The realm of fault injection attacks has long intrigued researchers and security professionals. Among these, single-bit fault injection, a technique that seeks to manipulate a single bit in a system, has often been considered elusive, akin to chasing a “unicorn.”…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Preventing Attackers from Permanently Deleting Entra ID Accounts with Protected Actions
Microsoft Entra ID has introduced a robust mechanism called protected actions to mitigate the risks associated with unauthorized hard deletions of user accounts. This feature, which integrates with Conditional Access policies, adds an additional layer of security to critical administrative…
OpenAI Developing Its Own Chip to Reduce Reliance on Nvidia
OpenAI, the organization behind ChatGPT and other advanced AI tools, is making significant strides in its efforts to reduce its dependency on Nvidia by developing its first in-house artificial intelligence chip. According to the source, OpenAI is finalizing the design…
New York Bans DeepSeek Over Potential Data Risks
New York Governor Kathy Hochul announced that the state has banned the use of the China-based AI startup DeepSeek on government-issued devices and networks. The decision stems from escalating concerns over potential foreign surveillance and censorship risks associated with the…
EARLYCROW: Detecting APT Malware Command and Control Activities Over HTTPS
Advanced Persistent Threats (APTs) represent a sophisticated and stealthy category of cyberattacks targeting critical organizations globally. Unlike common malware, APTs employ evasive tactics, techniques, and procedures (TTPs) to remain undetected for extended periods. Their command-and-control (C&C) communications often mimic legitimate…
Hackers Exploit Valentine’s Day Domains for Sneaky Cyber Attacks
Cybercriminals are capitalizing on the season of love to launch sneaky and deceptive cyberattacks. According to the whoisxmlapi shared on the X, there has been a surge in the registration of Valentine’s Day-themed domains, many of which are likely being…
SolarWinds Improves Web Help Desk in Latest 12.8.5 Update
SolarWinds announced the release of Web Help Desk (WHD) version 12.8.5, unveiling a host of new features, updates, and fixes aimed at streamlining IT service management and enhancing security. The update brings significant enhancements to the Purchase Order (PO) section,…
Akira Ransomware Dominates January 2025 as the Most Active Ransomware Threat
January 2025 marked a pivotal month in the ransomware landscape, with Akira emerging as the most active and dominant threat actor. The group was responsible for 72 attacks globally, a 60% surge compared to previous months, underscoring its aggressive expansion…
Enhanced IllusionCAPTCHA: Advanced Protection Against AI-Powered CAPTCHA Attacks
As AI technologies continue to evolve, traditional CAPTCHA systems face increasing vulnerabilities. Recent studies reveal that advanced AI models, such as multimodal large language models (LLMs), can bypass many existing CAPTCHA mechanisms with alarming efficiency. To address this challenge, researchers…
Evil Crow RF Tool Transforms Smartphones into Powerful RF Hacking Devices
Innovative tools are continually appearing to enhance the capabilities of professionals and enthusiasts alike. One new entrant into the world of radio frequency (RF) tools is the Evil Crow RF V2, a compact device that transforms your smartphone into a powerful…
FinStealer Malware Targets Leading Indian Bank’s Mobile Users, Stealing Login Credentials
A new cybersecurity threat has emerged, targeting customers of a prominent Indian bank through fraudulent mobile applications. Dubbed “FinStealer,” this malware campaign employs advanced techniques to steal sensitive financial and personal information, including banking credentials, credit card details, and other…
Massive Facebook Phishing Attack Targets Hundreds of Companies for Credential Theft
A newly discovered phishing campaign targeting Facebook users has been identified by researchers at Check Point Software Technologies. The attack, which began in late December 2024, has already reached over 12,279 email addresses and impacted hundreds of companies globally. The…
Gcore Radar Report Reveals 56% Year-on-year Increase in DDoS Attacks
Gcore, the global provider of edge AI, cloud, network, and security solutions has released its Q3-Q4 2024 Radar report on DDoS attack trends. The findings highlight a dramatic surge in the scale and impact of DDoS attacks, which have reached…
DeepSeek Accused of Over-Collecting Personal Data, Says South Korea’s Spy Agency
South Korea’s National Intelligence Service (NIS) has raised alarms over the Chinese artificial intelligence app, DeepSeek, accusing it of “excessively” collecting personal data from users and utilizing all input data to train its AI models. The NIS also scrutinized the…
Researchers Found North Korean Hackers Advanced Tactics, techniques, and procedures
Recent research has highlighted the increasingly sophisticated tactics, techniques, and procedures (TTPs) employed by North Korean state-sponsored hackers. These cyber actors have demonstrated a strategic focus on espionage, financial theft, and disruption, targeting a broad range of sectors globally. Their…
Critical Flaw in Progress LoadMaster Allows Attackers to Execute System Commands
A series of critical security vulnerabilities have been identified in Progress Software’s LoadMaster application, potentially allowing remote attackers to execute system commands or access sensitive files. CVE-2024-56131, CVE-2024-56132, CVE-2024-56133, CVE-2024-56134, and CVE-2024-56135, affect all current versions of LoadMaster, including Multi-Tenant LoadMaster (MT) deployments, prompting an…
Authorities Seize 8Base Ransomware Dark Web Site, Arrest Four Key Operators
Thai authorities arrested four European hackers in Phuket on February 10, 2025, for their alleged involvement in ransomware operations that inflicted global losses exceeding $16 million. The arrests, part of the multinational “Operation PHOBOS AETOR,” were executed in collaboration with…
12,000+ KerioControl Firewalls Exposed to 1-Click RCE Attack
Cybersecurity researchers caution that over 12,000 instances of GFI KerioControl firewalls remain unpatched and vulnerable to a critical security flaw (CVE-2024-52875) that could be exploited for remote code execution (RCE) with minimal effort. The Shadowserver Foundation has been tracking this…
Apple iOS 0-day Vulnerability Exploited Wild in Extremely Sophisticated Attack
Apple has released emergency security updates to address a zero-day vulnerability, CVE-2025-24200, that has been actively exploited in targeted attacks against iPhone and iPad users. The vulnerability allows attackers to disable USB Restricted Mode on a locked device, potentially granting…
New Report of of 1M+ Malware Samples Show Application Layer Abused for Stealthy C2
A recent analysis of over one million malware samples by Picus Security has revealed a growing trend in the exploitation of application layer protocols for stealthy command-and-control (C2) operations. These findings, detailed in the Red Report 2025, underscore the increasing…