Tag: GBHackers On Security

Linux Foundation and Harvard’s Lab identifies the most commonly used free and open-source software and the potential vulnerabilities associated. The Census II report determines the “important steps towards understanding and addressing structural and security complexities in the modern-day supply chain…

Read more →

Researchers discovered a new wave of Azorult malware campaign that abusing the protonVPN and dropper the malware payload as a fake ProtonVPN installer to infect the Windows System. GBHackers reported several incidents involved by the Azorult malware campaign and is…

Read more →

Dark web browser are a most important concern for anonymous browsing and the most used applications in any device in current times is browsers, but not all your browsing histories are kept private and this is why deep or dark…

Read more →

Researchers discovered a widespread Iranian malware campaign called Fox Kitten that targeting the several organization networks by exploiting the Vulnerabilities in VPN. The organization its targets are mainly related to IT, Telecommunication, Oil and Gas, Aviation, Government, and Security sectors around…

Read more →

Cyber Security operations center is protecting organizations and sensitive business data of customers. It ensures active monitoring of valuable assets of business with visibility, alerting and investigating threats and a holistic approach to managing risk. Analytics service can be in-house…

Read more →

In this article, we have done the depth analysis and list you top 10 best Free Firewall software that provided extended security to protect your system from the bad actors. Generally, every computer is connected to the internet and is…

Read more →

Researchers uncovered a stealthy Android malware called XHelper that has unseen reinstalling capability after the malware removed from the infected Android device. Once removed the XHelper malware from the devices, within an hour, the variants of xHelper Trojan agent was…

Read more →

A group of security researchers uncovered a 12 Bluetooth based vulnerabilities dubbed “SweynTooth” in BLE software development kits of seven major system-on-a-chip (SoC) vendors.  BLE ( Bluetooth Low Energy) a technology developed for wireless communication with a set of many standardized…

Read more →

TLS is simply a successor of SSL 3.0, TLS is a protocol which provides Data encryption and Integrity between communication channels. SSL 3.0 is served as a base for TLS 1.0. SSL OR TLS Which is good? We use to…

Read more →

Ad blocker is one of the important utility which helps to get rid of the annoying ads in your android devices. Advertisements are everywhere, thanks to the digital transformation that’s happening across the world. Ads can help or annoy users…

Read more →

This article covers Active directory penetration testing that can help for penetration testers and security experts who want to secure their network. “Active Directory” Called as “AD” is a directory service that Microsoft developed for the Windows domain network. Using…

Read more →

Cybercriminals continue to host malicious chrome extensions in Google’s official Chrome Web Store to steal users’ data and redirect users to malicious websites. Researchers observed a large malvertising campaign that presents a network of copycat plugins that shares a similar…

Read more →

Proactive Controls for Software developers describing the more critical areas that software developers must focus to develop a secure application. The OWASP Top 10 Proactive Controls 2019 contains a list of security techniques that every developer should consider for every…

Read more →

You’re hearing the term “Virus” instead of malware after a long time right!! Yes, what you’re hearing is absolutely right. Researchers discovered a new wave of a malicious campaign named “KBOT” that injecting malicious code into Windows executable files which…

Read more →

Computer Forensics tools are more often used by security industries to test the vulnerabilities in network and applications by collecting the evidence to find an indicator of compromise and take appropriate mitigation Steps. Here you can find the Comprehensive Computer…

Read more →

Google continues to enhance the safety of Google Play with continuous improvements, enhancements, and teams to fight against malicious apps and developers. Google Play Protect is built-in malware protection for Android, it was introduced in the year 2017, aiming to…

Read more →

Electric scooters, also called e-scooters, are a popular method of transportation in large cities. They are small, portable, and can zip around sidewalks and in between pedestrians with ease. Unfortunately, their popularity isn’t just with law-abiding citizens. Xiaomi M365 scooters…

Read more →

Microsoft released a security update for February under Patch Tuesday with the fixes fro 99 vulnerabilities that affected various Microsoft products, including Actively exploited Internet Explorer zero-day vulnerability. Microsoft recently achieved a big milestone of 1 billion Windows 10 users,…

Read more →

Adobe released security updates that fix 42 security vulnerabilities in 5 Software, among them, many of the vulnerabilities are classified as critical and important. Adobe Framemaker | APSB20-04 The update fixes critical vulnerabilities with Adobe Framemaker for Windows, which allows…

Read more →

A high severity vulnerability resides in Dell SupportAssist for Business & Home PCs allows a low privileged user to execute arbitrary code with admin privileges on vulnerable installations. The Dell SupportAssist is a monitoring tool that comes preinstalled on most…

Read more →

Researchers observed a new ransomware family called “Robinhood” that using a digitally signed vulnerable driver to bypass the protection by killing files belonging to endpoint security products, bypassing tamper protection and antivirus software to encrypt the system files. Attackers using…

Read more →

A new wave of Emotet malware campaign With New Wi-Fi Spreader takes advantage of the wlanAPI interface to enumerate all Wi-Fi networks in the area and spreads the infection. The Emotet is a banking Trojan detected in the year 2014,…

Read more →

is this website safe ? In this digital world, Check website safety is most important concern since there are countless malicious websites available everywhere over the Internet, it is very difficult to find a trustworthy website. We need to browse smart and…

Read more →

Researchers discovered 5 critical zero-day vulnerabilities (dubbed CDPwn)  in Cisco Discovery Protocol that are used in multiple Cisco products such as Routers, Switches, IP phones, Cameras and more. Cisco Discovery Protocol is also known as CDP is the Cisco proprietary Layer…

Read more →

Choosing the Best Antivirus for Android is the most important concern to protect your Andriod device from sophisticated cyber threats. An antivirus plays a vital part in securing devices from malware infections. It is always safe to have a layer…

Read more →

Just when you think that computers couldn’t get any better, manufacturers pump out new CPU processors that completely change the game. Some of those releases have a lasting impact on the industry as a whole. For example, the Ryzen 3000…

Read more →

Facebook’s social media accounts were taken down temporarily by the OurMine Hacker group on Friday afternoon. The hacker group gained access to the Twitter and Instagram accounts for Facebook and Messenger. The tweets are posted using Khoros. Khoros is an…

Read more →

Nowadays organizations for business reason send and receive vast large of records or some other form in PDF format, which makes a PDF editor essential. PDF documents are intended to look and act the very same way on any device.…

Read more →

A new critical Bluetooth vulnerability discovered in Android Bluetooth system that allows remote attackers silently execute arbitrary code remotely and take the complete device control. Researchers discovered that the vulnerability affected Android Oreo 8.0 to Android Pie 9.0 and there…

Read more →

New cybersecurity research shows that attackers can exfiltrate sensitive information from the air-gapped computers by manipulating the brightness of the screen. The attack was discovered by a team of researchers from Ben-Gurion University of the Negev, Israel. The air-gapped computer…

Read more →

This write-up walks us through one of my many journeys in my external penetration testing and how I compromised the organization in this write-up. After executing security assessments (e.g. Penetration Testing, Red Teaming, etc.), I make it a habit to…

Read more →

A critical vulnerability in WhatsApp Lets hackers read the local file systems and allows to perform cross-site scripting in Mac and Windows platform when the users paired using WhatsApp for iPhone with desktops. The vulnerability affected the WhatsApp Desktop prior…

Read more →

Google admits that Google Photos were accidentally sent some of the user’s videos to strangers due to a “technical issue” between November 21st and November 25th. Google Alerting users via Email notification that they have faced a technical issue in…

Read more →

A researcher from Fortinet discovered a new Android malware via an application called “Treatment for diabetic” that targeting diabetic patients Android devices. It also sends a premium SMS to phone number 5554 in between providing medical information about this condition by…

Read more →

Today’s Cyber security operations center (CSOC) should have everything it needs to mount a competent defense of the ever-changing information technology (IT) enterprise. This includes a vast array of sophisticated detection and prevention technologies, a virtual sea of cyber intelligence…

Read more →

Microsoft launches XBOX Bounty Program, invites gamers, security researchers, and others around the world to find vulnerabilities in the Xbox Live network and services. The rewards for the vulnerability provided based on the impact and the quality of the submission.…

Read more →

Open-source is increasingly prevalent, either as components in software or as entire tools and toolchains. It has become a vital part of DevOps and cloud-native environments and is at the root of many servers and systems. This frequency should make…

Read more →

In 2020 Cybersecurity Predictions, Some entities want to commit such attacks for political reasons or to steal sensitive data. Others do it for the love of malicious mischief. Under the Cybinsolution data reported that there is a cyberattack every 39…

Read more →

In earlier years, everyone depends on SOC (includes firewalls, WAF, SIEM,etc.) and the prioritize in building the SOC provides security and the CIA was maintained. However, later the emerge of the attacks and the threat actors becomes more challenge and…

Read more →

Critical remote code execution and spoofing vulnerabilities that existed in the Microsoft Azure cloud infrastructure allow attackers to remotely exploiting the vulnerability and compromise the Azure cloud servers. Researchers from checkpoint found an Azure Stack Spoofing vulnerability in Azure Stack…

Read more →

Cisco published a security advisory that fixes multiple vulnerabilities with Cisco Small Business Switches. The vulnerabilities allow an unauthenticated remote attacker to access sensitive information with the devices and cause DoS conditions. CVE-2019-15993 – Information Disclosure Vulnerability The vulnerability is…

Read more →

Bryan Connor Herrell, 25, AlphaBay Moderator pleads guilty for his job role in the fraudulent organization. Herrell’s job role is to resolve disputes between vendors and purchasers. The AlphaBay was an illicit market place operated on the darknet, vendors, and…

Read more →

People nowadays rely on the internet for many things, a reason why their privacy should be protected as much as possible. We benefit from free public WIFI which has increased our chances to surf on the internet even when we’re…

Read more →

Kali Linux 2020.1 released with new tools, improvements to theme & kali-undercover, adds Non-Root by default and Kali single installer image. With the release as previously announced, Kali Linux moved to a traditional default non-root user and also announced NetHunter…

Read more →

Nowadays, employees, customers, and stakeholders at all levels are adopting BYOD onboarding practices. Fortunately, it’s entirely possible for companies to restrict network access until clients have been approved. If a user brings a tablet, phablet, laptop, or smartphone from home…

Read more →

Anti-virus software firm Avast reportedly spying hundreds of millions of Users browsing activities including, every click, every purchase you made online, and selling the collected data into various clients that include Home Depot, Google, Microsoft, Pepsi, and McKinsey and many…

Read more →

Aircrack-ng 1.6 released with new features and a lot of improvements with Speed, memory usage and rate display. Aircrack-ng contains a complete set of tools to perform a Wi-Fi network security assessment. The tool focuses on multiple areas of WiFi…

Read more →

3 Indonesia Hackers has been arrested by the Interpol under coordinated cyber operation for hacking hundreds of E-commerce websites using JS-Sniffer Malware. ANF (27), K (35), and N (23) who have resided in Indonesia and running the malicious campaign, and…

Read more →

Malware removal tool is helps to remove the dangerous malware from your personal computer to protect from hackers and prevent future attacks. Today the most essential thing is to have security on your PC or laptop, as you never know…

Read more →

Cisco addressed a critical security vulnerability in Cisco Webex Meetings Suite sites and Online sites that allow an unauthenticated attacker to join password protected private meetings without the meeting password. Cisco Webex technology is a platform to host online meetings…

Read more →

In general, the most secure software is open source. Even old, underfunded open-source security projects can still withstand the onslaught of exploits and invasions by the NSA. Open source has one main advantage over closed-source software: the code is public…

Read more →

Researchers observed new snake ransomware that written in Golang targeting Windows users to encrypt the system files and remove the Volume Shadow Copies that the OS uses for backup. Snake ransomware is a targeted campaign that contains a standard ransomware…

Read more →

PupyRAT is a cross-platform (Windows, Linux, OSX, Android) is a remote administration and post-exploitation tool. It was written in python, acts as a backdoor, allows an attacker to create remote command shells, steal password credentials, log keystrokes, steal files, and…

Read more →

PupyRAT is a cross-platform (Windows, Linux, OSX, Android) is a remote administration and post-exploitation tool. It was written in python, acts as a backdoor, allows an attacker to create remote command shells, steal password credentials, log keystrokes, steal files, and…

Read more →

The Information Security Industry is on high alert because of constant cyber threats and trends than ever before in 2020. Artificial intelligence, cryptocurrency, machine learning, sophisticated cyber-attacks, phishing, malware, viruses, bots, have all caused governments, corporations, and individuals to be…

Read more →

Researchers observed a new variant of Android.Xiny malware with an improved self-defense mechanism. The malware targets only the older versions of the Android devices and gains the complete root access of the vulnerable Android device. It infects Android device version…

Read more →

National Institute of Standard and Technology (NIST) released a Privacy framework for 2020 to improving privacy through enterprise risk management. NIST Privacy Framework is a voluntary tool developed in collaboration with stakeholders intended to help organizations identify and manage privacy…

Read more →

Researchers from Microsoft discovered a new version of PowerShell Based Malware sLoad 2.0 that using Background Intelligent Transfer Service (BITS) for malicious activities to attack Windows systems. Microsoft called this new version as “Starslord” based on strings in the malware…

Read more →

Amazon CEO Jeff Bezos’s phone was hacked with a WhatsApp message (A malicious video file) that had been sent from the personal account of Saudi Arabia crown prince Mohammed bin Salman. According to the Guardian report, a malicious video file…

Read more →

Amazon CEO Jeff Bezos’s phone was hacked with a WhatsApp message that had been sent from the personal account of Saudi Arabia crown prince Mohammed bin Salman. According to the Guardian report, a malicious video file was sent from the…

Read more →

Lack of penetration testing, A recent study found that 33% of businesses have lost customers because of a breach. Not only will this kind of security incident further add to the costs of the potential damages, but it can also…

Read more →

A prolific phishing kit distribution network dubbed “16Shop” believed to be active since 2018 and developed by a hacking group called the “Indonesian Cyber Army.” It’s a huge first attack targeting Apple kits and then attacked Amazon customers before the…

Read more →

Apple now officially dropped plans to let iPhone users have their device backup in an encrypted form in Apple’s iCloud service after the FBI complained. iCloud is an Apple cloud platform that allows Apple users to store and access their photos,…

Read more →

Apple now officially dropped plans to let iPhone users have their device backup in an encrypted form in Apple’s iCloud service after the FBI complained. iCloud is an Apple cloud platform that allows Apple users to store and access their photos,…

Read more →

Researchers discovered a new wave of FTCODE ransomware campaign that steal browsers login credentials and Encrypt files in Windows systems. FTCODE ransomware was first observed in 2013, it uses the Windows PowerShell program to perform file encryption. The ransomware resurfaced…

Read more →

Citrix released permanent fixes for CVE-2019-19781 Flaw in ADC 11.1 and 12.0, which would allow an unauthenticated remote attacker to execute arbitrary code on the vulnerable system. The vulnerability was discovered by Dmitry Serebryannikov from Positive Technologies and the severity…

Read more →

Researchers uncovered a new cloud-based Python RAT “JhoneRAT” that spreading via weaponized MS word document to steal sensitive data from multiple cloud-based services such as Google Drive, Twitter, ImgBB and Google Forms. JhoneRAT python RAT specifically targeting a very specific…

Read more →

Penetration testing & Hacking Tools are more often used by security industries to test the vulnerabilities in network and applications. Here you can find the Comprehensive Penetration testing & Haking Tools list that covers Performing Penetration testing Operation in all the…

Read more →

Microsoft issued a warning about critical IE Zero Day vulnerability that actively exploited in wide and warns millions of Windows users A critical remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in…

Read more →

AI in Cyber attacks — once relegated to flashy movie scenes and TV dramas — are now becoming a part of our everyday lives. Nearly every week, news breaks out about another data breach at a major corporation, and every…

Read more →

Less than a day after Microsoft disclosed one of the most critical Windows vulnerabilities ever, security researchers have published PoC Exploit that explains how attackers can exploit the Windows CryptoAPI Spoofing bug with cryptographically impersonate any website or server on…

Read more →

Researchers discovered 17 malicious Android apps from the Google play store that infects nearly 550,000 Android devices around the world. These malicious app developers added features to hide their presence on the user’s device, and constantly display aggressive ads once…

Read more →

Did you realize that a hack occurs every 39 seconds? One of the most common targets for cyber-criminals attempting to gain access to sensitive information is a business website. The only way to keep your website functional and safe is…

Read more →

Fleeceware apps continue to be a problem on Google Play, these app publishers overcharge users for basic functionality if they don’t cancel the subscription before the trial ends. The app publishers take advantage of the business model in which user…

Read more →

Windows users are recommended to immediately patch the critical Cryptographic vulnerability that existing in the Windows CryptoAPI (Crypt32.dll) that affected Windows cryptographic functionality in Windows 10, client and server. The vulnerability discovered by the National Security Agency (NSA) and confirmed…

Read more →

Researchers discovered a new type of strange malware that targeting android device, and use the victim’s mobiles to provide fake ratings in Google play store apps for malicious apps. You may have seen reviews in Google Play apps that seem…

Read more →

CISA has released a new tool for administrators and users to check for Citrix Application Delivery Controller (ADC) and Citrix Gateway vulnerability. The vulnerability can be tracked as CVE-2019-19781, it allows an unauthenticated remote attacker to execute arbitrary code on…

Read more →

Security researchers from Malwarebytes found pre-installed malware on UMX U683CL handsets. The phones are made under the Lifeline program to low-income consumers for Affordable Communications. Multiple users reported to Malwarebytes that HiddenAds suddenly get installed on their UMX mobile phone,…

Read more →

Amazon fires a number of employees who have leaked customer’s sensitive data such as Email addresses and phone numbers to unauthorized 3rd parties. Amazon disclosed this data leak to its customers via email and said that the actions committed by…

Read more →

Citrix remote code execution vulnerability was published last month, the vulnerability can be tracked as CVE-2019-19781. It may create a serious threat for organizations deployed with Citrix Application Delivery Controller and gateway. An advisory was released by Citrix detailing the…

Read more →

Every year, millions of students go off to college, but not all of them are prepared to take on the challenges of living on their own for the first time. While students likely receive lessons from their parents on basics…

Read more →

The core ingredient of HIPAA objectives is to protect the privacy of medical patients. The medical information of the patients, according to Dash, are safeguarded and against unauthorized parties. So, only those who have the authority can access the information…

Read more →

Researchers discovered as critical vulnerability dubbed Cable Haunt affects cable modems from different manufacturers across the globe. The vulnerability enables a remote attacker to gain complete control over the modem through its endpoint. Successful exploitation allows attackers to intercept private…

Read more →

Researchers spotted active scans targeting Application Delivery Controller and Citrix Gateway to exploit Critical Vulnerability CVE-2019-19781. This vulnerability can be exploited remotely, successful exploitation allows an unauthenticated attacker to perform arbitrary code execution. The vulnerability was discovered by Mikhail Klyuchnikov,…

Read more →

Mozilla released a security update for a critical zero-day vulnerability that affects the Firefox browser and the vulnerability fixed in 72.0.1 and Firefox ESR 68.4.1. The vulnerability affects both Firefox, Firefox ESR and the successful exploitation of the vulnerability could…

Read more →

TikTok is the most popular video-sharing app, it has more than 1.3 billion users worldwide. TikTok in news for the last few months, because of the potential risks embedded within the app. Last December a lawsuit filed stating that “TikTok…

Read more →

The new version of Predator the Thief malware distributed through fake invoice documents aimed to steal sensitive user information. The malware was first observed by Fortinet in July of 2018, the threat actors behind the malware family upgrading it in…

Read more →

TOR is an important, popular, and controversial tool. It is important because Tor network offers the most effective way to surf the web anonymously, and it’s pretty popular – over 2 million people use it daily. At the same time,…

Read more →

Researchers discovered a new evasion technique used by attackers in client-side web skimmer to bypass their conceal their fraudulent activity. Recently, a security researcher revealed a steganography-based credit card skimmer in which they found that the attackers uploads or modifies…

Read more →

Security researchers from Trend Micro observed three malicious apps on Google play that aims to compromise victim’s devices and to steal information. The three apps include “Camero, FileCryptManager & CallCam,” among the three Camero is the one exploits use-after-free vulnerability…

Read more →

DeathRansom – A new ransomware strain that evolves from no encryption to using a combination of encryption algorithms to encrypt files. The ransomware strain observed first in earlier November, it pretends to encrypt files, but it only appends the extension,…

Read more →

Normally, every website you visit is recorded in your browser’s history. Your browser will remember the URLs of websites you regularly visit, files you’ve downloaded, data “cookies” that track your activity on certain sites, what you’ve typed into search engines,…

Read more →

U.S government website agency website hacked by Iran cybersecurity group hackers and posted a revenge message for killing top military commander Qassem Suleimani. The hacker’s group calming to represent the government of Iran and posted a picture with a warning message…

Read more →

Kali Linux announced a new security model for Non-Root Users which is going to be released in kali 2020.1 update, and it is currently scheduled for late January. Kali has initially inherited the default root user policy from BackTrack and…

Read more →

Kali Linux announced a new security model in for Non-Root Users which is going to be released in kali 2020.1 update, and it is currently scheduled for late January. Kali has initially inherited the default root user policy from BackTrack…

Read more →

Cisco released a security update for several vulnerabilities that affected the Cisco products, including 3 critical remote code execution vulnerabilities that affected the Cisco Datacenter Network Manager let attackers take admin privilege remotely. Out of 12 vulnerability, 3 marked as…

Read more →

it’s time for businesses to look back at the year that was with an eye toward cybersecurity trends to expect in 2020. When it comes to the topic of cybersecurity, that look back is likely to be a disturbing one.…

Read more →

Basically, a Best Free Antivirus software is the most essential part of Windows and significant for every Windows PC nowadays since the cyber threat is continuously evolving day by day. As without an Antivirus, you have a risk of losing…

Read more →

BusKill a new laptop kill cord Dead Man Switch for Linux machine to lock, shutdown, or to wipe out the linux machine, in case of theft. The cable dubbed “BusKill” was developed by Linux expert Michael Altfield. It is powered…

Read more →

The U.S. Army announced bans, soldiers from using the most popular iOS, and Android 15-second video app TikTok. Earlier on Dec. 16, the defense system agency recommended all the employees of the defense department not to use the TikTok app.…

Read more →