Sidewinder APT group’s sophisticated threat landscape reveals a skilled and persistent threat targeting the Nepalese Government entities. Their focus extends to South Asian governments, with researchers also identifying a recent complex attack on Bhutan. Cybersecurity researchers at Cyfirma recently identified…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Tech Device Manufacturers Urged by CISA to Remove Default Passwords
Recently, the Cybersecurity and Infrastructure Security Agency (CISA) has requested technology device manufacturers to take measures to eliminate default passwords due to the threats posed by IRGC actors. This step has been taken to ensure the security of tech devices…
New SMTP Smuggling Attack Lets Hackers Send Spoofed Emails
SMTP (Simple Mail Transfer Protocol) smuggling is a technique where attackers exploit the inconsistencies in how proxy servers or firewalls analyze and handle the SMTP traffic. Threat actors can smuggle malicious payloads or evade detection by exploiting these inconsistencies. This…
Hackers Actively Exploiting ActiveMQ Vulnerability to Install Malware
Attackers have been exploiting the Apache ActiveMQ Vulnerability (CVE-2023-46604) to steal data and install malware constantly. Using the Apache ActiveMQ remote code execution vulnerability, the Andariel threat group was found to be installing malware last month. Their primary targets are national…
QakBot Malware Emerges with New Tactics, Attacking Hospitality Industry
QakBot (aka Qbot) primarily targets financial institutions since it is a sophisticated banking trojan and malware. This malware can facilitate more malicious acts, such as the following, by infecting Windows systems and stealing confidential data, such as banking credentials:- Besides…
3CX Asks Customers to Disable SQL Database Integrations to Stop Hack Attacks
3CX, a VoIP communications firm, has advised customers to disable SQL Database integrations due to the risks posed by a potential vulnerability. A SQL Injection vulnerability in 3CX CRM Integration has been identified as CVE-2023-49954. An attacker can manipulate an application’s database…
8220 Hacker Group Attacking Windows & Linux Web Servers
The 8220 hacker group, which was first identified in 2017 by Cisco Talos, is exploiting both Windows and Linux web servers with crypto-jacking malware. One of their recent activities involved the exploitation of Oracle WebLogic vulnerability (CVE-2017-3506) and Log4Shell (CVE-2021-44228).…
Google Chrome’s New Tracking Protection Limits Website Tracking
Goodbye, third-party cookies. Hello, Tracking Protection! Chrome, the world’s most popular browser, is taking a major step toward a privacy-first web with the launch of its Tracking Protection feature. Starting January 4th, this limited rollout marks a turning point in Google’s…
NKAbuse Malware Attacking Linux Desktops & Use Corn Job for Persistence
Threat actors target Linux systems due to their prevalence in server environments, and cron jobs offer a discreet means of maintaining unauthorized access over an extended period. Kaspersky experts discovered “NKAbuse,” a versatile malware using NKN tech for peer data…
Hackers are Increasingly Using Remote Admin Tools to Control Infected Systems
Recently, there has been a rise in incidences of hackers using “Remote Administration Tools” to control the infected system and bypass protection technologies. Remote administration tools are software that allows managing and controlling terminals from a remote location. The tools can…