A Technically Skilled individual who finds a bug faces an ethical decision: report the bug or profit from it. This is nowhere more relevant than in crypto. In this article, with the help of Ilan Abitbol from Resonance Security, I look at the…
Tag: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Cloudflare Details 1.1.1.1 Service Outage Following BGP Hijack
On June 27, 2024, Cloudflare experienced a disruption of its 1.1.1.1 DNS resolver service. This several-hour incident was caused by a combination of BGP (Border Gateway Protocol) hijacking and a route leak. The event led to a noticeable impact on…
Cloudflare Details 1.1.1.1 Service Outage Incident
On June 27, 2024, Cloudflare experienced a disruption of its 1.1.1.1 DNS resolver service. This several-hour incident was caused by a combination of BGP (Border Gateway Protocol) hijacking and a route leak. The event led to a noticeable impact on…
Mekotio Banking Trojan Attacking American Users To Steal Financial Data
Active since 2015, Mekotio is a Latin American banking trojan specifically designed to target financial data in regions like Brazil, Chile, Mexico, Spain, and Peru. It exhibits links to the recently disrupted Grandoreiro malware, both likely originating from the same…
Kimusk’s HappyDoor Executed Via regsvr32 File To Evade Detection
Kimsuky, also known as the Velvet Chollima, Black Banshee, THALLIUM, or Emerald Sleet, is a North Korean state-sponsored advanced cyber espionage group that uses sophisticated methods to target political, economic, and national security interests for various countries. They are very…
Hackers Compromised Ethereum’s Mailing List to Drain Their Crypto Funds
In a recent cyberattack, hackers successfully compromised Ethereum’s mailing list, attempting to drain users’ crypto funds through a sophisticated phishing campaign. The breach has raised significant concerns within the cryptocurrency community, prompting immediate action from Ethereum’s internal security team. The…
Threat Actor Claiming 2FA Bypass Vulnerability in HackerOne Bug Bounty Platform
A threat actor has claimed to have discovered a vulnerability that bypasses the two-factor authentication (2FA) on the HackerOne bug bounty platform. The claim was made public via a tweet from the account MonThreat, which is known for sharing cybersecurity-related…
Hackers Abused Twilio API To Verify Phone Numbers used For MFA
An unauthenticated endpoint vulnerability allowed threat actors to identify phone numbers associated with Authy accounts, which was identified, and the endpoint has been secured to prevent unauthorized access. No evidence suggests the attackers gained access to internal systems or other…
Over 380,000+ Hosts Embedding Polyfill JS script Linking to Malicious Domain
Over 380,000 web hosts have been found embedding a compromised Polyfill.io JavaScript script, linking to a malicious domain. This supply chain attack has sent shockwaves through the web development community, highlighting the vulnerabilities inherent in widely used open-source libraries. Polyfill.js,…
FakeBat Malware Weaponizing AnyDesk, Zoom, Teams & Chrome
Hackers target and weaponize AnyDesk, Zoom, Teams, and Chrome as these applications are widely used in a multitude of sectors. Not only that, but even these widely used applications also provide access to many users and sensitive information. Cybersecurity researchers…