Cody Thomas developed Apfell, an open-source macOS post-exploitation framework, in 2018 and evolved into Mythic, a cross-platform framework that addresses the limitations of existing tools. Mythic provides a unified interface for managing agents written in various languages for different platforms,…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New Developer-As-A-Service In Hacking Forums Empowering Phishing And Cyberattacks
SCATTERED SPIDER, a ransomware group, leverages cloud infrastructure and social engineering to target insurance and financial institutions by using stolen credentials, SIM swaps, and cloud-native tools to gain and maintain access, impersonating employees to deceive victims. Their partnership with BlackCat…
Hackers Mimic Google, Microsoft & Amazon Domains for Phishing Attacks
Phishing remains a significant concern for both individuals and organizations. Recent findings from ThreatLabz have highlighted the alarming prevalence of phishing attacks targeting major brands, with Google, Microsoft, and Amazon emerging as the top three most impersonated companies. This article…
Researchers Hacked Car EV Chargers To Execute Arbitrary Code
Researchers discovered flaws in the Autel MaxiCharger EV charger that make it potential to execute arbitrary code on the device by just placing it within Bluetooth range. The vulnerabilities tracked as CVE-2024-23958, CVE-2024-23959, and CVE-2024-23967 were identified during Pwn2Own Automotive…
Threat Actors Exploiting Legitimate Software For Stealthy Cyber Attacks
CAMO, or Commercial Applications, Malicious Operations, highlights attackers’ increasing reliance on legitimate IT tools to bypass security defenses, which can be used for various malicious activities like ransomware distribution, network scanning, lateral movement, and C2 establishment. It can mislead security…
Siemens Industrial Edge Management Vulnerable to Authorization Bypass Attacks
Siemens ProductCERT has disclosed a critical vulnerability in its Industrial Edge Management systems. The vulnerability, identified as CVE-2024-45032, poses a significant risk by allowing unauthenticated remote attackers to impersonate other devices within the system. This flaw has been rated with…
New Android Spyware As TV Streaming App Steals Sensitive Data From Devices
Recent research has revealed a new Android malware targeting mnemonic keys, a crucial component for cryptocurrency wallet recovery. Disguised as legitimate apps, this malware scans devices for images containing mnemonic phrases. Once installed, it covertly steals personal data like text…
New RansomHub Attack Killing Kaspersky’s TDSSKiller To Disable EDR
RansomHub has recently employed a novel attack method utilizing TDSSKiller and LaZagne, where TDSSKiller, traditionally used to disable EDR systems, was deployed to compromise network defenses. Subsequently, LaZagne was used to harvest credentials from compromised systems, which is unprecedented in…
Adobe Security Update, Multiple Vulnerabilities Patched
Adobe has issued a crucial security update for its Acrobat and Reader software on Windows and macOS platforms. This update, identified as APSB24-70, addresses multiple vulnerabilities that could allow attackers to execute arbitrary code on affected systems. The update was…
Chinese Hackers Using Open Source Tools To Launch Cyber Attacks
Three Chinese state-backed threat groups, APT10, GALLIUM, and Stately Taurus, have repeatedly employed a modified version of the open-source network scanning tool NBTscan over the past decade. NBTscan, designed for network discovery and forensics, sends NetBIOS status queries to IP…
Beware Of Malicious Chrome Extension That Delivers Weaponized ZIP Archive
In August 2024, researchers detected a malicious Google Chrome browser infection that led to the distribution of LummaC2 stealer malware that utilized a drive-by download of a ZIP archive containing an MSI app packaging file, which, when executed, installed the…
Researchers Details Attacks On Air-Gaps Computers To Steal Data
The air-gap data protection method isolates local networks from the internet to mitigate cyber threats and protect sensitive data, which is commonly used by organizations dealing with confidential information such as personal, financial, medical, legal, and biometric data. By eliminating…
CISA Issues Warning About Three Actively Exploited Vulnerabilities in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about three critical vulnerabilities currently being exploited in the wild. These vulnerabilities affect a range of widely used software and systems, posing significant risks to organizations and individuals…
WhatsApp’s “View Once” Feature Flaw Exploited in the Wild
The Zengo X Research Team has uncovered a critical flaw in WhatsApp’s “View Once” feature, designed to enhance user privacy by allowing media to be viewed only once before disappearing. This flaw, now exploited in the wild, raises significant concerns…
High School in London Forced to Sends Students Home Following Ransomware Attack
Charles Darwin School in Biggin Hill, London, has been forced to close its doors following a sophisticated ransomware attack temporarily. The incident has left students and parents uncertain as the school works to restore its systems and secure sensitive data.…
Threat Actors Allegedly Claiming Leak of Capgemini Data
Threat actors have allegedly leaked sensitive data from Capgemini, a global leader in consulting, technology services, and digital transformation. The claims surfaced on the dark web, raising alarms about the potential impact on the company’s operations and client confidentiality. According…
Akira Ransomware Actively Exploiting SonicWall firewall RCE Vulnerability
SonicWall disclosed a critical remote code execution vulnerability (CVE-2024-40766) in SonicOS on August 22nd, 2024. While no active exploitation was initially confirmed, the advisory was updated on September 6th to indicate potential active attacks. The vulnerability, affecting both management access…
Young Gamers Under Attack, Here is the List of Games Targeted
As the new school year begins, students are gearing up for new classes and friendships and diving back into the digital world of video games. However, this virtual playground is not as safe as it seems. Cybercriminals are increasingly targeting…
IBM webMethods Integration Server Vulnerabilities Exposes Systems to Arbitrary Command Execution
Critical vulnerabilities have been identified, potentially exposing systems to arbitrary command execution. These vulnerabilities, cataloged under the Common Vulnerabilities and Exposures (CVE) system, highlight significant security risks that demand immediate attention. Overview of Vulnerabilities IBM’s webMethods Integration Server, a widely…
Vulnerabilities in IBM Products Let Attackers Exploit & Launch DOS Attack
IBM has issued a security bulletin addressing critical vulnerabilities in its MQ Operator and Queue Manager container images. These vulnerabilities, including denial of service and privilege escalation, could allow attackers to bypass security restrictions and disrupt operations. Summary of Vulnerabilities…