In 2024, South Korea witnessed an alarming surge in Advanced Persistent Threat (APT) attacks, with the state-sponsored APT37 group emerging as a significant threat actor. Leveraging sophisticated techniques, the group targeted individuals and organizations through malicious Hancom Office HWP documents…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
INDOHAXSEC Hacker Group Allegedly Breaches Malaysia’s National Tuberculosis Registry
The Indonesian hacker group “INDOHAXSEC” has allegedly breached the National Tuberculosis Registry (NTBR) of Malaysia, managed by the Ministry of Health. The group announced their claim via a post on a hacking forum, stirring fears over the safety of sensitive…
Devil-Traff: Emerging Malicious SMS Platform Powering Phishing Attacks
In the ever-evolving landscape of cybercrime, bulk SMS platforms like Devil-Traff have emerged as powerful tools for phishing campaigns, exploiting trust and compromising security on a massive scale. Employees in organizations today face an increasing volume of communications emails, instant…
ChatGPT’s Deep Research Breakthrough Enables Faster-Than-Human Task Handling
OpenAI has introduced “Deep Research,” a cutting-edge feature within ChatGPT that promises to revolutionize the way people handle complex and time-intensive tasks. Designed to synthesize vast amounts of information from the web in mere minutes, Deep Research aims to outperform…
Parrot 6.3 Release, What’s New
The cybersecurity realm received an exciting update this week with the release of Parrot 6.3, the latest version of the Parrot Security operating system. As one of the most trusted Linux distributions tailored for ethical hackers, penetration testers, and security researchers,…
Alibaba Cloud Storage Flaw Exposes Data to Unauthorized Uploads
A significant vulnerability has been discovered in the Alibaba Cloud Object Storage Service (OSS) that allows unauthorized users to upload data, posing critical security risks for organizations relying on this cloud solution. The vulnerability, caused by the misconfiguration of the…
BeyondTrust Zero-Day Breach – 17 SaaS Customers API Key Compromised
BeyondTrust, a leading provider of identity and access management solutions, disclosed a zero-day breach impacting 17 Remote Support SaaS customers. The incident, detected on December 5, 2024, has been linked to the compromise of an infrastructure API key used to…
Microsoft Advertisers Account Hacked Using Malicious Google Ads
Cybersecurity experts have uncovered a sophisticated phishing campaign targeting Microsoft advertising accounts. The attack, orchestrated through malicious Google Ads, aims to steal login credentials of users accessing Microsoft’s advertising platform. This incident highlights the growing risk of malvertising, where cybercriminals…
Cybercriminals Exploit GitHub Infrastructure to Distribute Lumma Stealer
In a recent investigation, Trend Micro’s Managed XDR team identified a sophisticated malware campaign exploiting GitHub’s release infrastructure to distribute Lumma Stealer, along with SectopRAT, Vidar, and Cobeacon malware. This campaign underscores the evolving tactics of attackers leveraging trusted platforms…
Google Blocks 2.28 Million Malicious Apps from Play Store in Security Crackdown
In a continued commitment to enhancing user safety and trust, Google has outlined significant strides made in 2023 to mitigate malicious activities across the Android ecosystem. Guided by the SAFE principles Safeguard Users, Advocate for Developer Protection, Foster Responsible Innovation,…
Researchers Launch Open-Source UEFI Memory Forensics Framework to Counter Advanced Bootkits
A team of researchers from Ben Gurion University of the Negev has pioneered a novel memory forensics framework for analyzing Unified Extensible Firmware Interface (UEFI) memory during the pre-operating system (pre-OS) phase. Their study, published on January 28, 2025, introduces…
New ‘SHIELD’ Platform Leverages FPGA and Off-Host Monitoring to Tackle Advanced Ransomware Threats
In a significant advancement against increasingly sophisticated ransomware threats, researchers from NYU Tandon School of Engineering have introduced SHIELD (Secure Host-Independent Extensible Logging), an innovative detection architecture. This system leverages hardware-level, tamper-proof metrics for real-time ransomware identification. By operating independently…
Windows COM Object Vulnerability Enables Remote Code Execution for System Takeover
A critical bug class termed “trapped object” has been identified by Google’s Project Zero team. This vulnerability primarily arises from improper use of object-oriented remoting technologies like DCOM and .NET Remoting, which facilitate cross-process and cross-security boundary services. These systems,…
DeepSeek’s Evolving Tactics Amplify the Fraud and Phishing Threat
The rapid growth of Chinese artificial intelligence firm DeepSeek is drawing attention not just for its technological advancements but also for an alarming increase in cyber threats capitalizing on its success. Cyble Research and Intelligence Labs (CRIL) has uncovered multiple…
GitHub Copilot Vulnerability Exploited to Train Malicious AI Models
GitHub Copilot, the popular AI-powered code-completion tool, has come under scrutiny after Apex Security’s research unveiled two major vulnerabilities. The findings highlight weaknesses in AI safeguards, including an “affirmation jailbreak” that destabilizes ethical boundaries and a loophole in proxy settings,…
Coyote Banking Malware: Abusing Windows LNK Files to Deploy Malicious Scripts
A sophisticated cyberattack campaign involving the Coyote Banking Trojan has been discovered by FortiGuard Labs, with Microsoft Windows users, particularly in Brazil, as its primary targets. The attack utilizes malicious LNK (shortcut) files embedded with PowerShell commands to execute staged…
CRLF Injection Vulnerabilities Identified in Popular .NET Libraries RestSharp and Refit
Security researchers have uncovered critical CRLF (Carriage Return Line Feed) injection vulnerabilities in two widely used .NET libraries, RestSharp and Refit. These flaws, which allow attackers to manipulate HTTP headers and potentially execute HTTP request splitting, have been assigned CVE-2024-45302 for RestSharp and…
New York Blood Center Targeted by Ransomware, IT Operations Impacted
New York Blood Center Enterprises (NYBC), one of the nation’s largest blood donation and research organizations, has fallen victim to a ransomware attack, severely disrupting its IT systems. The incident, which was detected on Sunday, January 26, has triggered swift…
Authorities Seized 39 Websites that Selling Hacking Tools to Launch Cyber Attacks
Authorities have seized 39 websites allegedly used to sell hacking tools and fraud-enabling software. The crackdown targeted a Pakistan-based network of online marketplaces operated by a group known as Saim Raza (aka HeartSender), which allegedly facilitated cyberattacks on individuals and businesses worldwide. The…
Yeti Forensic Platform Vulnerability Allows Attackers to Execute Remote Code
A critical security flaw has been identified in the popular Yeti Forensic Intelligence platform, exposing its users to unauthenticated remote code execution (RCE) attacks. Two vulnerabilities designated CVE-2024-46507 and CVE-2024-46508, affect versions 2.0 to 2.1.11 of the Yeti platform, posing significant risks…