EvilBamboo, formerly known as “Evil Eye,” has been found to target Tibetan, Uyghur, and Taiwanese organizations and individuals. This threat actor was mentioned as conducting custom Android malware campaigns in September 2019. In April 2020, EvilBamboo was discovered to be…
Category: GBHackers – Latest Cyber Security News | Hacker News
Threat Actors Actively Using Remote Management Tools to Deploy Ransomware
The threat actors have been spotted increasingly depending on Remote Management and Monitoring (RMM) tools, which resulted in a relatively botched Hive ransomware distribution. The original payload consisted of an executable file disguised as a legitimate document. According to Huntress, this campaign…
Millions Of Newborn Registry Records Were Compromised In A MOVEit Data Breach
The Progress MOVEit software’s vulnerability resulted in a cybersecurity breach that affected BORN (the Better Outcomes Registry & Network), which gathers data on pregnancies, births, the postpartum period, and childhood. Unauthorized copies of files containing sensitive personal health data were obtained…
Google Chrome use-after-free Vulnerability Leads to Remote Attack
Google Chrome has been recently discovered to be a Use-after-free vulnerability that threat actors can exploit to attack users. This vulnerability exists in the Google Chrome VideoEncoder, which can be triggered using a malicious web page. However, Google Chrome version…
BIND DNS System Flaws Let Attackers Launch DoS Attacks
In a recent disclosure, BIND 9, a widely-used DNS (Domain Name System) server software, has been found vulnerable to two critical security flaws, labeled CVE-2023-4236 and CVE-2023-3341. These vulnerabilities, if exploited, could have serious consequences, making it imperative for users…
OilRig: Never-seen C#/.NET Backdoor to Attack Wide Range of Industries
OilRig (APT34) is an Iranian cyberespionage group active since 2014, targeting Middle Eastern governments and various industries like:- OilRig launched DNSpionage in 2018-2019 against Lebanon and the UAE, followed by the 2019-2020 HardPass campaign using LinkedIn for energy and government…
Most Important Network Penetration Testing Checklist
Network Penetration Testing checklist determines vulnerabilities in the network posture by discovering Open ports, troubleshooting live systems, and services, and grabbing system banners. The pen-testing helps the administrator to close unused ports, additional services, Hide or customize banners, troubleshoot services, and…
Cryptojacking Campaign Infected Online Thesaurus With Over 5 Million Visitors
Students, authors, and anybody else wishing to improve their vocabulary and language abilities frequently utilize Thesaurus, one of the well-known platforms with 5 million monthly visitors. Cybersecurity analysts at Group-IB recently found a cryptojacking scheme on a popular Thesaurus site,…
Gold Melody Attacking Organizations With Burp Extension, Mimikatz, and Other Tools
The financially motivated GOLD MELODY threat group has been active at least since 2017, attacking organizations by taking advantage of flaws in unpatched internet-facing servers. A threat group serves as an initial access broker (IAB) by selling access to organizations…
MOVEit Transfer SQL Injection Let the Attacker Gain Unauthorized Access to the Database
MOVEit transfer service pack has been discovered with three vulnerabilities associated with SQL injections (2) and a Reflected Cross-Site Scripted (XSS). The severity for these vulnerabilities ranges between 6.1 (Medium) and 8.8 (High). Progress-owned MOVEit transfer was popularly exploited by…