The government computer emergency response team of Ukraine, CERT-UA, in direct cooperation with the Cyber Security Center of the Armed Forces of Ukraine (CCB), has detected and investigated the activity of the UAC-0020 (Vermin) group, aimed at the Defense Forces…
Tag: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
300+ Times Downloaded Package from PyPI Contains Wiper Components
ReversingLabs researchers recently uncovered a malicious open-source package named xFileSyncerx on the Python Package Index (PyPI). This package, which had been downloaded nearly 300 times, contained separate malicious “wiper” components. Initially, it raised concerns about being an open-source supply chain…
Tenable Acquires Eureka Security To Provide Data Security Across Infrastructure
Tenable® Holdings, Inc., a leading Exposure Management company, has announced a definitive agreement to acquire Eureka Security, Inc., a prominent provider of data security posture management (DSPM) for cloud environments. This strategic acquisition aims to bolster Tenable’s cloud security capabilities,…
Microsoft Details On Using KQL To Hunt For MFA Manipulations
It is difficult to secure cloud accounts from threat actors who exploit multi-factor authentication (MFA) settings. Threat actors usually alter compromised users’ MFA attributes by bypassing the requirements, disabling MFA for others, or enrolling rogue devices in the system. They…
Fog Ransomware Attacking Windows Servers Administrators To Steal RDP Logins
A new ransomware variant dubbed ‘Fog’ has been spotted targeting US businesses in the education and recreation sectors. Forensic data revealed that threat actors accessed victim environments using compromised VPN credentials. Notably, two different VPN gateway providers were used for…
UNC1151 Hackers Weaponizing Excel Documents To Attack Windows Machine
Mandiant identified a UNC1151 information campaign targeting Ukraine, Lithuania, Latvia, and Poland with disinformation, as CRIL linked a recent malicious XLS campaign to UNC1151. The attackers used spam emails with Excel documents containing VBA macros that dropped LNK and DLL…
Hackers Attacking Banking Customers Using Phishing-As-A-Service V3B Toolkit
A cybercriminal group is selling and distributing a sophisticated phishing kit called “V3B” through Phishing-as-a-Service (PhaaS) and self-hosting methods, which targets EU banking customers and is designed to steal login credentials and one-time codes (OTPs) through social engineering tactics. Launched…
Python Developers Beware! Russian Hackers Targeting You With Malicious Packages
A malicious Python package named “crytic-compilers” was identified on PyPI. Masquerading as a legitimate library for intelligent contract compilation, it mimicked the name and versioning scheme of the real “crytic-compile” tool. The imposter package infiltrated popular development environments by appearing…
Parrot Security OS 6.1 Released – What’s New
The Parrot Security team has officially announced the release of Parrot OS 6.1, the latest version of their popular Linux distribution tailored for security professionals, ethical hackers, and privacy enthusiasts. This new release brings a range of enhancements, updated tools,…
Apple Refused to Pay $1 Million Bounty to Kaspersky Lab for iOS Zero-days
Apple has refused to pay Kaspersky Lab a reward for discovering critical vulnerabilities in iOS that allowed attackers to install spyware on any iPhone. According to RTVI, the vulnerabilities were reported to Apple in 2023, and under the Apple Security…