are being sold on dark web markets, posing security…

Read more →

Hackers use weaponized calendar invites to exploit vulnerabilities in email systems, tricking users into clicking on malicious links or downloading malware disguised as event attachments.  By leveraging trust in calendar invitations, threat actors increase the likelihood of successful phishing attacks…

Read more →

A threat actor has been identified as creating fraudulent Skype, Google Meet, and Zoom websites to distribute malware, explicitly targeting Android and Windows users. This article delves into the details of this malicious campaign and explains how users can identify…

Read more →

Hackers launch large-scale DDoS attacks to disrupt and make online services inaccessible, driven by motives like revenge or protest, flooding targets with massive amounts of traffic to disable websites. Recently, the cybersecurity researchers at Sekoia identified that the Russian hacker…

Read more →

Hackers have been found exploiting a vulnerability in a WordPress Plugin 3DPrint Lite(CVE-2021-4436) to deploy the notorious Godzilla Web Shell. This malicious activity significantly threatens website security and data integrity, prompting concerns among cybersecurity experts and website administrators worldwide. Cybercriminals…

Read more →

In cybersecurity, the battle against malware is critical, akin to handling dangerous pathogens. The importance of secure environments for analyzing malware cannot be overstated, and this is where sandboxes play a pivotal role. ANY.RUN, a cloud interactive malware sandbox, is…

Read more →

The Federal Bureau of Investigation (FBI) has successfully seized a website associated with the ALPHV BlackCat ransomware group. The seizure was part of a coordinated law enforcement action targeting the notorious ransomware operation. The operation was a collaborative effort involving…

Read more →

Threat actors use hacked domain control to host malicious content by leveraging legitimate domains to evade detection by security measures.  Anti-AV tactics are employed to bypass the antivirus software and tools that enable the execution of malicious code without detection.…

Read more →

Threat actors known as CACTUS orchestrated a sophisticated attack on two companies simultaneously, exploiting a software vulnerability within 24 hours of its disclosure. This coordinated ransomware attack highlighted organizations’ growing risks in the digital landscape. The attack involved intricate steps,…

Read more →

Researchers have discovered a new backdoor named GTPDOOR that targets telecommunication network systems within the closed GRX network, which connects multiple telecommunication network operators.  The GRX network is a closed network that connects individual network operators from various telecom companies. …

Read more →

Meta, the company that owns WhatsApp, filed a lawsuit against NSO Group in 2019. The lawsuit claims that NSO took advantage of a vulnerability in WhatsApp to install the Pegasus spyware on certain user devices without their permission. This means…

Read more →

Threat actors employ phishing scams to trick individuals into giving away important details like login credentials or financial data.  It is a method of cheating human confidence due to social engineering, making it cheap and hence widely used as a…

Read more →

The Middle East and Africa (MEA) region has witnessed a surge in ransomware-as-a-service (RaaS) attacks, posing a grave threat to digital security. This comprehensive report delves into the key findings, attack trends, the impact on businesses, and the crucial preventive…

Read more →