Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

In the analysis by Trendmicro, they dissect the recent maneuvers of this advanced persistent threat (APT) actor, shedding light on its unyielding repetition of tactics and the intricate dance between its seemingly unsophisticated campaigns and the concealed sophistication within. Known…

Read more →

The Grandoreiro, a criminal organization that uses banking malware to commit electronic banking fraud against Spain, Mexico, Brazil, and Argentina, has been seized by authorities. It’s been operating since 2017. Through fraudulent actions, the criminal group is believed to have…

Read more →

Ransomware has been one of the top threats to organizations, contributing several millions of dollars to multiple organizations worldwide. Most of these ransomware operators infiltrate the systems, steal sensitive data, and lock the systems with ransomware. There have been a…

Read more →

Mercedes-Benz has been reported to have leaked its source code due to a GitHub token leak from an organization employee. This particular leak was identified during an internet scan from a research team, revealing a GitHub repository holding this information.…

Read more →

Email hijacking occurs when cybercriminals gain unauthorized access to an individual’s or organization’s email account, it continues to pose a significant threat in the digital world. This security incident has the potential to result in unauthorized access and misuse of…

Read more →

The Trigona ransomware threat actor has been observed engaging in new activities, such as installing Mimic malware that targets MS-SQL servers.  MS-SQL servers’ Bulk Copy Program (BCP) feature is abused during the malware installation process. The BCP utility bcp.exe is…

Read more →

In the murky depths of the digital underworld, a tale unfolds: the rise and fall of “King Bob,” a moniker masking 19-year-old Noah Michael Urban, a Florida man entangled in a web of cybercrime.  An investigation revealed the accused’s role…

Read more →

It was previously reported that Jenkins was discovered with a new critical vulnerability, which was associated with unauthenticated arbitrary file reads that can be utilized by threat actors to read sensitive files on the server. The CVE was mentioned as…

Read more →

It was previously reported that Jenkins was discovered with a new critical vulnerability, which was associated with unauthenticated arbitrary file reads that can be utilized by threat actors to read sensitive files on the server. The CVE was mentioned as…

Read more →

Peach Sandstorm APT targets defense contractors globally via the FalseFont Backdoor, which can access remote systems and exfiltrate data. In this campaign, the malware offers the user a realistic user interface and behavior while posing as a legitimate application from US Defense…

Read more →

Researchers discovered an Office document with a VBA script intended to spread the Phobos ransomware known as FAUST. The FAUST version can sustain persistence in a given environment and generates multiple threads for efficient execution.  A well-known family of malicious…

Read more →

GitLab releases security updates addressing several critical vulnerabilities, urging all users to upgrade immediately. This release is crucial for ensuring the security of GitLab instances, as it patches vulnerabilities that could allow attackers to: Document Run Free ThreatScan on Your…

Read more →

In an era where online threats no longer discriminate by business size, Control D, powered by Windscribe VPN‘s robust security expertise, announced today the launch of ‘Control D for Organizations‘. This cutting-edge DNS service brings cybersecurity within reach for businesses…

Read more →

Jenkins has been discovered with a critical vulnerability that is associated with arbitrary code execution that threat actors can exploit for malicious purposes. The vulnerability is tracked as CVE-2024-23898, and the severity is yet to be categorized. However, Jenkins has…

Read more →

Vladimir Dunaev, a resident of Amur Blast and aged 40, has confessed to creating and distributing Trickbot malware. The purpose of the malware was to launch cyberattacks against various American hospitals and companies. Trickbot has a collection of malware tools…

Read more →

Chief Information Security Officers (CISOs) hold a critical and challenging role in today’s rapidly evolving cybersecurity landscape. Here are the common security challenges CISOs face. As organizations increasingly rely on technology to drive their operations, CISOs face complex security challenges…

Read more →

In order to obtain unauthorized access and control, hackers take advantage of software vulnerabilities by manipulating updates. By corrupting the updates, hackers can disseminate malware, compromise user data, and build backdoors for future attacks. This enables hackers to compromise a…

Read more →

An extensive examination of the growing danger posed by the Pure malware family has been released, providing the industry with more insightful information about PureCrypter, PureLogs, and PureMiner. ANY. RUN has disclosed that Pure tools are disguised as legitimate software designed…

Read more →

Researchers have discovered a new loophole in Google Kubernetes Engine (GKE), which threat actors can utilize with a Google account to take over the misconfigured Kubernetes Cluster.  Threat actors can further use these compromised clusters for crypto mining, DoS (denial…

Read more →

The digital landscape is under siege. Surging browser-based phishing attacks, a 198% increase in just the second half of 2023, paint a chilling picture of cyber threats outsmarting traditional security.  Menlo Security’s 2023 State of Browser Security Report unveils this…

Read more →