APT42 (aka Damselfly, UNC788, CALANQUE, Charming Kitten) is a sophisticated Iranian state-sponsored cyber espionage group. This Advanced Persistent Threat (APT) group is known for its ability to carry out long-term and focused digital surveillance campaigns. The major targets of such…
Tag: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
BYOVDLL – A New Exploit That Is Bypassing LSASS Protection
In July 2022, Microsoft patched a well-known PPL bypass flaw, initially discovered by Ionescu and Forshaw. This allowed protection circumvention without kernel code execution, and this update now broke the PPLdump PoC. SCRT Team researchers at Orange Cyberdefense recently discovered…
Hackers Exploited by GraphQL Vulnerabilities to Compromise Organizations
Cyberattacks have highlighted vulnerabilities in GraphQL APIs, leading to significant security breaches in various organizations. GraphQL, a query language for APIs, allows clients to request specific data, making it a popular choice for developers. However, its flexibility also opens doors…
0-Click Outlook RCE Vulnerability Triggered When Email is Clicked – Technical Analysis
NetSPI discovered that Microsoft Outlook is vulnerable to authenticated remote code execution (CVE-2024-21378) due to improper validation of synchronized form objects. By manipulating a configuration file, attackers can automatically register and instantiate a custom form, specifying a malicious executable as…
Dark Web Marketplace Admins Busted Following Luxury Life
Two men living a life of luxury in Florida have been charged with cyber fraud after authorities became suspicious of their extravagant spending habits. Russian national Pavel Kublitskii and Kazakhstan national Alexandr Khodyrev, who arrived in the U.S. in 2022…
Clickbait PDFs, An Entry point For Multiple Web Based Attacks
Researchers studied the infrastructure behind clickbait PDF attacks by analyzing a large dataset of real-world PDFs to identify clickbait ones and their linked infrastructure and found that attackers use various hosting types, including object storage, website hosting, and CDNs. The…
Hackers Toolkit Unveiled, Comprehensive Tools For Various Cyber Attacks
Hackers always keep updating their tools and add new ones to adapt to evolving security measures, bypass defenses, and exploit newly discovered vulnerabilities. Staying ahead of the cybersecurity advancements is completely important for them as doing so helps them maintain…
Zoom Fixes Critical Vulnerabilities Allowing Privilege Escalation
Zoom Video Communications has recently disclosed several critical vulnerabilities affecting its Workplace Apps, SDKs, and Rooms Clients. These vulnerabilities, identified in multiple security bulletins, pose significant risks, potentially allowing attackers to escalate privileges on affected systems. The issues impact users…
CryptoScam Strikes Misusing Trump & Musk Interview
Scammers have exploited the popularity of former President Donald Trump and tech mogul Elon Musk to deceive unsuspecting victims. According to a recent tweet by Avast Threat Labs, the fraudulent scheme involved hijacking YouTube accounts to broadcast fake interviews, and…
Authorities Seized Dispossessor Ransomware Servers
FBI Cleveland announced a significant victory against cybercrime by disrupting “Radar/Dispossessor,” a notorious ransomware group led by the online moniker “Brain.” This operation dismantled three servers in the United States, three in the United Kingdom, and 18 in Germany. Additionally,…