Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Ransomware is a tool that hackers use to extort money from their targets like individuals, businesses, and governments. The malware encrypts the target’s data and demands payment to unlock it. This malicious strategy increases the possibility of payment by giving…

Read more →

Hackers in India are using fake loan applications to target Android users to take advantage of the rising demand for digital financial services by enticing consumers with instant credit offers. These malicious apps often steal personal and financial information, which…

Read more →

Since office documents are often used in business communications, hackers take advantage of this fact to disseminate malicious malware easily. Hackers can mislead users into unintentionally activating malware by hiding it in documents that appear to be safe, which gives…

Read more →

To maintain access to compromised networks, hackers use specialized hacking tools. Such tools help the threat actors evade the detection mechanisms and maintain control over the compromised system. This unauthorized access enables the threat actors to extract sensitive information from…

Read more →

Two malicious npm packages were discovered on the npm open source package manager, which leverages GitHub to store stolen Base64-encrypted SSH keys obtained from developer systems that installed the malicious npm packages. In recent weeks, two suspicious npm packages, namely warbeast2000…

Read more →

VexTrio, a cybercrime syndicate with a history dating back to at least 2017, has been implicated in nefarious activities utilizing a sophisticated dictionary domain generation algorithm (DDGA).  Their malicious campaigns encompass scams, riskware, spyware, adware, potentially unwanted programs (PUPs), and…

Read more →

Hackers use supply chain attacks to breach a target by gaining access to and taking advantage of weaknesses in the vendor, partner, or supplier network. Threat actors can enter the target firm by distributing malware, influencing software upgrades, and gaining…

Read more →

Penetration Testing Companies are pillars when it comes to information security; nothing is more important than ensuring your systems and data are safe from unauthorized access; many organizations have a flawed security culture, with employees motivated to protect their information…

Read more →

In the murky depths of the digital world lurks a cunning predator – Parrot TDS, a cyber campaign that has flown under the radar for years, leaving a trail of compromised websites and vulnerable users in its wake.  Parrot TDS…

Read more →

A PyPI malware author identified as “WS” was discovered by researchers to be covertly uploading malicious packages to PyPI that were impacting both Windows and Linux devices.  Over time, the malware author distributes multiple information-stealing packages into the PyPI library, each with unique…

Read more →

Hackers target cybersecurity professionals as successfully compromising their systems or gaining access to their credentials provides a gateway to valuable information and tools. Besides this, gaining control over cybersecurity professionals’ systems could be a strategic move to disrupt or evade…

Read more →

In a brazen act of digital deception, the U.S. Securities and Exchange Commission’s (SEC) official Twitter account, @SECGov, was compromised on January 9th, 2024.  This wasn’t just a prank; it sent shockwaves through the financial world, momentarily igniting a frenzy…

Read more →

Threat actors have been using several methods for credential stealing, which varies based on the environment and infrastructure of the system. Most of the time, the threat actors dump the LSASS process to extract the account credentials. For this, tools…

Read more →

SSH or Secure Shell is a cryptographic network protocol that enables secure communication and remote access over an unsecured network.  This network protocol is widely used for secure command-line login, file transfers, and tunneling of other protocols. It provides a…

Read more →

Similar to ZuRu malware, a new malware has been found embedded in pirated macOS applications, which downloads and executes several payloads to compromise devices in the background. Specifically, these apps are hosted on Chinese pirate websites to entice more victims.…

Read more →

DarkGate is a type of malware that employs Auto-It compiled loaders that cause a considerable threat because of its advanced evasion strategies and persistence within compromised systems. By using obfuscated AutoIt scripting and multi-stage payloads, the malware makes it more difficult to identify using conventional…

Read more →

A new Outlook vulnerability that can be used to extract NTLMv2 hashes by exploiting Outlook, Windows Performance Analyzer (WPA), and Windows File Explorer has been identified. This vulnerability has been assigned with CVE-2023-35636, and the severity has been given as…

Read more →

Hackers exploit UEFI flaws to gain unauthorized access to a system’s firmware, enabling them to implant persistent malware or manipulate the boot process. This provides a stealthy entry point that allows attackers to bypass traditional security measures and maintain control…

Read more →

Malicious cyber incidents, such as ransomware and unauthorized access, have affected the Water and Wastewater Sector (WWS) in the past few years. Particularly, ransomware is a common tactic cybercriminals use to target WWS utilities. Cyber threat actors target the WWS…

Read more →

The allure of NFTs, those shimmering digital tokens holding unique artworks and promises of fortune, has captivated the world.  But amidst the buzz lurks a sinister shadow: the NFT scam.  Recently, Check Point Research exposed a sophisticated airdrop scam targeting…

Read more →