The emergence of the Lynx Ransomware-as-a-Service (RaaS) platform has drawn significant attention in cybersecurity circles, owing to its advanced technical capabilities, structured affiliate workflow, and expansive ransomware arsenal. Lynx has proven to be a highly organized and efficient cybercriminal operation,…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Russian APT28 Hackers Exploit Zero-Day Vulnerabilities to Target Government and Security Sectors
A detailed analysis from Maverits, a leading cybersecurity firm, reveals a significant evolution in the strategies and objectives of APT28, a cyber-espionage group linked to Russia’s GRU military intelligence unit. Covering activities from 2022 to 2024, the report highlights APT28’s…
Hackers Exploit OAuth 2.0 Code Flow Using AiTM Attack on Microsoft Azure AD
Security enthusiasts and professionals are turning their focus towards a new angle on phishing attacks in the identity and access management space. During the “Offensive Entra ID (Azure AD) and Hybrid AD Security” training, a clever demonstration showcased how a…
New Apple SLAP & FLOP Side-Channel Attacks Let Attackers Steal Login Details From Browser
Researchers from the Georgia Institute of Technology and Ruhr University Bochum have uncovered two novel speculative execution attacks, named SLAP (Speculative Data Attacks via Load Address Prediction) and FLOP (Breaking the Apple M3 CPU via False Load Output Predictions). These…
WhatsApp’s “View Once” Feature Flaw Let Anyone View the Image Unlimitedly
Privacy is the cornerstone of digital communication in today’s world, and platforms like WhatsApp consistently introduce features to enhance user security. One such feature is WhatsApp’s “View Once” option, which ensures that sensitive photos and videos disappear after being viewed…
A Security Loophole in WhatsApp’s “View Once” Mode
Privacy is the cornerstone of digital communication in today’s world, and platforms like WhatsApp consistently introduce features to enhance user security. One such feature is WhatsApp’s “View Once” option, which ensures that sensitive photos and videos disappear after being viewed…
Windows CLFS Buffer Overflow Vulnerability CVE-2024-49138 – PoC Released
A recently disclosed Windows kernel-level vulnerability, identified as CVE-2024-49138, has raised significant security concerns in the cybersecurity community. Leveraging a buffer overflow vulnerability within the Windows Common Log File System (CLFS), researchers have released a proof-of-concept (PoC) exploit, showcasing the critical risks…
Hackers Attacking Windows, macOS, and Linux systems With SparkRAT
Researchers have uncovered new developments in SparkRAT operations, shedding light on its persistent use in malicious campaigns targeting macOS users and government organizations. The findings, detailed in a recent report, underscore the evolving tactics of threat actors leveraging SparkRAT’s modular…
New Aquabot Malware Actively Exploiting Mitel SIP phones injection vulnerability
Akamai’s Security Intelligence and Response Team (SIRT) has uncovered a novel variant of the Mirai-based botnet malware, dubbed Aquabotv3, actively targeting Mitel SIP phones via a critical vulnerability. This marks the third observed iteration of Aquabot, which now showcases unique…
Hellcat Ransomware Attacking Government Organizations & Educational Institutions
A new ransomware gang, Hellcat, emerged on dark web forums in 2024, targeting critical infrastructure, government organizations, educational institutions, and the energy sector. Operating on a ransomware-as-a-service (RaaS) model, Hellcat offers ransomware tools and infrastructure to affiliates in exchange for…