Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

BitLocker is a computer program provided by Microsoft that users can use to encrypt their entire volumes, preventing unauthorized access in case of device theft. Many organizations have been using this security feature to prevent data theft, stolen devices leading…

Read more →

Cisco released patches to address multiple vulnerabilities in the Cisco Expressway Series that might allow an attacker to do arbitrary operations on a vulnerable device. Cisco Expressway Series includes Cisco Expressway Control (Expressway-C) and Cisco Expressway Edge (Expressway-E) devices. “Multiple…

Read more →

A new malware called Ov3r_Stealer was found to be intended for stealing cryptocurrency wallets and passwords and then sending them to a Telegram channel that the threat actor maintains. Identified early in December, the malware was spread via a Facebook advertisement for…

Read more →

A recent massive operation by INTERPOL, which happens to be the biggest international police organization in the world, has successfully targeted the underlying infrastructure behind malicious activities such as phishing, malware, and ransomware attacks. The operation is a significant step…

Read more →

Ivanti has disclosed two new zero-day vulnerabilities assigned with CVE-2024-21888 and CVE-2024-21893 in the products Ivanti Connect Secure and Ivanti Policy Secure. The vulnerability (CVE-2024-2188) exists in Ivanti Connect Secure and Ivanti Policy Secure web components, allowing a threat actor…

Read more →

A critical security vulnerability was detected in TeamCity On-Premises, tagged as CVE-2024-23917, with a CVSS score of 9.8. An unauthenticated attacker with HTTP(S) access to a TeamCity server may bypass authentication procedures and take administrative control of that TeamCity server if the…

Read more →

An intrusion set called FIN7 has been known to be operating since 2015 and is composed of Russian-speaking members. This threat group also pretends to be a company that recruits IT experts to hide their illegal activities.  Targets of this…

Read more →

Indicators of Compromise (IOCs) are the fuel that powers our cybersecurity defenses and keeps them effective. The most sought-after source of these indicators is malware configurations. Accessing them is equal to exposing the attacker’s playbook. Hence, thousands of analysts spend…

Read more →

Cybercriminals use email phishing as one form of cybercrime to deceive victims into disclosing personal information like passwords, credit card details, or Social Security numbers.  To accomplish this, they send emails that seem to be from reliable sources, like banks,…

Read more →

On November 23, 2023, Cloudflare detected a threat actor on the self-hosted Atlassian server. The attack was initiated using a single stolen access token and three compromised service account credentials, which were kept the same after the Okta compromise in…

Read more →

The Black Hunt ransomware has recently become a significant threat to the cybersecurity landscape. This malicious software has already wreaked havoc on around 300 companies in Paraguay, causing significant damage and disruption to their operations. The impact of this ransomware…

Read more →

Four new vulnerabilities have been identified in containers that could allow a threat actor to escape the container and gain access to the host system. These vulnerabilities have been named “Leaky Vessels” by researchers that could potentially enable a threat…

Read more →

When we talk about the cloud, it’s not just a matter of data drifting weightlessly in some digital ether. The cloud environment is more like a bustling cityscape, with new buildings popping up every day. This expansion is often referred…

Read more →

A new variant of Mispadu stealer has been identified by researchers, which specifically targets victims in Mexico. This variant of Mispadu stealer utilizes the Windows SmartScreen vulnerability CVE-2023-36025, to download and execute malicious payloads on the system.  Mispadu stealer is…

Read more →

A new large-scale campaign named “ApateWeb ” has been discovered, which uses over 130,000 domains to deliver scareware, potentially unwanted programs, and other scam pages. Threat actors use deceptive emails to lure victims into their malicious websites and redirect them…

Read more →

Twelve malicious Android espionage applications have been discovered by researchers, with all of them executing a remote access trojan (RAT) code known as VajraSpy. Six of them were discovered to be available on Google Play Store, whereas the other six…

Read more →

The FritzFrog botnet, originally identified in 2020, is an advanced peer-to-peer botnet built in Golang that can operate on both AMD and ARM-based devices. With constant updates, the malware has developed over time, adding and enhancing features. A new strain…

Read more →

Discovering a clandestine and potent menace, Aqua Nautilus researchers have brought to light the HeadCrab, an advanced threat actor wielding bespoke malware targeting Redis servers globally.  Redis, an open-source, in-memory data structure store, serves as the unsuspecting battleground for the…

Read more →

Two new zero-day vulnerabilities have been discovered in Ivanti Connect Secure and Ivanti Policy Secure products that are assigned with CVE-2024-21888 and CVE-2024-21893. Additionally, one of the vulnerabilities (CVE-2024-21893) has been reported to be exploited by threat actors in the…

Read more →

The ANY.RUN sandbox has now been updated with support for Linux, further enhancing its ability to provide an isolated and secure environment for malware analysis and threat hunting. This newly added feature will enable security analysts to investigate and simulate…

Read more →