A recent investigation by cybersecurity firm Nisos has uncovered a coordinated effort by North Korean IT workers to exploit GitHub for creating fake personas, enabling them to secure remote jobs in Japan and the United States. These individuals, posing as…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Dragon RaaS Leading “Five Families” Crimeware with New Initial Access & Exploitation Tactics
Dragon RaaS, a ransomware group known for its blend of hacktivism and cybercrime, has emerged as a significant player in the “Five Families” crimeware syndicate. This group, which includes ThreatSec, GhostSec, Blackforums, and SiegedSec, has been making waves since its…
Zero-Hour Phishing Attacks Exploiting Browser Vulnerabilities Surge by 130%
Menlo Security, a leader in Secure Enterprise Browsers, has released its annual State of Browser Security Report, revealing a sharp rise in browser-based cyberattacks. The report highlights a 130% surge in zero-hour phishing attacks and a significant increase in the…
Cisco Smart Licensing Utility Vulnerabilities Under Hacker Exploitation
Recent reports indicate that hackers are actively trying to exploit two critical vulnerabilities in the Cisco Smart Licensing Utility. These vulnerabilities, identified as CVE-2024-20439 and CVE-2024-20440, were disclosed by Cisco in September. The first vulnerability involves a static credential issue,…
Massive “DollyWay” Malware Attack Compromises 20,000+ WordPress Sites Worldwide
A significant malware operation, dubbed “DollyWay,” has been uncovered by GoDaddy Security researchers, revealing a sophisticated campaign that has compromised over 20,000 WordPress sites globally. This operation, which began in 2016, leverages a distributed network of compromised WordPress sites as…
Babuk2 Ransomware Issues Fake Extortion Demands Using Data from Old Breaches
Recent investigations by the Halcyon RISE Team have uncovered a concerning trend in the ransomware landscape: the Babuk2 group is issuing extortion demands based on false claims. Despite announcing numerous attacks, there is no third-party confirmation or evidence from victims…
IBM Warns of AIX Vulnerabilities Allowing Arbitrary Command Execution
IBM has recently issued a critical security warning regarding vulnerabilities in its AIX operating system that could allow remote attackers to execute arbitrary commands. The vulnerabilities, identified as CVE-2024-56346 and CVE-2024-56347, were discovered in the IBM AIX nimesis NIM master…
Dell Alerts on Critical Secure Connect Gateway Vulnerabilities
Dell has issued several critical security alerts regarding vulnerabilities in its Secure Connect Gateway (SCG) products. These vulnerabilities pose significant risks to users, including potential data breaches and unauthorized access to sensitive information. This article will delve into the details…
Signal Messenger Exploited in Targeted Attacks on Defense Industry Employees
The Computer Emergency Response Team of Ukraine (CERT-UA) has reported a series of targeted cyberattacks against employees of the defense-industrial complex and members of the Defense Forces of Ukraine. These attacks have been ongoing since at least the summer of…
Chinese “Salt Typhoon” Hackers Exploit Exchange Vulnerabilities to Target Organizations
The Chinese Advanced Persistent Threat (APT) group known as Salt Typhoon, also referred to as FamousSparrow, GhostEmperor, Earth Estries, and UNC2286, has been actively targeting critical sectors worldwide. This group has been particularly focused on telecommunications and government entities across…