The People’s Cyber Army of Russia is a Russian hacktivist group known for its strategic use of DDoS attacks and other disruptive tactics. Operating as part of the broader Russian cyber warfare landscape, the group has been involved in several…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Ransomhub Attacked 210 Victims Since Feb 2024, CISA Released Advisory For Defenders
The FBI, CISA, MS-ISAC, and HHS have released a joint advisory detailing known RansomHub ransomware indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs). RansomHub, a ransomware-as-a-service variant, has been active since February 2024, targeting various critical infrastructure sectors,…
Iranian Hackers Using Multi-Stage Malware To Attack Govt And Defense Sectors Via LinkedIn
Microsoft has identified a new Iranian state-sponsored threat actor, Peach Sandstorm, deploying a custom multi-stage backdoor named Tickler. This backdoor has been used to target various sectors, including satellite, communications equipment, oil and gas, and government, in the United States…
Operation Oxidovy, Threat Actors Targeting Government And Military Officials
The recent campaign targeting the Czech Republic involves a malicious ZIP file that contains a decoy LNK file and a batch script. The LNK runs the batch script, which spawns a decoy PDF document and renames a masqueraded PDF file…
CloudSOC – An OpenSource Project for SOC & Security Analysts
Security Operations Centers (SOCs) and security analysts are under immense pressure to stay ahead of potential attacks. Enter CloudSOC, an open-source project designed to empower SOC teams and security analysts by providing a modern architecture that leverages open-source tools for…
Operation DevilTiger, APT Hackers 0-Day Exploitation Tactics Exposed
The APT-Q-12 group, also known as Pseudo Hunter, is a Northeast Asian threat actor linked to Darkhotel, which primarily targets East Asian countries, including China, North Korea, Japan, and South Korea. They employ sophisticated techniques to infiltrate systems and steal…
Critical Atlassian Vulnerability Exploited To Connect Servers In Mining Networks
Hackers usually shift their attention towards Atlassian due to flaws in its software, especially in products like Confluence, which put organizations’ private data at risk. There are many exploits accessible over the Internet, and the ease of the attack vector…
BlackByte Hackers Exploiting VMware ESXi Auth Bypass Vulnerability
BlackByte, a Ransomware-as-a-Service (RaaS) group that surfaced about mid-2021 appears to have traces of Conti’s evolution. It uses productive sophistication such as bypassing security measures through the use of kernel-level exploited drivers, inducing self-replicating ransomware with worm features, and leveraging…