Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

To raise awareness of the ALPHV Blackcat ransomware as a service (RaaS) that targets the US healthcare industry, the FBI, CISA, and the Department of Health and Human Services (HHS) have collaborated to release a joint Cybersecurity Advisory (CSA). To get…

Read more →

In the ever-evolving landscape of cybersecurity threats, a new variant of the AMOS (Atomic) Stealer malware has emerged, targeting macOS users with sophisticated techniques to steal sensitive information. Bitdefender’s recent analysis sheds light on this alarming development, revealing the malware’s…

Read more →

In a significant cybersecurity incident, loanDepot, a prominent player in the loan and mortgage industry, announced a data breach that potentially compromised the sensitive personal information of approximately 16.9 million individuals. This breach, identified in early January 2024, has raised…

Read more →

Cybersecurity experts have raised alarms as a new version of the notorious WarZone Remote Access Trojan (RAT) has been spotted being advertised on various hacking forums. The latest iteration, known as WarZone RAT v3, boasts enhanced features and capabilities, making…

Read more →

Cybersecurity experts have raised alarms over a new threat vector targeting Python developers: typo-squatting on the Python Package Index (PyPI). The notorious Lazarus group, known for its cyber espionage and sabotage activities, has been implicated in the release of malicious…

Read more →

Cybersecurity experts have raised alarms over a new threat vector targeting Python developers: typo-squatting on the Python Package Index (PyPI). The notorious Lazarus group, known for its cyber espionage and sabotage activities, has been implicated in the release of malicious…

Read more →

Researchers from ANY.RUN reported a new wave of DCRat malware, known for its wide array of harmful functions, selling the membership for the low cost of $5. The detailed report covers the distribution, dynamic, and static analysis of DCRat, also…

Read more →

Hackers have exploited a vulnerability in a 14-year-old Content Management System (CMS) editor, FCKeditor, to launch SEO poisoning attacks against government and educational websites worldwide. This campaign has compromised numerous sites, redirecting unsuspecting users to malicious or scam websites through…

Read more →

FortiGuard Labs has released a report detailing the emergence and impact of the Abyss Locker ransomware, which has been targeting Microsoft Windows and Linux platforms. Abyss Locker, believed to be based on the HelloKitty ransomware source code, has been stealing…

Read more →

Attackers have been using keywords like “remittance” and “receipts” to spread phishing scripts using Telegram to steal user data indiscriminately. In the past, phishing script files were disseminated using various strategies and techniques, like asking users to log in before…

Read more →

Four new vulnerabilities have been discovered in some of the Zyxel Firewall and access point (AP) versions that are associated with Denial of Service, OS Command Injection, and Remote code execution. These vulnerabilities have been assigned with CVE-2023-6397, CVE-2023-6398, CVE-2023-6399,…

Read more →

The current large surge in cyber threats has left many organizations grappling for security so ThreatHunter.ai is taking decisive action. Recognizing the critical juncture at which the digital world stands, ThreatHunter.ai is now offering their cutting-edge cybersecurity services free of…

Read more →

A critical security flaw has been identified in the Ultimate Member plugin for WordPress, which could potentially put over 200,000 websites at risk. The vulnerability was discovered by Christiaan Swiers and reported through the Wordfence Bug Bounty Program, earning him…

Read more →

ConnectWise, a prominent software company, issued an urgent security bulletin on February 19, 2024, revealing two significant vulnerabilities in its self-hosted ScreenConnect servers. These vulnerabilities were initially reported on February 13 through a vulnerability disclosure program and were not actively…

Read more →

PIKABOT is a polymorphic malware that constantly modifies its code, making it hard to recognize and easily bypasses the Endpoint Detection and Response (EDR) systems.  Obfuscation, encryption, and anti-analysis techniques help the object avoid these traditional security measures.  PIKABOT is…

Read more →

It has come to light that a group known as Anonymous Sudan is actively promoting a new Distributed Denial of Service (DDoS) botnet service named “Skynet-GodzillaBotnet.” An advertisement circulating online showcases a red dragon logo with the word “SKYNET.” The…

Read more →

It has come to light that a group known as Anonymous Sudan is actively promoting a new Distributed Denial of Service (DDoS) botnet service named “Skynet-GodzillaBotnet.” An advertisement circulating online showcases a red dragon logo with the word “SKYNET.” The…

Read more →

Scattered Spider is a threat group responsible for attacking several organizations since May 2022 by using techniques like social engineering, ransomware, extortion, SIM Swapping and many other tactics. There were also reports that this threat group was affiliated with the…

Read more →

In a significant escalation of cyber threats, the 8220 Gang, a notorious Chinese-based hacker group, has intensified its attacks on cloud-based infrastructure, targeting both Linux and Windows users to mine cryptocurrency. This latest campaign, from May 2023 through February 2024, marks a concerning advancement in the group’s tactics and poses a heightened risk to cloud security worldwide.…

Read more →

Concerning a development for organizations leveraging Apache’s big-data solutions, a new variant of the Lucifer DDoS botnet malware targeting Apache Hadoop and Apache Druid servers has been identified. This sophisticated malware campaign exploits existing vulnerabilities and misconfigurations within these systems…

Read more →