Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Hackers often target Linux SSH servers due to their widespread use in hosting critical services, and the following loopholes make them vulnerable, providing opportunities to hackers for unauthorized access and potential exploitation:- Cybersecurity researchers at AhnLab Security Emergency Response Center…

Read more →

In the shadowy realm of commercial spyware, the spotlight turns to the notorious Intellexa spyware and its Predator/Alien solution, as dissected by Cisco Talos in their comprehensive May 2023 report.  This expose navigates the labyrinthine intricacies and disconcerting features of…

Read more →

Hackers use PowerShell commands because they provide a powerful scripting environment on Windows systems, allowing them to stealthily execute malicious scripts and commands called Operation RusticWeb.  While besides this, the PowerShell’s capabilities make it an attractive tool for gaining:- Cybersecurity…

Read more →

Due to the widespread use and popularity of Windows and macOS, threat actors often target these platforms.  Windows is a common target because it dominates the global operating system market, while macOS is targeted because of its majority among:- Recently,…

Read more →

It has been reported that malicious individuals are utilizing a malware called Agent Tesla to target Microsoft Office users using versions affected by CVE-2017-11882 XLAM. This malware is taking advantage of a remote code execution vulnerability in Equation Editor, which…

Read more →

Threat actors engage in cyberespionage to gain the following advantages:- Hackers do so by stealing the following key things from the targeted organizations or nations:- Cybersecurity researchers at ESET recently identified that new OilRig downloaders are abusing Microsoft Cloud APIs…

Read more →

In the dynamic realm of IT, HCL Technologies, the Noida-based juggernaut, recently found itself navigating choppy digital waters.  The revelation of a targeted ransomware incident within an isolated cloud environment created industry ripples, yet the company’s adept response and ongoing…

Read more →

Predator, a bot protection tool designed to fight against bots and crawlers, has now been found to be abused by threat actors for malicious purposes. Threat actors have been using phishing emails with malicious links to lure users into a…

Read more →

Web injections involve injecting malicious code into websites to manipulate content or redirect users to fraudulent sites.  Threat actors use this technique to steal sensitive information, such as:- Cybersecurity researchers at Security Intelligence recently identified that hackers hijacked the banking…

Read more →

In a groundbreaking initiative spanning 34 countries, INTERPOL orchestrates Operation HAECHI IV, a relentless assault on online financial crime, yielding a formidable impact. Interpol, short for the International Criminal Police Organization, is a global entity dedicated to fostering international police…

Read more →

Sidewinder APT group’s sophisticated threat landscape reveals a skilled and persistent threat targeting the Nepalese Government entities.  Their focus extends to South Asian governments, with researchers also identifying a recent complex attack on Bhutan. Cybersecurity researchers at Cyfirma recently identified…

Read more →

Recently, the Cybersecurity and Infrastructure Security Agency (CISA) has requested technology device manufacturers to take measures to eliminate default passwords due to the threats posed by IRGC actors. This step has been taken to ensure the security of tech devices…

Read more →

SMTP (Simple Mail Transfer Protocol) smuggling is a technique where attackers exploit the inconsistencies in how proxy servers or firewalls analyze and handle the SMTP traffic.  Threat actors can smuggle malicious payloads or evade detection by exploiting these inconsistencies. This…

Read more →

Attackers have been exploiting the Apache ActiveMQ Vulnerability (CVE-2023-46604) to steal data and install malware constantly. Using the Apache ActiveMQ remote code execution vulnerability, the Andariel threat group was found to be installing malware last month. Their primary targets are national…

Read more →

QakBot (aka Qbot) primarily targets financial institutions since it is a sophisticated banking trojan and malware. This malware can facilitate more malicious acts, such as the following, by infecting Windows systems and stealing confidential data, such as banking credentials:- Besides…

Read more →

3CX, a VoIP communications firm, has advised customers to disable SQL Database integrations due to the risks posed by a potential vulnerability. A SQL Injection vulnerability in 3CX CRM Integration has been identified as CVE-2023-49954. An attacker can manipulate an application’s database…

Read more →

The 8220 hacker group, which was first identified in 2017 by Cisco Talos, is exploiting both Windows and Linux web servers with crypto-jacking malware. One of their recent activities involved the exploitation of Oracle WebLogic vulnerability (CVE-2017-3506) and Log4Shell (CVE-2021-44228).…

Read more →

Goodbye, third-party cookies. Hello, Tracking Protection!  Chrome, the world’s most popular browser, is taking a major step toward a privacy-first web with the launch of its Tracking Protection feature.  Starting January 4th, this limited rollout marks a turning point in Google’s…

Read more →

Threat actors target Linux systems due to their prevalence in server environments, and cron jobs offer a discreet means of maintaining unauthorized access over an extended period. Kaspersky experts discovered “NKAbuse,” a versatile malware using NKN tech for peer data…

Read more →

Recently, there has been a rise in incidences of hackers using “Remote Administration Tools” to control the infected system and bypass protection technologies. Remote administration tools are software that allows managing and controlling terminals from a remote location.  The tools can…

Read more →