Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

A new flaw has been discovered in DNSSEC, which, when exploited by threat actors, could result in the unavailability of technologies such as web browsing, email, and instant messaging. This new class of attacks has been termed “KeyTrap” by researchers. …

Read more →

As part of its February 2024 Patch Tuesday updates, Microsoft has published patches to address 73 security flaws, including two zero-day vulnerabilities that have been actively exploited. Five of the 73 vulnerabilities are classified as ‘Critical’, 65 as ‘Important’, and…

Read more →

Threat actors exploit HijackLoader because it is a powerful tool for injecting malicious code into legitimate processes, enabling stealthy execution of payloads.  This technique helps them to evade detection by leveraging trusted applications to carry out malicious activities.  This scenario…

Read more →

Thorough, independent tests are vital as cybersecurity leaders and their teams evaluate vendors’ abilities to guard against increasingly sophisticated threats to their organizations. And perhaps no assessment is more widely trusted than the annual MITRE Engenuity ATT&CK Evaluations: Enterprise. This evaluation…

Read more →

A critical security update for both Windows and macOS is available for Adobe Acrobat and Reader.  Per Adobe, this update fixes serious vulnerabilities that could lead to arbitrary code execution, application denial-of-service, and memory leaks. Document Live Account Takeover Attack…

Read more →

ZLoader is a banking Trojan malware that steals sensitive financial information from infected systems. Threat actors exploit this malware to conduct a multitude of illicit activities. This malware is often distributed through phishing emails or malicious websites, allowing the threat…

Read more →

Hunter-Killer is a sophisticated type of malware primarily designed to actively seek out and neutralize other malware present on a system.  It operates by identifying and removing competing threats that potentially pose a serious risk to the security and privacy…

Read more →

Following the FBI’s shutdown of Qakbot infrastructure in August 2023, security analysts at EclecticIQ observed a surge in the use of the DarkGate loader. EclecticIQ believes DarkGate is primarily in the hands of financially motivated groups like TA577 and Ducktail…

Read more →

Threat actors are distributing Revenge RAT malware, developed using legitimate tools like “smtp-validator” and “Email to SMS.” When executed, the malware runs a malicious file and a legitimate tool, making it difficult for users to know there is malicious activity.…

Read more →

An ongoing campaign of cloud account takeover has affected hundreds of user accounts, including those of senior executives, and impacted dozens of Microsoft Azure environments. Threat actors attack users with customized phishing lures inside shared documents as part of this…

Read more →

Threat actors target financial institutions due to the potential for significant financial gains and access to sensitive customer data. These entities are attractive targets for threat actors seeking lucrative opportunities and avenues for money laundering, fraud, and ransom.  While successfully…

Read more →

Despite not being 0-day or even 1-day vulnerabilities, three well-known and outdated CVEs in Microsoft Word and Excel continue to pose a threat to the cybersecurity industry. In these three CVEs, researchers found several connections, including technical tricks to conceal the harmful…

Read more →

Despite not being 0-day or even 1-day vulnerabilities, three well-known and outdated CVEs in Microsoft Word and Excel continue to pose a threat to the cybersecurity industry. In these three CVEs, researchers found several connections, including technical tricks to conceal the harmful…

Read more →

Phishing has been one of the primary methods threat actors use for impersonating individuals or brands with a sense of urgency that could result in private information being entered on a malicious URL. Phishing has been set with several preventive…

Read more →

Federal authorities have dismantled a major malware operation, seizing online marketplaces and being involved in its sale and support.  This international effort targeted a service known as “Warzone RAT,” a powerful tool cybercriminals use to remotely access and steal data…

Read more →

Customers of ExpressVPN have been notified of a vulnerability in the most recent version of the Windows app that permitted some DNS requests to be routed to a third-party server, usually the user’s internet service provider (ISP). After a reviewer…

Read more →

A network of at least 123 websites based in the People’s Republic of China that posed as local news outlets in 30 countries across Europe, Asia, and Latin America.  The websites are disseminating pro-Beijing falsehoods and ad hominem attacks together…

Read more →

The Roaming Mantis threat group distributes a well-known Android malware family called “MoqHao.” This malware family has been previously reported to be targeting Asian countries such as Korea and Japan. Though the distribution method remains the same, the new variants…

Read more →

Mandiant and VMware recently uncovered a sophisticated cyber espionage campaign. The attackers, a Chinese group identified as UNC3886, leveraged a known vulnerability in VMware software (CVE-2023-34048) to maintain access to the targeted systems for over a year. This case highlights…

Read more →

The United States State Department has recently revealed a $10 million reward for any valuable information that could lead to the detection or whereabouts of the principal members of the Hive ransomware gang. Following that, the State Department has announced…

Read more →