Researchers have discovered a new phishing campaign that targets Middle Eastern and North African Government Entities to deliver a new initial access downloader termed “IronWind.” This downloader is followed by additional payload stages, which downloads a shellcode. Most campaigns were…
Category: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Hackers Abuse Google Forms to Bypass Anti-spam Filters
Cybersecurity researchers at Talos have discovered that spammers are taking advantage of Google Forms quizzes to disseminate various types of online scams to unsuspecting victims. Since Google’s servers are where the emails are coming from, it could be simpler for…
Ddostf DDoS Malware Attacking MySQL Servers in Windows Environments
Researchers found that vulnerable MySQL servers are being deployed with the Ddostf DDoS bot, which is capable of launching Distributed Denial of Service (DDoS) attacks. Ddostf, which was first identified around 2016, is well-known for supporting both Windows and Linux platforms…
SystemBC, a SWISS KNIFE Proxy Malware, Used by Numerous Ransomware Groups
SystemBC (aka Coroxy or DroxiDat) is a multifunctional malware known as Proxy, Bot, Backdoor, and RAT, adapting to attackers’ needs. Since 2018, this multifunctional malware has been active, and it remains popular in underground markets, with consistent annual incidents. Cybersecurity…
LogShield: A New Framework that Detects the APT Attack Patterns
There have been several cases of GPT model-based detection for various attacks from system logs. However, there has been no dedicated framework for detecting APTs as they use a low and slow approach to compromise the systems. Security researchers have…
What Does PCI DSS 4.0 Mean for API?
Payment Card Industry Data Security Standard or PCI DSS 4.0 was released in May 2022 by the PCI Security Standards Council (PCI SSC). After using PCI DSS 3.2.1 for several years, PCI DSS 4.0 is the latest security standard version…
Hackers Exploiting Create2 to Bypass Wallet Security Alerts
Recently, hackers have used the Ethereum network’s CREATE2 opcode to bypass wallet security alarms in certain wallets. Using Create2’s pre-calculation feature, the Drainers can produce unique addresses for every malicious signature. After the victim signs the malicious signature, these addresses are deployed.…
Hackers Selling Exploits for Critical Vulnerabilities on the Dark Web
Dark forums and Telegram channels have become great places for threat actors to sell critical vulnerabilities and exploits. These vulnerabilities and exploits were associated with the Elevation of Privilege, Authentication Bypass, SQL Injection, and Remote Code Execution in products like…
Intel is Being Sued Over the ‘Downfall’ CPU Vulnerability for $10K per Plaintiff
A class-action lawsuit had been filed against Intel due to a critical “Downfall” vulnerability in Intel CPUs, a defect that Intel was aware of since 2018 but neglected to report. According to Intel, the only way to “fix” it is to apply…
Authorities Took Down Massive Phishing-as-a-service Provider
A notorious phishing service that supplied cybercriminals with phishing kits, scam pages, and stolen credentials has been disrupted by a joint operation involving Malaysian, Australian, and U.S. authorities. BulletProftLink, also known as a phishing-as-a-service (PhaaS) platform, had been operating for…