Researchers have discovered the workings of the MalSync malware known as the “DuckTail” or “SYS01”. The analysis of the malware revealed the infection vectors, command line usage, malware capabilities, and other information. The malware seems to have a targeted approach…
Tag: GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
Tor Unveils WebTunnel – Let Users Bypass Censorship
Tor Project’s Anti-Censorship Team has made a groundbreaking announcement that promises to bolster the fight against internet censorship. On the World Day Against Cyber Censorship occasion, the team proudly introduced WebTunnel, a revolutionary new type of Tor bridge. This innovative…
Hackers Attacking Critical US Water Systems, White House Warns
In a stark warning issued by the White House, it has been revealed that cyberattacks are increasingly targeting water and wastewater systems across the United States. These critical infrastructures are essential for providing clean and safe drinking water to communities,…
Azorult Malware Abuses Google Sites To Steal Login Credentials
A new evasive Azorult campaign that uses HTML smuggling to deliver a malicious JSON payload from an external website. The JSON file is then loaded using reflective code loading, a fileless technique that bypasses disk-based detection and also employs an…
Andariel Hackers Leveraging Remote Tools To Exploit Organizations
The Andariel threat group has been discovered to be using MeshAgent when attacking Korean companies. The group has previously attacked Korean Asset management solutions for installing malware, such as AndarLoader and ModeLoader. However, MeshAgent is used alongside other remote management…
BunnyLoader 3.0 Detected With Advanced Keylogging Capabilities
BunnyLoader is a rapidly developing malware that can steal information, credentials, and cryptocurrencies while also delivering new malware to its victims. Since its first detection in September 2023, the BunnyLoader malware as a service (MaaS) has regularly enhanced its features. According…
Novel Script-Based Attack That Leverages PowerShell And VBScript
A new campaign has been identified as DEEP#GOSU is likely linked to the Kimsuky group, and it employs a new script-based attack chain that uses numerous PowerShell and VBScript stagers to stealthily infect systems. Its features included data exfiltration, keylogging, clipboard monitoring, dynamic…
Mintlify Data Breach Exposes Customer GitHub Tokens
A renowned software documentation platform has confirmed a security breach that led to the unauthorized access of 91 GitHub tokens. This incident has raised alarms about the potential exposure of private repositories and the overall security measures to protect sensitive…
900+ websites Exposing 10M+ Passwords: Most in Plaintext
Over 900 websites inadvertently expose over 10 million passwords, many of which are in plaintext, alongside sensitive billing information and personally identifiable information (PII) of approximately 125 million users. This massive data exposure is attributed to misconfigured Firebase instances, a…
Hackers Exploiting Microsoft Office Templates to Execute Malicious Code
In a cyberattack campaign dubbed “PhantomBlu,” hundreds of employees across various US-based organizations were targeted with phishing emails masquerading as messages from an accounting service. This campaign represents a significant evolution in the tactics, techniques, and procedures (TTPs) employed by…