Tag: GBHackers On Security

Read the original article: Hackers Use Fake Zoom Installers to Install Backdoor and Devil Shadow Botnet on Windows Computers Hackers taking advantage of the video conferencing apps like Zoom to infect systems with malicious routines. Security researchers from Trend Micro…

Read more →

Read the original article: Home Chef Hacked – Hackers Selling 8M User Records on a Dark Web Marketplace Home Chef, a US-based meal kit delivery service suffers a data breach, hackers stolen more than 8 million customer records. How are…

Read more →

Read the original article: Researchers Disclose Five Windows Zero-day Vulnerabilities that Allow Hackers to Escalate Privileges Security researchers from Trend Micro’s Zero Day Initiative (ZDI) disclosed five zero-day vulnerabilities that allow attackers to escalate the privileges on the Windows machine.…

Read more →

Read the original article: Researchers Disclose Five Windows zero-day Vulnerabilities that Allow Hackers to Escalate Privileges Security researchers from Trend Micro’s Zero Day Initiative (ZDI) disclosed five zero-day vulnerabilities that allow attackers to escalate the privileges on the Windows machine.…

Read more →

Read the original article: Critical Bluetooth BIAS Attack Let Hackers Access Billions of Devices A new attack dubbed Bluetooth BIAS attack allows attackers to spoof the already paired device and to successfully authenticate without having the link key that used…

Read more →

Read the original article: Best Ways to Detect and Handle Suspicious Email Attachments I’m going to share some tips on how to spot suspicious email attachments quickly and easily. We get so many emails daily that it can be easy…

Read more →

Read the original article: EasyJet Hacked – More than 9 Million Customers Details Were Accessed EasyJet admitted that hackers have stolen the email address and travel details of more than 9 million customers. The company not provided any details of…

Read more →

Read the original article: Most Important Mobile Application Penetration Testing Cheat sheet with Tools & Resources for Security Professionals The Mobile Apps Pentesting cheat sheet was created to provide a collection of high-value information on specific mobile application penetration testing…

Read more →

Read the original article: Ramsay – A cyber‑espionage Toolkit Attack Steal Sensitive Document From Air‑Gapped Networks Recently, the cybersecurity firm ESET has discovered a malware toolkit, which has been named as Ramsay, a rare malware attack with the advanced capabilities…

Read more →

Read the original article: RATicate – Hackers Group Launching an Information Stealing Malware via Remote Admin Tool Recently, a hackers group, known as RATicate has abused the NSIS (Nullsoft Scriptable Install System) installers to deploy RATs (Remote Access Tools) and…

Read more →

Read the original article: Top 5 Best Hacking Simulator for Every Aspiring Hackers to Practice Their Hacking Skills Hacking Simulator is known for simulating the hacking operation and play with a lot of hacking tricks. Hacking is a skill that…

Read more →

Read the original article: db8151dd – A Massive Unattributable Data Breach Leaked Tens of Millions of Records Recently, a massive unattributable private data breach, codenamed as “db8151dd”, has exposed the data records of more than 22 million people, including the…

Read more →

Read the original article: What is Vulnerability Scoring? A Detailed Report to CVSS A vulnerability is some aspect of a system functionality, architecture, or configuration that enables cybercriminals to execute attacks, exploit services, and steal data. There are many available…

Read more →

Read the original article: Reverse RDP – Microsoft Patch for RDP client Opens Room for Other Attacks Researchers discovered several critical vulnerabilities that let attackers reverse the usual direction of communication and infect the user’s computer. The vulnerability was found…

Read more →

Read the original article: COVID-19 Research Organizations Attacked by Chinese Hackers Group FBI warned that Chinese hackers are attacking organizations who plays a vital role in research on COVID-19. FBI and CISA have warned the organizations and multiple sectors includes…

Read more →

Read the original article: Live Cyber Forensics Analysis with Computer Volatile Memory The field of computer Forensics Analysis involves identifying, extracting, documenting, and preserving information that is stored or transmitted in an electronic or magnetic form (that is, digital evidence).…

Read more →

Read the original article: Get an Additional Layer of Security with KeepSolid VPN Unlimited and DNS Firewall VPN services are one of the easiest ways to maintain your online privacy and security. For an extra layer of security, you can…

Read more →

Read the original article: 4,000 Android apps on Google Play Expose Millions Of Passwords, Phone Numbers And Messages via Firebase Firebase is a mobile and web application development by Firebase, Inc. in 2011. later it was acquired by Google in…

Read more →

Read the original article: Hackers Attacking Indian Banks via JAVA RAT To Hack Java Installed Windows, Linux, and Mac Currently, the whole world is in lockdown due to the deadly COVID-19 pandemic, but, for the cybercriminals, this is the most…

Read more →

Read the original article: Kali Linux 2020.2 Released – PowerShell by Default, New Packages, New Theme, and More – Update Now !! World’s leading Penetration distribution Kali Linux 2020.2 released with new improvements, changes with login, PowerShell by Default, and…

Read more →

Read the original article: vBulletin Fixes Critical Security Vulnerabilities – Patch Before Hackers Exploiting it VBulletin software is one the most popular and widely used forum software written in PHP, used by a number of organizations. Now vBulletin has released…

Read more →

Read the original article: Researcher Uncovered 1,236 Websites Infected with Credit Card Data Stealing Skimmer The security researcher has found 1,236 vulnerable websites that were infected with the credit card data-stealing skimmer. According to the latest reports, recently, the deadly…

Read more →

Read the original article: Black Hat and DEF CON Security Conferences Go Virtual Due To COVID-19 Pandemic Recently, due to the COVID-19 pandemic, the whole world is going through a big disaster. Thus, in recent conferences, Black Hat and DEF…

Read more →

Read the original article: Thunderspy Attack – Critical Intel Thunderbolt Bug Let Attackers Hack Millions of PCs Within 5 Minutes Recently, a security expert at the Eindhoven University of Technology has exhibited that how a new attack method on Windows…

Read more →

Read the original article: REvil Ransomware 2.2 Released – Now Encrypts Open and Locked Files REvil Ransomware also known as Sodinokibi observed wild at the end of April 2019. The REvil ransomware is a part of Ransomware-as-a-Service (RaaS) where a…

Read more →

Read the original article: SOC Analyst Training – Cyber Attack Intrusion Analysis With SIEM Tools|From Scratch To Advanced SOC Training is one of the most important concern in order to build a Quality Security Operation Center Team to fight against…

Read more →

Read the original article: Shiny Hunters Hacking Group Selling 11 Companies Databases of over 73.2 Million User Records on Dark Web A hacker group dubbed Shiny Hunters started selling hacked databases that contain over 73.2 Million user records of 11…

Read more →

Read the original article: Indicator Of Attack(IoA’s) And Activities – SOC/SIEM – A Detailed Explanation What is an Indicator of Attack (IOA) IoA’s is some events that could reveal an active attack before indicators of compromise become visible. Use of…

Read more →

Read the original article: Microsoft’s GitHub Account Hacked – 500 GB Of Microsoft’s Private GitHub Repositories Data Stolen Recently, a hacker has claimed that he/she managed to steal more than 500GB of data from the tech giant Microsoft’s private GitHub…

Read more →

Read the original article: Microsoft Offer $100,000 To Hack Azure Sphere Linux IoT OS Using RCE Exploits The tech giant Microsoft has just announced a huge reward of $100,000 for hacking the Azure Sphere OS; it is the very first…

Read more →

Read the original article: Law Enforcement Authorities Dismantled The Hacker Groups Database That Contains Millions of Users Credentials European Union Agency with other law enforcement agencies takes down the infamous hacking group known as InfinityBlack database that has managed to…

Read more →

Read the original article: India’s Largest Online Education Platform’s Unacademy Hacked and 22M Users Data Exposed on Dark Web Recently, India’s largest e-learning platform, Unacademy, which is based in Bangalore, is reported to be hacked, hackers gained access to Unacademy’s,…

Read more →

Read the original article: Chinese Naikon APT Group Compromises Government Servers to Evade Detection and to Launch other Attacks A Chinese based Naikon APT group discovered attacking several national government entities in the Asia Pacific (APAC) region. The ongoing cyber-espionage…

Read more →

Read the original article: Endpoint Security: How Does It Perform a Vital Role in Enterprise Network Security A vital part of any comprehensive security program includes endpoint protection. Also known as endpoint security. But both terms refer to the same…

Read more →

Read the original article: Kubernetes Security Firm Portshift Chosen as a 2020 Red Herring Top 100 Europe Winner Portshift, a leader in Kubernetes-native solutions, today announced that Portshift has been selected as a 2020 Red Herring Top 100 Europe winner.…

Read more →

Read the original article: Data Protection and Security Ranked Among Top Five Managed Services – Download Free E-Book Leading cloud backup, recovery and restore software provider Asigra Inc., today highlighted the findings in a new report by IT research firm…

Read more →

Read the original article: Beware of Fake Zoom Installers that Infects Computers with WebMonitor RAT Due to coronavirus pandemic, many companies around the world asked employees to work from home, which increases the usage of video conferencing apps. Researchers from…

Read more →

Read the original article: SAP to Address Security Issues With Some Cloud Products and to Notify 440,000 Customers SAP(Systems Applications and Products) announced on Monday that they are to patch security issues with some of their cloud-based products. The bugs…

Read more →

Read the original article: GoDaddy Hack – Attackers Gained SSH Access to Customer Hosting Accounts GoDaddy, the world’s largest domain registrar and hosting provider announced a data breach that impacts web hosting account credentials. The company notified unauthorized party access…

Read more →

Read the original article: Trickbot Malware Campaign Targets users with COVID-19 Themed Malspam The Cyberthreat uses COVID-19 themed malspam to distribute the Trickbot malware, says IBM Security Researchers. This time attacker utilizes FMLA (Family and Medical Leave Act) to lure…

Read more →

Read the original article: Hackers Steal Data From Air-gapped Computers by Turning Power Supply to Speakers Researchers proposed a new method that enables attackers to steal data acoustically from air-gapped and audio-gapped systems. Air-gapped computers are the computers isolated from…

Read more →

Read the original article: Hackers Breached MDM Servers to Install Banking Malware on Android Devices Security researchers uncovered that hackers had breached at least 75% of the MDM (Mobile Device Manager) server to install banking malware on Android devices in…

Read more →

Read the original article: 10 Most Important Cyber Security Tips To Protect Your Enterprise Network With its multitude of benefits, one can easily forget that the internet also serves as a grooming ground for cybercriminals.  With the increased number of…

Read more →

Read the original article: Reliance Jio’s Coronavirus Symptom Checker App Exposes Users Data Online Due to Security Error A security error with Reliance Jio’s Coronavirus Symptom Checker App exposes its core database to the Internet without a password. The COVID-19…

Read more →

Read the original article: Beware of Fake Microsoft Teams Notifications Aimed to Steal Employees Passwords A new phishing campaign aimed to steal employees’ login credentials by impersonating Microsoft Teams’ notifications. Due to this COVID-19 pandemic situation, many companies moved to…

Read more →

Read the original article: SaltStack Salt Critical Bug Affects Thousands of Datacenters and Cloud Environments Salt management framework developed by SaltStack is a configuration tool used to monitor and update servers in datacenters and cloud environments. Multiple critical vulnerabilities with…

Read more →

Read the original article: Oracle Warns Active Exploitation of Recently Patched WebLogic RCE Flaw Oracle warned that hackers actively attempting to exploit recently patched vulnerability CVE-2020-2883, which affects multiple versions of Oracle WebLogic Server. Oracle patched the vulnerability as a…

Read more →

Read the original article: New Android Malware “EventBot” Steals Bank Credentials, SMS, Collect Personal Data, keystrokes Researchers uncovered a new wave of stealthy banking Trojan and info stealer dubbed “EventBot” that can steal banking information, personal data and implant keystrokes…

Read more →

Read the original article: How to Build and Run a Security Operations Center Today’s Cyber security operations center (CSOC) should have everything it needs to mount a competent defense of the ever-changing information technology (IT) enterprise. This includes a vast…

Read more →

Read the original article: Darker Side of Malicious Bots – What Damage Can Malicious Bots Cause? Recently a report published by Radware reveals that nearly 58% of the malicious bots traced in February 2020 by various IT security platforms mimic…

Read more →

Read the original article: RDP Brute-force Attacks on Rise Since Organizations Worldwide Introduced Remote Working Coronavirus has a direct impact on cybersecurity, threat actors taking advantage of the current situation to launch various attacks such as malware, phishing, fraud, and…

Read more →

Read the original article: Web Application Attacks – Types, Impact & Mitigation – Part-4 With this article, we list some of the common web application attacks, impacts, and possible mitigation. In part -4 we are covering the following attacks. Web…

Read more →

Read the original article: Shade Ransomware Hackers Shutdown Their Operation – 750k Decryption Keys Released Shade ransomware first spotted in late 2014, also known as Troldesh or Encoder.858. The ransomware distributed specifically through malicious email attachments. The origin of the…

Read more →

Read the original article: Critical Security Updates Released for Adobe Illustrator, Bridge, and Magento Adobe released emergency security updates that resolve critical vulnerabilities with three of it’s most used products such as Adobe Illustrator, Bridge, and Magento commerce. Adobe Illustrator…

Read more →

Read the original article: Researchers Exploit Almost Every Anti-Virus Software & Turn Them Into Self Destructive Tools Researchers uncovered a simple flaw that existed in nearly 28 Antivirus software that allows malware authors to exploit the system and disable the…

Read more →

Read the original article: Hackers Hijack Microsoft Teams Accounts Using a Single Weaponized GIF Image Microsoft has patched a subdomain takeover vulnerability in Microsoft Teams that affects every user who uses the Teams desktop or web browser version. Microsoft Teams…

Read more →

Read the original article: A Complete Guide to Perform External Penetration Testing on Your Client Network | Step-by-Step Methods This write-up walks us through one of my many journeys in my external penetration testing and how I compromised the organization…

Read more →

Read the original article: Hackers Exploit SQL Injection & Code Execution Zero-day Bugs in Sophos Firewall Sophos patched a SQL injection flaw with XG Firewall product that exploited by attackers in the wild. Sophos informed about the bug on April…

Read more →

Read the original article: Hackers Exploit SQL Injection & Code Execution zero-day Issue in Sophos Firewall Sophos patched a SQL injection flaw with XG Firewall product that exploited by attackers in the wild. Sophos informed about the bug on April…

Read more →

Read the original article: Operating Systems Can be Detected Using Ping Command Operating Systems can be detected using Ping Command, Ping is a computer network administration software utility, which used to find the Availability of a host on an Internet…

Read more →

Read the original article: Web Application Attacks – Types, Impact & Mitigation – Part-3 With this article, we list some of the common web application attacks, impacts, and possible mitigation. In part -3 we are covering the following attacks. Web…

Read more →

Read the original article: Beware of Zoom Phishing Campaign that Threatens Employees Contracts will be Suspended or Terminated A new zoom phishing campaign observed asking recipients to join a zoom meeting that threatens employees that their contracts will be either…

Read more →

Read the original article: Hackers Selling $2 Million Worth South Korean & US Payment Card Details in The Underground Darknet Market Researchers detected a dump containing details for nearly 400,000 payment card records uploaded to a popular darknet card shop on April 9.  The database was comprised almost entirely of…

Read more →

Read the original article: Cloud Computing Penetration Testing Checklist & Important Considerations Cloud Computing Penetration Testing is a method of actively checking and examining the Cloud system by simulating the attack from the malicious code. Cloud computing is the shared…

Read more →

Read the original article: Moobot Botnet Hacks Various Fiber Routers Using 0-Day Vulnerability Qihoo 360’s Netlab Researchers observed Moobot botnet has successfully spread in fiber routers for remote code execution using0-day vulnerability.  There is a total of 9 vendors are affected by…

Read more →

Read the original article: Hackers Spreading Hoaxcalls DDoS Botnet by Exploiting an Unpatched ZyXel RCE 0-Day Bug Remotely Researchers uncovered a new variant of Hoaxcalls Botnet that spreading through exploiting the unpatched remote code vulnerability that resides in ZyXEL Cloud…

Read more →

Read the original article: Moobot Botnet Hacks Various Fiber Routers Using 0-day Vulnerability Qihoo 360’s Netlab Researchers observed Moobot botnet has successfully spread in fiber routers for remote code execution using0-day vulnerability.  There is a total of 9 vendors are affected by…

Read more →

Read the original article: New Zoom Flaw Let Hackers to Record Meetings Anonymously Even Recording Disabled A new Zoom flaw lets hackers record Zoom meeting sessions and to capture the chat text without the knowledge of meeting participants’ even though…

Read more →

Read the original article: Most Important Web Server Penetration Testing Checklist Web server pentesting performing under 3 major category which is identity, Analyse, Report Vulnerabilities such as authentication weakness, configuration errors, protocol Relation vulnerabilities.  1.  “Conduct a serial of methodical…

Read more →

Read the original article: Two zero-day Flaws With Apple iPhones and iPads Let Attackers to Hack Devices Just by Sending Emails Security researchers from ZecOps discovered two zero-day vulnerabilities with default email mailing app present in Apple iPhones and iPads…

Read more →

Read the original article: Cynet Issues Incident Response Challenge to IR Professionals With $5,000 Prize Cynet today announced the company’s IR Challenge for incident response professionals. Incident Responders Challenged to Match Their Skills Against Colleagues in First of its Kind…

Read more →

Read the original article: Four IBM Zero-days Leaked Online After the Company Refused to Patch The Bugs Security researcher Pedro Ribeiro, Director of Research at Agile Information Security disclosed four zero-day vulnerabilities on GitHub after the company refused to fix…

Read more →

Read the original article: 5 Most Important App Development Security Practices Every Business Needs To Know There are numerous benefits to businesses that develop their own apps to enable their audience to interact with them more easily. However, a poorly…

Read more →

Read the original article: Law enforcement and Microsoft Shutdown a Major Malware Attack by Mapping 400,000 IP’s Microsoft’s Digital Crimes Unit (DCU) uncovered an IoT botnet operation that 100 times within one month. Analyzing further DCU team able to map…

Read more →

Read the original article: Web Application Attacks – Types, Impact & Mitigation – Part-2 With this article, we list some of the common web application attacks, impacts, and possible mitigation. In part -2 we are covering the following attacks. Session…

Read more →

Read the original article: Syrian State-sponsored Hacking Group uses COVID-19 Themes to Attacks Android users Lookout researchers have uncovered a mobile surveillance campaign that has used more than 71 malicious Android apps to spy on Syrian users since the start…

Read more →

Read the original article: State-sponsored Hacking Group uses COVID-19 themes to Attacks Syria Android users Lookout researchers have uncovered a mobile surveillance campaign that has used more than 71 malicious Android apps to spy on Syrian users since the start…

Read more →

Read the original article: Tor Project Lays off a Third of its Staff Due to the Economic Impact of the Coronavirus Outbreak The Tor project is non-profit organizations that focus o development related to privacy and anonymity. TOR is an…

Read more →

Read the original article: Web Application Attacks – Types, Impact & Mitigation – Part-1 With this article, we list some of the common web application attacks, impacts, and possible mitigation. In part -1 we are covering the following attacks. Local…

Read more →

Read the original article: IT Services Giant Cognizant Hit by Maze Ransomware Cyber Attack Cognizant Technology Solutions Corp, one of the largest IT services providers hit by Maze Ransomware Cyber Attack which causes service disruptions to its clients. The company…

Read more →

Read the original article: Hackers Attack Taxpayers Computers Using Netwire RAT via Weaponized Microsoft Excel 4.0 With tax season upon us, Researchers from FortiGuard Labs observed that a new NetWire RAT is spreading in wild using legacy MS Excel 4.0…

Read more →

Read the original article: Top 10 Best Free Antivirus Download For PC 2020 Basically, a Best Free Antivirus software is the most essential part of Windows and significant for every Windows PC nowadays since the cyber threat is continuously evolving…

Read more →

Read the original article: Most Important Android Penetration Testing Tools for Pentesters & Security Professionals Android security testing is more often used by security industries to test the vulnerabilities in Android applications. Here you can find the Comprehensive Android Penetration…

Read more →

Read the original article: Project Spy – A Spyware Campaign That Hack Android & iOS Devices via Coronavirus Update App Researchers discovered a new cyberespionage campaign named Project Spy through which hackers targeting Android and iOS devices with spyware using Coronavirus…

Read more →

Read the original article: PoetRAT – New Python RAT Attacking Government and Energy Sector Via Weaponized Word Documents A new malware campaign uses word documents to drop malware on the victim machines that allow attackers to gain remote access over…

Read more →

Read the original article: Hackers Stealing WiFi Password Using New AgentTesla Malware Researchers uncovered a new malware variant of AgentTesla used by threat actors to steal WiFi Password and data from different applications such as browsers, FTP clients, and file…

Read more →

Read the original article: Top 10 Open Port Scanner and Port Checker Tools for 2020 Port scanner and port checker tools are one of the most essential parts to find the open ports and status of the port. The open…

Read more →

Read the original article: Beware of Coronavirus-themed Grandoreiro Malware Attacks Bank Customers Via Chrome Plugin Researchers observed a massive campaign of Grandoreiro, a remote-overlay banking Trojan targets the large Spanish banking customers to empty their banking accounts via a fake…

Read more →

Read the original article: 10 Best Hacker-Friendly Search Engines of 2020 The search engines allow users to find any content via the world wide web. It helps to find any information easily and is a web-based tool that allows someone…

Read more →

Read the original article: Hackers Are Selling Windows Zoom Zero-Day Exploit for $500,000 Earlier this month multiple vulnerabilities discovered with Zoom’s Windows and macOS clients, those vulnerabilities allow attackers to escalate privileges with macOS and to steal login credentials with…

Read more →

Researchers observed a massive campaign that pushes fake browser extensions to users mimic popular bands using Google Ads and other advertisement channels. The extensions are aimed to steal mnemonic phrases, private keys, and Keystore files from the users and send…

Read more →

Threat actors continue to use COVID-19 pandemic to launch various attacks such as malware, phishing, fraud, and disinformation campaigns. Numerous COVID-19 themed phishing campaigns observed by researchers that attack targeting government and Medical Organizations. Ransomware Campaigns Observed Security researchers from…

Read more →

A security vulnerability with TikTok allows attackers to inject any videos in the User feeds, the bug affects verified users also. Attackers may exploit this vulnerability to ake their videos popular. TikTok is a Chinese based popular video-sharing mobile platform…

Read more →

Oracle released an emergency security update for another critical remote code execution vulnerability that can be exploited by the remote attacker to gain control over the system. A pre-release announcement released by Oracle on Tuesday, April 14, 2020. The patch…

Read more →

Cybercriminals continue to use the Coronavirus outbreak to launch various attacks such as malware, phishing, fraud, and disinformation campaigns. In the current situation, most of the organization has been closed and the employees are provided with options to work from…

Read more →

Private conversations are the most sensitive digital data and Secure Messaging Apps playing a major role in privacy. We all know that we have secret communications that we desire to keep private! Whether it’s an awkward conversation, office news, or…

Read more →

VMware patches a critical security vulnerability that allows malicious attackers to obtain sensitive information. The vulnerability can be tracked as CVE-2020-3952, it is rated as critical and receives a CVSSv3 score of 10. VMware vCenter Server Vulnerability The vulnerability resides…

Read more →

Wireshark 3.2.3 released with a fix for vulnerabilities that results in the BACapp dissector crash and fix for other bugs. Wireshark is known as the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.…

Read more →

More than 30 malicious fleeceware apps found in Apple’s official App Store. These apps are aimed to make financial frauds. Apple allows apps to offer a trial period and these app developers taking it as an advantage. If the users…

Read more →

Researchers uncovered a new cross-platform attack from 5 different APT groups that work for the Chinese Government targets the Linux servers, Windows and Android systems deployed in an organization around the globe using Remote Access Trojan’s, and the campaign remains…

Read more →