Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

FIN7 (aka Carbon Spider, ELBRUS, Sangria Tempest) is a Russian APT group that is primarily known for targeting the U.S. retail, restaurant, and hospitality sectors since mid-2015.  In their attacks, the FIN7 group primarily uses several tactics and techniques like…

Read more →

The Lazarus Group is one of the most notorious hacker groups linked to the North Korean government. The group is known for its cyberattacks and has been active since 2010.  However, Group-IB cyber security researchers recently discovered that Lazarus was actively…

Read more →

Earth Lusca is a suspected China-based cyber espionage group active since at least April 2019. Besides this, hackers often target Windows and Linux machines primarily due to their widespread use and potential for financial gain. Trend Micro security experts recently…

Read more →

Web3 and DeFi have been appealing to many threat actors, and there has been a significant boost in heists that have become larger than any they have experienced in more traditional finance. Mandiant’s investigation into the 2016 Bangladesh Bank heist…

Read more →

Multiple critical vulnerabilities have been identified in Veeam Backup & Replication, a widely-used data protection and disaster recovery solution. These vulnerabilities, discovered during internal testing, pose serious risks, including remote code execution (RCE), privilege escalation, and data interception. The issues…

Read more →

The Tor Project has unveiled Tor Browser 13.5.3, a significant update that brings crucial security enhancements and usability improvements. This latest version is now available for download from the official Tor Browser website and distribution directory. Important security updates to…

Read more →

Cisco has issued a security advisory (Advisory ID: cisco-sa-cslu-7gHMzWmw) regarding critical vulnerabilities in the Cisco Smart Licensing Utility. These vulnerabilities could allow unauthenticated, remote attackers to gain administrative control over affected systems. The advisory was first published on September 4,…

Read more →

Emansrepo, a Python infostealer, is distributed via phishing emails containing fake purchase orders and invoices, where the attacker initially sent a phishing email with an HTML file redirecting to the Emansrepo download link.  In recent months, the attack flow has…

Read more →

Secure elements consist mainly of tiny microcontrollers, which provide service by generating and storing secrets and performing cryptographic operations. Thomas Roche of NinjaLab finds a major security flaw in the crypto library of Infineon Technologies affecting a diverse range of…

Read more →

ToddyCat is an APT group that has been active since December 2020, and primarily it targets the government and military entities in Europe and Asia.  The group is known for its sophisticated cyber-espionage tactics and has been involved in multiple…

Read more →

Halliburton Company has confirmed that a cyber attack led to unauthorized access and data theft from its systems. The incident, which came to light on August 21, 2024, has prompted the company to initiate a comprehensive cybersecurity response plan. Immediate…

Read more →

Microsoft released several patches for multiple vulnerabilities during the Patch Tuesday for August 2024. One of the vulnerabilities listed by Microsoft was the CVE-2024-38106. This vulnerability is associated with Windows Kernel Privilege Escalation affecting multiple Microsoft Windows OSes including Windows…

Read more →

Google has released a patch addressing a critical zero-day vulnerability that has been actively exploited. This vulnerability, CVE-2024-32896, is a privilege escalation flaw within the Android Framework component. The patch, part of the Android Security Bulletin for September 2024, underscores…

Read more →

The FBI has issued a stark warning to cryptocurrency companies, highlighting increased sophisticated cyberattacks orchestrated by North Korean hackers. These attacks, primarily targeting employees within the decentralized finance (DeFi) and cryptocurrency sectors, are part of a broader strategy to steal…

Read more →

A new malicious software named “Fury Stealer” has been detected, posing a significant threat to online security. The malware, created by an unidentified threat actor, is designed to steal sensitive information, including login passwords, from unsuspecting victims. Cybersecurity analyst MonThreat…

Read more →

The D-Link DAP-2310 Wireless Access Point (WAP) has been identified as vulnerable to remote code execution (RCE). Dark Wolf Solutions discovered this vulnerability, which seriously threatens users by allowing attackers to gain unauthorized remote access. This guide delves into the…

Read more →

Cyble Research & Intelligence Labs has recently found information about a new type of malware-as-a-service (MaaS) called ‘ManticoraLoader’ in some underground forums. Since August 8, 2024, on forums and Telegram, this MaaS service has been offered by the threat group…

Read more →

The FTC has ordered Verkada to implement a comprehensive information security program to address its lax security practices that allowed a hacker to compromise customer security cameras.  Verkada will pay a $2.95 million fine for violating the CAN-SPAM Act by…

Read more →

Microsoft identified a new custom multi-stage backdoor, “Tickler,” deployed by the Iranian state-sponsored threat actor Peach Sandstorm between April and July 2024.  Targeting sectors like satellite, communications equipment, oil and gas, and government, Tickler has been used to gather intelligence.…

Read more →

Microsoft has identified a North Korean threat actor, Citrine Sleet, exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution on cryptocurrency targets.  The threat actor deployed the FudModule rootkit, previously attributed to Diamond Sleet, suggesting potential shared…

Read more →