The HookBot malware family employs overlay attacks to trick users into revealing sensitive information by impersonating various brands and apps to gain trust. It also utilizes C2 servers to receive updates and evolve continuously. A builder tool empowers threat actors…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
CRON#TRAP Campaign Attacks Windows Machine With Weaponized Linux Virtual Machine
Weaponized Linux virtual machines are used for offensive cybersecurity purposes, such as “penetration testing” or “exploiting vulnerabilities.” These setups often use the tools and frameworks that are designed for ethical hacking. Securonix researchers recently detected CRON#TRAP campaign that has been…
North Korean Hackers Employing New Tactic To Acruire Remote Jobs
North Korean threat actors behind the Contagious Interview and WageMole campaigns have refined their tactics, enhancing the obfuscation of their scripts to evade detection. InvisibleFerret now boasts a dynamic RMM configuration and OS-specific persistence mechanisms, while Contagious Interview has expanded…
Rise Of Ransomware-As-A-Service Leads To Decline Of Custom Tools
Ransomware-as-a-Service (RaaS) platforms have revolutionized the ransomware market. Unlike traditional standalone ransomware sales, RaaS offers a subscription-based model where attackers can access pre-built ransomware tools and infrastructure without significant upfront costs. These platforms provide user-friendly dashboards, customization options, and ongoing…
Researchers Detailed Credential Abuse Cycle
The United States Department of Justice has unsealed an indictment against Anonymous Sudan, a hacking group responsible for distributed denial-of-service attacks. LameDuck, a new threat actor, has carried out several massive distributed denial of service (DDoS) attacks to affect critical…
Azure API Management Vulnerabilities Let Attackers Escalate Privileges
Recent discoveries by Binary Security have revealed critical vulnerabilities in Azure API Management (APIM) that could allow attackers with minimal privileges to escalate their access and take full control over the APIM service. These vulnerabilities were reported to Microsoft, leading to some…
Google Patches High-Severity Vulnerabilities in Chrome
Google has released a new update for its Chrome browser, addressing two high-severity vulnerabilities. The Stable channel has now been updated to version 130.0.6723.116/.117 for Windows and Mac and version 130.0.6723.116 for Linux. The update will be rolled out to users over the next…
ClickFix Exploits GMeet & Zoom Pages to Deliver Sophisticated Malware
A new tactic, “ClickFix,” has emerged. It exploits fake Google Meet and Zoom pages to deliver sophisticated malware. The Sekoia Threat Detection & Research (TDR) team monitors this social engineering strategy closely. It represents a significant evolution in how threat…
APT36 Hackers Attacking Windows Deevices With ElizaRAT
APT36, a sophisticated threat actor, has been actively targeting Indian entities with advanced malware like ElizaRAT, which is designed for espionage. It leverages cloud-based services for covert communication and data exfiltration. Recent campaigns have seen significant enhancements in ElizaRAT’s evasion…
Hackers Created 100+ Fake Web Stores To Steal Millions Of Dollars From Customers
The Phish, ‘n’ Ships fraud operation leverages, compromised websites to redirect users to fake online stores, which, optimized for search engine visibility, trick victims into providing credit card details to third-party payment processors, resulting in financial loss without receiving any…