Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

San Francisco, CA – OpenAI has announced the launch of SearchGPT, a groundbreaking prototype designed to revolutionize how users search for information online. This innovative tool combines the advanced capabilities of OpenAI’s AI models with real-time web data to provide…

Read more →

Play Ransomware and LockBit Ransomware have reportedly allied to enhance their capabilities in launching cyber attacks. This collaboration, which involves a significant financial transaction and training exchange, has raised alarms among cybersecurity experts and organizations worldwide. Financial Transaction and Training…

Read more →

A hacktivist entity known as USDoD has asserted that it has leaked CrowdStrike’s “entire threat actor list” and claims to possess the company’s “entire IOC [indicators of compromise] list,” which purportedly contains over 250 million data points. Details of the…

Read more →

Google Chrome has introduced a revamped download experience with comprehensive warnings about potentially malicious files. This update is part of Chrome’s ongoing effort to keep users secure while interacting with downloaded content. Last year, Google Chrome unveiled a redesigned downloads…

Read more →

Researchers have uncovered a vulnerability in Microsoft’s Windows Hello for Business (WHfB) that allows attackers to bypass its robust authentication mechanism. This flaw, which downgrades the authentication process to a less secure method, has raised concerns about the security of…

Read more →

Cybersecurity experts have uncovered a sophisticated variant of the LummaC2 malware that leverages the popular Steam gaming platform as a Command-and-Control (C2) server. This new tactic marks a significant evolution in the malware’s distribution and operational mechanisms, posing a heightened…

Read more →

Several prominent Russian bank clients experienced issues with their mobile apps and websites. According to Downdetector, complaints began to surge around 09:30 Moscow time. The affected banks included Gazprombank, Alfa-Bank, VTB, and Rosbank. By midday, Post Bank clients also reported…

Read more →

A rudimentary ransomware targets Turkish businesses through phishing emails with “.ru” domain sender addresses. Clicking a PDF attachment’s link triggers downloading a malicious executable from a compromised GitHub account.  The executable encrypts crucial files with the “.shadowroot” extension, highlighting a…

Read more →

A significant vulnerability was discovered in BlueStacks, the world’s fastest Android emulator and cloud gaming platform. When used against a victim, this gives attackers complete access to the machine. The American technology business BlueStacks, also known as BlueStacks by now.gg,…

Read more →

Shared frameworks are often prone to hackers’ abuses as they have been built into various applications, which offer a range of systems that can be exploited at the same time. By attacking shared framework vulnerabilities, hackers can get into many…

Read more →

Malicious Python packages uploaded by “dsfsdfds” to PyPI infiltrated user systems by exfiltrating sensitive data to a Telegram bot likely linked to Iraqi cybercriminals.  Active since 2022 and containing more than 90,000 Arabic messages, it has functioned as both a…

Read more →

Despite having simple gameplay, the new Telegram clicker game Hamster Kombat has become very well-liked among gamers who use cryptocurrencies because of the potential rewards of a brand-new cryptocoin that the developers intend to launch.  The game’s success has spawned…

Read more →

BreachForumsV1, a notorious online platform for facilitating illegal activities, has reportedly suffered a massive data breach. According to a recent post on X by DailyDarkWeb, the database of BreachForumsV1 has been leaked, exposing a treasure trove of sensitive information. The…

Read more →

Google has unveiled the latest version of its Chrome browser, Chrome 127, which is now available on the Stable channel. The update, identified as version 127.0.6533.72/73 for Windows and Mac, and 127.0.6533.72 for Linux, will be rolled out over the…

Read more →

As enterprises increasingly migrate their workloads to cloud infrastructure, the need for robust security measures becomes more pressing. Unlike traditional data centers, cloud environments offer business agility at a reduced cost, making them attractive targets for cybercriminals. Defending cloud infrastructure,…

Read more →

A massive breach in cybersecurity has occurred at Leidos Holdings Inc., which is a key provider of information technology services to the United States government. Hackers have released internal information, which has raised significant worries regarding the safety of sensitive…

Read more →

Threat actors often attack cloud services for several illicit purposes. Google Cloud is targeted due to its extensive and powerful resources, which could be abused for a multitude of malicious activities. The vast amounts of data and computing power that…

Read more →

Threat actors often attack dating apps to steal personal data, including sensitive data and location details, which can be used in identity theft, blackmailing people, or other malicious activities. Since these applications are a goldmine of personal experiences and chats,…

Read more →

The United States has designated Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, two members of the Russian hacktivist group Cyber Army of Russia Reborn (CARR), for their roles in cyber operations targeting U.S. critical infrastructure. Pankratova, the group’s leader, and…

Read more →

Threat actors have been found exploiting a recently discovered bug in CrowdStrike’s software that causes a Blue Screen of Death (BSOD) on affected systems. This vulnerability has given cybercriminals a unique opportunity to spread malware, posing significant risks to users…

Read more →

The National Crime Agency (NCA) has successfully infiltrated and dismantled one of the most notorious Distributed Denial of Service (DDoS) for hire services, digitalstress.su. This criminal marketplace, responsible for tens of thousands of attacks weekly worldwide, was taken down through…

Read more →

A new Linux variant of Play ransomware targets VMware ESXi environments, which encrypts virtual machine files and appends the “.PLAY” extension by leveraging obfuscation techniques to bypass detection and is compressed with a Windows variant in a RAR archive.  It…

Read more →

SonicWall has disclosed a critical heap-based buffer overflow vulnerability in its SonicOS IPSec VPN. This flaw, identified as CVE-2024-40764, can potentially allow unauthenticated, remote attackers to cause a Denial of Service (DoS) condition. The vulnerability has been rated with a…

Read more →

Hackers often register new domains for phishing attacks, spreading malware, and other deceitful activities.  Such domains are capable of pretending to be trusted entities, which helps to make individuals disclose their sensitive details or download harmful content. Cybersecurity researchers at…

Read more →

Daikin, the world’s largest air conditioner manufacturer, has become the latest target of the notorious Meow hacking group. The USA branch of Daikin has been listed as a victim, with hackers demanding a ransom of $40,000. The incident has raised…

Read more →

There are 3,664 emojis that can be used to express emotions, ideas, or objects in digital communication. While seemingly harmless, criminals are increasingly exploiting emojis for covert communication in illegal activities. This allows them to conduct transactions and target victims…

Read more →

SocGholish malware, also known as FakeUpdates, has exhibited new behavior since July 4th, 2024, as the infection chain still begins with a compromised website prompting a fake browser update.  Downloading the update triggers malicious code that fetches additional malware. Unlike…

Read more →

The Identity Theft Resource Center® (ITRC), a nationally recognized nonprofit organization established to support identity crime victims, released its U.S. data breach findings for the second quarter (Q2) and the first half (H1) of 2024. The results are staggering, revealing…

Read more →

UK police have arrested a 17-year-old boy from Walsall in connection with a notorious cyber hacking group. This group has targeted significant organizations worldwide, including MGM Resorts in the United States, with sophisticated ransomware attacks. Arrest Made in Coordinated Effort…

Read more →

A significant data breach has been reported by a threat actor known as ‘Hana,’ who claims to have compromised the personal information of 453,646 users of Dettol India. The breach was announced via a post on the social media platform…

Read more →

A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users, leading to widespread reports of Blue Screen of Death (BSOD) errors. The issue, affecting multiple versions of the company’s sensor software, has prompted urgent investigations and…

Read more →

A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users, leading to widespread reports of Blue Screen of Death (BSOD) errors. The issue, affecting multiple versions of the company’s sensor software, has prompted urgent investigations and…

Read more →

Chainalysis has launched Operation Spincaster, an initiative to disrupt approval phishing scams that have drained billions from victims’ wallets. This operation, which brings together public and private sectors, has yielded promising results and offers a blueprint for future anti-fraud efforts.…

Read more →

Meeting apps are often targeted and turned into weapons by hackers as they are largely employed for communication and collaboration, frequently carrying sensitive data and user groups that are wide.  Such platforms gain trust among their users as of their…

Read more →

Hackers exploit open-source tools to execute attacks because they are readily available, well-documented, and often have extensive community support, making them easy to modify and deploy.  Besides this, open-source tools can be customized to evade detection, automate tasks, and leverage…

Read more →

Threat actors often attack VMware ESXi servers since they accommodate many virtual machines, which link to a variety of systems via one breach.  Compromising an ESXi server can bring the targeted services down. Additionally, valuable resources and data are stored…

Read more →

Meeting apps are often targeted and turned into weapons by hackers as they are largely employed for communication and collaboration, frequently carrying sensitive data and user groups that are wide.  Such platforms gain trust among their users as of their…

Read more →

Since October 2023, MuddyWater, which is an Iranian threat group linked to MOIS, has escalated its phishing campaigns in Middle East countries, specifically Israel. In their approach, they use already compromised email accounts to spread malicious content across various sectors.…

Read more →

HTTP Request Smuggling is a flaw in web security that is derived from variations in the way different web servers or intermediaries, such as load balancers and proxies handle HTTP request sequences. By creating malicious HTTP requests that exploit these…

Read more →

Researchers at Bitdefender Labs remain ever-vigilant, informing users about the latest scams and internet perils that threaten their security and finances. The latest discovery involves cybercriminals exploiting an alleged assassination attempt on former US President Donald Trump to conduct extensive…

Read more →

The Volcano Demon group has been discovered spreading a new ransomware called LukaLocker, which targets Idealease Inc., a truck leasing company. The malware targets several security, monitoring, and backup services, including antivirus software like Trend Micro, Malware Bytes, Sophos, and…

Read more →

Quick take: Resonance, a full-spectrum cybersecurity firm building security solutions for Web2 and Web3 apps has launched Harmony. The asset monitoring tool allows IT teams, organisations, startups and entrepreneurs to make strong detective and preventive measures accessible at any technical…

Read more →

Phishing attacks are becoming increasingly sophisticated, and the latest strategy targeting employees highlights this evolution. This new phishing attempt impersonates a company’s Human Resources (HR) department, presenting a significant threat to corporate security. In this article, we’ll dissect the recent…

Read more →

MirrorFace threat actors have been targeting media, political organizations, and academic institutions since 2022, shifting focus to manufacturers and research institutions in 2023.  The attack method evolved from spear phishing to exploiting vulnerabilities in external assets, specifically in Array AG…

Read more →

In 2022, HardBit Ransomware emerged as version 4.0. Unlike typical ransomware groups, this ransomware doesn’t use leak sites or double extortion. Their tactics include data theft, encryption, and ransom requests with threats of other attacks. Cybersecurity researchers at Cybereason identified…

Read more →

X-Labs identified basic ransomware targeting Turkish businesses, delivered via PDF attachments in suspicious emails from the internet[.]ru domain.  PDF links trigger exe payload downloads, which encrypt files with the “.shadowroot” extension, which is actively compromising various global organizations, including healthcare…

Read more →

The hackers weaponize 7zip files to pass through security measures and deliver malware effectively. These archived files can hide malicious content, which makes it more difficult for antivirus programs to identify threats. In early 2024, Cofense researchers discovered a new…

Read more →

Cyble Research & Intelligence Labs (CRIL) researchers have identified a cyber threat targeting the upcoming Paris Olympics. On June 23, 2024, a Russian hacktivist group known as the “People’s Cyber Army” (Народная Cyber Армия) and their allies, HackNeT, announced their…

Read more →

A critical vulnerability has been discovered in the Cellopoint Secure Email Gateway, identified as CVE-2024-6744. This flaw assigned a CVSS score of 9.8, poses a severe risk to organizations using this email security solution. CVE-2024-6744: A Critical Vulnerability According to…

Read more →

A Houthi-aligned group has been deploying Android surveillanceware called GuardZoo since October 2019 to target military personnel in the Middle East by leveraging social engineering tactics and using military-themed lures to trick victims into downloading the malware.  Based on a…

Read more →

The Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS) announced today that major retail banks will phase out the use of One-Time Passwords (OTPs) for bank account logins within the next three months. This change…

Read more →

Hackers often target NuGet as it’s a popular package manager for .NET, which developers widely use to share and consume reusable code.  Threat actors can distribute malicious code to many projects by compromising the NuGet packages. In August 2023, ReversingLabs…

Read more →

ViperSoftX is an advanced malware that has become more complicated since its recognition in 2020, to the extent that eBooks are used on Torrent sites to spread across systems.  Unlike other kinds of malware developers who mainly focus on developing…

Read more →

Airlines often become the target of hackers as they contain sensitive personal and financial details of passengers as well as travel schedules and loyalty programs. Since airlines are attractive to threat actors, disrupting their operations can be quite damaging to…

Read more →

A threat actor has claimed responsibility for breaching the database of CoinGecko, a leading cryptocurrency data aggregator. The alleged breach has reportedly compromised 1.9 million email addresses, raising significant concerns about data security in the cryptocurrency industry. The Alleged Breach…

Read more →

EBooks are popular, and their popularity lucrative threat actors the most, as they are widely shared digital assets that can easily circumvent security measures.  Threat actors exploit users’ trust in seemingly harmless documents by embedding malware in eBook files or…

Read more →

DarkGate, a Malware-as-a-Service (MaaS) platform, experienced a surge in activity since September 2023, employing various distribution methods, including email attachments, malicious ads, and compromised Samba shares.  Initially a human-operated command-and-control infrastructure, DarkGate has evolved into a versatile tool offering remote…

Read more →

mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing the sensitive information of millions of its customers. The breach, which Brainstack, mSpy’s parent company, has not publicly acknowledged, has raised serious concerns about spyware applications’…

Read more →

RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has recently been the victim of a cyber attack. The breach, which occurred on April 14, 2024, was discovered on June 10, 2024, and has compromised the…

Read more →

Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery, dubbed the “ClickFix” infection chain. This novel attack strategy leverages advanced social engineering techniques to manipulate unsuspecting users into executing malicious scripts, leading to severe security…

Read more →

Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept and modify transactions, allowing hackers to drain bank accounts or make unauthorized purchases. BlackBerry cybersecurity researchers recently detected that the Coyote banking trojan has been actively…

Read more →

As the world eagerly anticipates the Olympic Games Paris 2024, a cybersecurity threat has emerged, targeting fans and attendees. Cybersecurity firm QuoIntelligence has uncovered a sophisticated fraudulent campaign involving over 700 fake domains designed to sell counterfeit tickets for the…

Read more →

The Japan Aerospace Exploration Agency (JAXA) has revealed details of a cybersecurity incident that occurred last year, involving unauthorized access to its internal servers. The breach, detected in October 2023, has prompted JAXA to implement robust countermeasures to prevent future…

Read more →

Active Directory Management Tools are essential for IT administrators to manage and secure Active Directory (AD) environments efficiently. These tools streamline tasks such as user and group management, permissions assignment, and policy enforcement, ensuring the AD infrastructure remains organized and…

Read more →

Ransomware-as-a-service (RaaS) has evolved into sophisticated enterprise-like model. From 2022 to 2023, ransomware programs advertised on the dark web increased by half, with 27 ads identified. The RAMP forum was made the main hub of hiring for ransomware. Attacks published…

Read more →

Google has announced the integration of passkeys into its Advanced Protection Program (APP). This development aims to provide an easier and more secure alternative to traditional passwords, enhancing protection against common cyber threats such as phishing, malware, and unauthorized data…

Read more →

Multiple international cybersecurity agencies jointly warn of a PRC state-sponsored cyber group, linked to the Ministry of State Security and known by various names like  APT40, Leviathan.  The group, based in Hainan Province, has targeted organizations globally, including in Australia…

Read more →

Scammers no longer need to possess technical expertise or devise intricate fraud schemes. The rise of Fraud-as-a-Service (FaaS) has revolutionized scam execution, making it easier for even the most inexperienced fraudsters to prey on unsuspecting victims. This article delves into…

Read more →

A group of threat actors has claimed responsibility for breaching the database of fast-food giant KFC. The announcement was made via a post on the social media platform X by the user @MonThreat, who is known for disseminating information about…

Read more →

In collaboration with international partners, the U.S. Federal Bureau of Investigation (FBI) and the Cyber National Mission Force (CNMF) have successfully disrupted a sophisticated AI-powered bot farm operated by Russian state-sponsored hackers. The bot farm, known as Meliorator, was used…

Read more →

Cybersecurity experts have identified a new malware strain, dubbed “XFiles Stealer,” which is actively targeting Windows users to steal passwords and other sensitive information. The discovery was made public by MonThreat, a prominent cybersecurity research group, via their official social…

Read more →

Hackers remotely execute malicious code on a compromised device or server by exploiting the Universal Code Execution vulnerability. Through this vulnerability, threat actors can inject codes into server-side interpreter languages such as Java, Python, and PHP. Hacking into this security…

Read more →

A critical vulnerability has been discovered in the Ghostscript rendering platform, identified as CVE-2024-29510. This flaw, a format string vulnerability, affects versions up to 10.03.0 and allows attackers to bypass the -dSAFER sandbox, leading to remote code execution (RCE). This…

Read more →

Hackers often weaponize LNK files because they can carry malware into systems undetected by anyone. LNK files are shortcuts that, when opened, launch a malicious payload (like scripts or executables). LNK files are widely used in Windows environments and can…

Read more →

A critical security vulnerability has been discovered in HCL Domino, a popular enterprise server software, that could potentially expose sensitive configuration information to remote unauthenticated attackers. This vulnerability, CVE-2024-23562, has raised concerns among cybersecurity experts and enterprises relying on HCL…

Read more →

Apple has removed several prominent VPN service apps from the Russian division of the App Store. The affected apps include Proton VPN, Red Shield VPN, NordVPN, and Le VPN. This action comes in response to complaints from Roskomnadzor, Russia’s federal…

Read more →

The Egyptian Health Department (EHD) has reported a data breach affecting 121,995 individuals, including one resident of Maine. The breach, which occurred on December 21, 2023, was discovered on the same day and has since raised serious concerns about data…

Read more →

A new position paper argues that Privacy Enhancing Technologies (PET) used in Home Routing are making it difficult for law enforcement to intercept information during investigations lawfully.  Home Routing allows a user’s communication to be routed through their home network…

Read more →

 A newly identified multi-stage trojan, dubbed “Orcinius,” has been reported to exploit popular cloud services Dropbox and Google Docs as part of its attack strategy. The sophisticated malware begins its assault with an innocuous-looking Excel spreadsheet, which contains a VBA…

Read more →

Roblox, the globally renowned online gaming platform, has suffered a data breach. According to a tweet from cybersecurity expert H4ckManac, the breach has exposed sensitive information, including email addresses and IP addresses of millions of users. This alarming incident has…

Read more →

A Technically Skilled individual who finds a bug faces an ethical decision: report the bug or profit from it. This is nowhere more relevant than in crypto. In this article, with the help of Ilan Abitbol from Resonance Security, I look at the…

Read more →

On June 27, 2024, Cloudflare experienced a disruption of its 1.1.1.1 DNS resolver service. This several-hour incident was caused by a combination of BGP (Border Gateway Protocol) hijacking and a route leak. The event led to a noticeable impact on…

Read more →

On June 27, 2024, Cloudflare experienced a disruption of its 1.1.1.1 DNS resolver service. This several-hour incident was caused by a combination of BGP (Border Gateway Protocol) hijacking and a route leak. The event led to a noticeable impact on…

Read more →

Active since 2015, Mekotio is a Latin American banking trojan specifically designed to target financial data in regions like Brazil, Chile, Mexico, Spain, and Peru. It exhibits links to the recently disrupted Grandoreiro malware, both likely originating from the same…

Read more →

Kimsuky, also known as the Velvet Chollima, Black Banshee, THALLIUM, or Emerald Sleet, is a North Korean state-sponsored advanced cyber espionage group that uses sophisticated methods to target political, economic, and national security interests for various countries. They are very…

Read more →

In a recent cyberattack, hackers successfully compromised Ethereum’s mailing list, attempting to drain users’ crypto funds through a sophisticated phishing campaign. The breach has raised significant concerns within the cryptocurrency community, prompting immediate action from Ethereum’s internal security team. The…

Read more →

A threat actor has claimed to have discovered a vulnerability that bypasses the two-factor authentication (2FA) on the HackerOne bug bounty platform. The claim was made public via a tweet from the account MonThreat, which is known for sharing cybersecurity-related…

Read more →

An unauthenticated endpoint vulnerability allowed threat actors to identify phone numbers associated with Authy accounts, which was identified, and the endpoint has been secured to prevent unauthorized access.  No evidence suggests the attackers gained access to internal systems or other…

Read more →

Over 380,000 web hosts have been found embedding a compromised Polyfill.io JavaScript script, linking to a malicious domain. This supply chain attack has sent shockwaves through the web development community, highlighting the vulnerabilities inherent in widely used open-source libraries. Polyfill.js,…

Read more →

Hackers target and weaponize AnyDesk, Zoom, Teams, and Chrome as these applications are widely used in a multitude of sectors. Not only that, but even these widely used applications also provide access to many users and sensitive information. Cybersecurity researchers…

Read more →

A new player has emerged on the cybercrime landscape the ransomware group “Pryx.” Pryx has claimed its first attack, announcing that it has compromised the systems of Rowan College at Burlington County (RCBC.edu) and stolen 30,000 university applications. This announcement…

Read more →

Threat actors have been found selling sensitive data from the Shopify commerce platform on the dark web. This alarming news was first reported by DarkWebInformer on their social media Twitter account, raising significant concerns about the security of e-commerce platforms…

Read more →

TotalEnergies Clientes SAU has reported a significant cyberattack that has compromised the personal data of 210,715 customers. The incident has raised serious concerns about data security and the integrity of digital infrastructures in the energy sector. Unauthorized Access Detected TotalEnergies…

Read more →

Hiap Seng Industries, a prominent engineering and construction company, has fallen victim to a ransomware attack that compromised its servers. The company has swiftly taken measures to contain the breach and ensure the continuity of its business operations. Immediate Containment…

Read more →

Gogs is a standard open-source code hosting system used by many developers. Several Gogs vulnerabilities have been discovered recently by the cybersecurity researchers at SonarSource.  Gogs can be hacked through these flaws, which put its instances at risk of source…

Read more →

A vulnerability in Junos OS on SRX Series devices allows attackers to trigger a DoS attack by sending crafted valid traffic, which is caused by improper handling of exceptional conditions within the Packet Forwarding Engine (PFE) and leads to PFE…

Read more →

A critical vulnerability has been discovered in the popular WordPress plugin “Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce.” The flaw, identified as CVE-2024-6172, has been assigned a CVSS score of 9.8, indicating its…

Read more →

A group of hackers has claimed to have discovered a critical zero-day vulnerability in Google Chrome. This exploit, which reportedly enables a sandbox escape and remote code execution (RCE), could potentially compromise millions of users worldwide. The announcement was made…

Read more →

The Rafel RAT is an advanced Android-targeting Remote Access Trojan which poses a great cybersecurity danger. This malicious program has become popular due to its prominence for breaking into device security and taking away confidential details. Knowing the origin of…

Read more →

Polyglot files have to fit in several file format specifications and respond differently depending on the calling program. This poses a significant risk to endpoint detection and response (EDR) systems and file uploaders, which mainly rely on format identification for…

Read more →