Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

United States Attorney Susan Lehr announced the extradition of Abiola Kayode, 37, from Nigeria to the District of Nebraska. The extradition follows a Conspiracy to Commit Wire Fraud indictment filed against Kayode in August 2019. This case highlights international cooperation…

Read more →

Dell Technologies has released a security advisory addressing multiple critical vulnerabilities that could expose affected systems to exploitation by malicious actors. Customers are strongly encouraged to review the findings and update their systems accordingly. This update includes remediation for two…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued ten critical advisories, highlighting vulnerabilities across Siemens’ industrial products. Released on December 12, 2024, these advisories expose multiple flaws in Siemens’ hardware and software platforms critical to industrial control systems (ICS).…

Read more →

The Federal Bureau of Investigation (FBI) announced the seizure of Rydox, an illicit online marketplace that facilitated the buying and selling of stolen personal information and cybercrime tools. Alongside the crackdown, law enforcement arrested three key administrators linked to the…

Read more →

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders is to keep IT environments up and running. To guard against cyber threats and prevent data breaches, it’s vital to understand the current cybersecurity vendor…

Read more →

Researchers discovered a new variant of the AntiDot banking trojan targeting Android mobile devices through a mobile-phishing (mishing) campaign, where this variant builds upon the version identified by Cyble in May 2024.  The attackers leverage social engineering tactics, posing as…

Read more →

Wuhan Chinasoft Token Information Technology Co., Ltd. developed EagleMsgSpy, a surveillance tool operational since 2017, which, installed as an APK, secretly collects extensive user data, including chat messages, screen recordings, audio, call logs, contacts, SMS, location, and network activity.  Because…

Read more →

Cybercriminals exploited typosquatting to deploy a malicious npm package, `@typescript_eslinter/eslint`, targeting developers seeking the legitimate TypeScript ESLint plugin, which was designed to mimic the genuine plugin, compromised systems by monitoring keystrokes, clipboard data, and executing remote commands.  They leveraged a…

Read more →

Researchers identified FUNNULL, a Chinese CDN, as hosting malicious content, which includes fake trading apps for financial fraud, gambling sites likely used for money laundering, and phishing login pages targeting luxury brands.  The gambling sites use algorithmically generated domains and…

Read more →

A stealthy Command-and-Control (C2) infrastructure Red Team tool named ConvoC2 showcases how cyber attackers can exploit Microsoft Teams to execute system commands on compromised hosts remotely. This innovative project, designed with Red Team operations in mind, uses Teams messages for…

Read more →

Cybersecurity researchers have uncovered a sophisticated exploitation campaign involving a zero-day (0-day) vulnerability in Cleo file transfer software platforms. This campaign has been used to deliver a newly identified malware family, now dubbed “Malichus.” The threat, recently analyzed by Huntress…

Read more →

GitLab announced the release of critical security patches for its Community Edition (CE) and Enterprise Edition (EE). The newly released versions 17.6.2, 17.5.4, and 17.4.6 address several high-severity vulnerabilities, and GitLab strongly recommends that all self-managed installations be upgraded immediately.…

Read more →

Researchers have uncovered a vulnerability that allows attackers to compromise AMD’s Secure Encrypted Virtualization (SEV) technology using a $10 device. This breakthrough exposes a previously underexplored weakness in memory module security, specifically in cloud computing environments where SEV is widely…

Read more →

Splunk, the data analysis and monitoring platform, is grappling with a Remote Code Execution (RCE) vulnerability. This flaw, identified as CVE-2024-53247, affects several versions of Splunk Enterprise and the Splunk Secure Gateway app on the Splunk Cloud Platform. The vulnerability…

Read more →

In a major international operation codenamed “PowerOFF,” Europol, collaborating with law enforcement agencies across 15 countries, has taken down 27 illegal platforms facilitating Distributed Denial-of-Service (DDoS) attacks. This takedown marks a significant blow to the cybercrime industry, disrupting one of…

Read more →

Researchers reported a phishing attack on December 4th, 2024, where malicious emails purportedly from the Ukrainian Union of Industrialists and Entrepreneurs were distributed, inviting recipients to a NATO standardization conference.  The emails aimed to compromise systems by delivering malware, and…

Read more →

The US Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned Sichuan Silence Information Technology Company and its employee Guan Tianfeng for their involvement in the April 2020 global firewall compromise, which targeted numerous US critical infrastructure companies.  The…

Read more →

Zloader, a sophisticated Trojan, has recently evolved with features that enhance its stealth and destructive potential, as the latest version, 2.9.4.0, introduces a custom DNS tunnel for covert C2 communications, bypassing traditional network security measures.  An interactive shell empowers attackers…

Read more →

The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has confirmed an advanced cyber attack against organizations in Japan, believed to have been conducted by the cyber espionage group APT-C-60. The attackers used phishing techniques, masquerading as a job applicant…

Read more →

A critical security vulnerability (CVE-2024-49115) in Windows Remote Desktop Services (RDS) has been disclosed, potentially allowing hackers to execute arbitrary remote code via the network. The flaw, assigned the highest severity classification, was officially confirmed by Microsoft on December 10,…

Read more →