Microsoft has announced that it is currently blocking an astounding 7,000 password attacks every second, nearly double the rate from just a year ago. This surge in cyber threats underscores the urgent need for more robust authentication methods, with passkeys…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
New Research Uncovered Dark Internet Service Providers Used For Hacking
Bulletproof hosting services, a type of dark internet service provider, offer infrastructure to cybercriminals, facilitating malicious activities like malware distribution, hacking attacks, fraudulent websites, and spam. These services evade legal scrutiny, posing a significant challenge to global cybersecurity. Understanding and…
New Android Banking Malware Attacking Indian Banks To Steal Login Credentials
Researchers have discovered a new Android banking trojan targeting Indian users, and this malware disguises itself as essential utility services to trick users into providing sensitive information. The malware has already compromised 419 devices, intercepted 4,918 SMS messages, and stolen…
Reyee OS IoT Devices Compromised: Over-The-Air Attack Bypasses Wi-Fi Logins
Researchers discovered multiple vulnerabilities in Ruijie Networks’ cloud-connected devices. By exploiting these vulnerabilities, attackers can remotely compromise access points, gain unauthorized access to internal networks, and execute arbitrary code on affected devices. The “Open Sesame” attack demonstrates a practical scenario…
Over 300,000 Prometheus Servers Vulnerable to DoS Attacks Due to RepoJacking Exploit
The research identified vulnerabilities in Prometheus, including information disclosure from exposed servers, DoS risks from pprof endpoints, and potential code execution threats, which could lead to data breaches, system outages, and unauthorized access. Vulnerable Prometheus servers are exposed to internet…
Nigerian National Extradited to Nebraska for Wire Fraud Charges
United States Attorney Susan Lehr announced the extradition of Abiola Kayode, 37, from Nigeria to the District of Nebraska. The extradition follows a Conspiracy to Commit Wire Fraud indictment filed against Kayode in August 2019. This case highlights international cooperation…
Dell Security Update, Patch for Multiple Critical Vulnerabilities
Dell Technologies has released a security advisory addressing multiple critical vulnerabilities that could expose affected systems to exploitation by malicious actors. Customers are strongly encouraged to review the findings and update their systems accordingly. This update includes remediation for two…
CISA Issues 10 New Advisories on Industrial Control System Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has issued ten critical advisories, highlighting vulnerabilities across Siemens’ industrial products. Released on December 12, 2024, these advisories expose multiple flaws in Siemens’ hardware and software platforms critical to industrial control systems (ICS).…
FBI Seizes Rydox Marketplace, Arrests Key Administrators
The Federal Bureau of Investigation (FBI) announced the seizure of Rydox, an illicit online marketplace that facilitated the buying and selling of stolen personal information and cybercrime tools. Alongside the crackdown, law enforcement arrested three key administrators linked to the…
MITRE ATT&CK Evaluation Results 2024 – Cynet Became a Leader With 100% Detection & Protection
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders is to keep IT environments up and running. To guard against cyber threats and prevent data breaches, it’s vital to understand the current cybersecurity vendor…
Antidot Malware Attacking Employees Android Devices To Inject Malicious Payloads
Researchers discovered a new variant of the AntiDot banking trojan targeting Android mobile devices through a mobile-phishing (mishing) campaign, where this variant builds upon the version identified by Cyble in May 2024. The attackers leverage social engineering tactics, posing as…
New Chinese Surveillance Tool Attack Android Users Since 2017
Wuhan Chinasoft Token Information Technology Co., Ltd. developed EagleMsgSpy, a surveillance tool operational since 2017, which, installed as an APK, secretly collects extensive user data, including chat messages, screen recordings, audio, call logs, contacts, SMS, location, and network activity. Because…
Malicious ESLint Package Let Attackers Steal Data And Inject Remote Code
Cybercriminals exploited typosquatting to deploy a malicious npm package, `@typescript_eslinter/eslint`, targeting developers seeking the legitimate TypeScript ESLint plugin, which was designed to mimic the genuine plugin, compromised systems by monitoring keystrokes, clipboard data, and executing remote commands. They leveraged a…
Triad Nexus, Chinese Hackers Using 200,000 Domains For Widespread Cyber Attack
Researchers identified FUNNULL, a Chinese CDN, as hosting malicious content, which includes fake trading apps for financial fraud, gambling sites likely used for money laundering, and phishing login pages targeting luxury brands. The gambling sites use algorithmically generated domains and…
ConvoC2 – A Red Teamers Tool To Execute Commands on Hacked Hosts Via Microsoft Teams
A stealthy Command-and-Control (C2) infrastructure Red Team tool named ConvoC2 showcases how cyber attackers can exploit Microsoft Teams to execute system commands on compromised hosts remotely. This innovative project, designed with Red Team operations in mind, uses Teams messages for…
Cleo 0-day Vulnerability Exploited to Deploy Malichus Malware
Cybersecurity researchers have uncovered a sophisticated exploitation campaign involving a zero-day (0-day) vulnerability in Cleo file transfer software platforms. This campaign has been used to deliver a newly identified malware family, now dubbed “Malichus.” The threat, recently analyzed by Huntress…
GitLab Security Update, Patch for Critical Vulnerabilities
GitLab announced the release of critical security patches for its Community Edition (CE) and Enterprise Edition (EE). The newly released versions 17.6.2, 17.5.4, and 17.4.6 address several high-severity vulnerabilities, and GitLab strongly recommends that all self-managed installations be upgraded immediately.…
BadRAM Attack Breaches AMD Secure VMs with $10 Device
Researchers have uncovered a vulnerability that allows attackers to compromise AMD’s Secure Encrypted Virtualization (SEV) technology using a $10 device. This breakthrough exposes a previously underexplored weakness in memory module security, specifically in cloud computing environments where SEV is widely…
Splunk RCE Vulnerability Let Attackers Execute Remote Code
Splunk, the data analysis and monitoring platform, is grappling with a Remote Code Execution (RCE) vulnerability. This flaw, identified as CVE-2024-53247, affects several versions of Splunk Enterprise and the Splunk Secure Gateway app on the Splunk Cloud Platform. The vulnerability…
Europol Shutsdown 27 DDoS Service Provider Platforms
In a major international operation codenamed “PowerOFF,” Europol, collaborating with law enforcement agencies across 15 countries, has taken down 27 illegal platforms facilitating Distributed Denial-of-Service (DDoS) attacks. This takedown marks a significant blow to the cybercrime industry, disrupting one of…