Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

In a strategic move to bolster its cybersecurity capabilities, Mastercard has announced an agreement to acquire Recorded Future, a leading global threat intelligence company, for $2.65 billion. This acquisition, from Insight Partners, aims to enhance Mastercard’s existing suite of services…

Read more →

RCE attacks on WhatsUp Gold exploited the Active Monitor PowerShell Script to execute malicious code, as the vulnerabilities CVE-2024-6670 and CVE-2024-6671, patched on August 16, were leveraged to execute remote access tools and gain persistence. Despite the availability of patches,…

Read more →

Exploiting memory corruption vulnerabilities in server-side software often requires knowledge of the binary and environment, which limits the attack surface, especially for unknown binaries and load-balanced environments.  Successful exploitation is challenging due to the difficulty of preparing the heap and…

Read more →

The Iranian threat actor APT34, also known as GreenBug, has recently launched a new campaign targeting Iraqi government entities by employing a custom toolset, including a novel IIS backdoor and DNS tunneling protocol.  The malware used in this campaign shares…

Read more →

CosmicBeetle, a threat actor specializing in ransomware, has recently replaced its old ransomware, Scarab, with ScRansom, a custom-built ransomware that continues to evolve.  The threat actor has been actively targeting SMBs worldwide, exploiting vulnerabilities to gain access to their systems…

Read more →

Cody Thomas developed Apfell, an open-source macOS post-exploitation framework, in 2018 and evolved into Mythic, a cross-platform framework that addresses the limitations of existing tools.  Mythic provides a unified interface for managing agents written in various languages for different platforms,…

Read more →

SCATTERED SPIDER, a ransomware group, leverages cloud infrastructure and social engineering to target insurance and financial institutions by using stolen credentials, SIM swaps, and cloud-native tools to gain and maintain access, impersonating employees to deceive victims.  Their partnership with BlackCat…

Read more →

Phishing remains a significant concern for both individuals and organizations. Recent findings from ThreatLabz have highlighted the alarming prevalence of phishing attacks targeting major brands, with Google, Microsoft, and Amazon emerging as the top three most impersonated companies. This article…

Read more →

Researchers discovered flaws in the Autel MaxiCharger EV charger that make it potential to execute arbitrary code on the device by just placing it within Bluetooth range. The vulnerabilities tracked as CVE-2024-23958, CVE-2024-23959, and CVE-2024-23967 were identified during Pwn2Own Automotive…

Read more →

CAMO, or Commercial Applications, Malicious Operations, highlights attackers’ increasing reliance on legitimate IT tools to bypass security defenses, which can be used for various malicious activities like ransomware distribution, network scanning, lateral movement, and C2 establishment. It can mislead security…

Read more →

Siemens ProductCERT has disclosed a critical vulnerability in its Industrial Edge Management systems. The vulnerability, identified as CVE-2024-45032, poses a significant risk by allowing unauthenticated remote attackers to impersonate other devices within the system. This flaw has been rated with…

Read more →

Recent research has revealed a new Android malware targeting mnemonic keys, a crucial component for cryptocurrency wallet recovery. Disguised as legitimate apps, this malware scans devices for images containing mnemonic phrases. Once installed, it covertly steals personal data like text…

Read more →

RansomHub has recently employed a novel attack method utilizing TDSSKiller and LaZagne, where TDSSKiller, traditionally used to disable EDR systems, was deployed to compromise network defenses.  Subsequently, LaZagne was used to harvest credentials from compromised systems, which is unprecedented in…

Read more →

Adobe has issued a crucial security update for its Acrobat and Reader software on Windows and macOS platforms. This update, identified as APSB24-70, addresses multiple vulnerabilities that could allow attackers to execute arbitrary code on affected systems. The update was…

Read more →

Three Chinese state-backed threat groups, APT10, GALLIUM, and Stately Taurus, have repeatedly employed a modified version of the open-source network scanning tool NBTscan over the past decade.  NBTscan, designed for network discovery and forensics, sends NetBIOS status queries to IP…

Read more →

In August 2024, researchers detected a malicious Google Chrome browser infection that led to the distribution of LummaC2 stealer malware that utilized a drive-by download of a ZIP archive containing an MSI app packaging file, which, when executed, installed the…

Read more →

The air-gap data protection method isolates local networks from the internet to mitigate cyber threats and protect sensitive data, which is commonly used by organizations dealing with confidential information such as personal, financial, medical, legal, and biometric data.  By eliminating…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about three critical vulnerabilities currently being exploited in the wild. These vulnerabilities affect a range of widely used software and systems, posing significant risks to organizations and individuals…

Read more →

The Zengo X Research Team has uncovered a critical flaw in WhatsApp’s “View Once” feature, designed to enhance user privacy by allowing media to be viewed only once before disappearing. This flaw, now exploited in the wild, raises significant concerns…

Read more →

Charles Darwin School in Biggin Hill, London, has been forced to close its doors following a sophisticated ransomware attack temporarily. The incident has left students and parents uncertain as the school works to restore its systems and secure sensitive data.…

Read more →