To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new step-by-step guide designed to help organizations select and deploy secure operational technology (OT) products. The guide, titled “Secure by Demand:…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Microsoft Warns of MFA Issue Affecting Microsoft 365 users
Microsoft has issued a warning regarding an ongoing issue with Multi-Factor Authentication (MFA) that is impacting some Microsoft 365 (M365) users. The problem, which surfaced earlier today, is preventing affected users from accessing certain M365 applications, raising concerns for businesses…
Hackers Using YouTube Links and Microsoft 365 Themes to Steal Logins
Cybercriminals are executing sophisticated phishing attacks targeting Microsoft 365 users by employing deceptive URLs that closely resemble legitimate O365 domains, creating a high degree of trust with unsuspecting victims. The attackers leverage social engineering tactics, often claiming imminent password expiration,…
RedCurl APT Deploys Malware via Windows Scheduled Tasks Exploitation
Researchers identified RedCurl APT group activity in Canada in late 2024, where the attackers used scheduled tasks to execute pcalua.exe to run malicious binaries and Python scripts, including the RPivot client.py script to connect to a remote server. Evidence suggests…
PoC Exploit Released for Critical macOS Sandbox Vulnerability (CVE-2024-54498)
A proof-of-concept (PoC) exploit has been publicly disclosed for a critical vulnerability impacting macOS systems, identified as CVE-2024-54498. This vulnerability poses a significant security risk by allowing malicious applications to bypass the macOS Sandbox, a key security feature designed to isolate…
IBM Robotic Process Automation Vulnerability Let Attackers Obtain Sensitive Data
A newly disclosed security vulnerability in IBM Robotic Process Automation (RPA) has raised concerns about potential data breaches. The vulnerability, tracked as CVE-2024-51456, could allow remote attackers to exploit cryptographic weaknesses and access sensitive information. IBM has released a security bulletin detailing the…
Furry Hacker Breaches Scholastic – Exposes Data of 8 Million People
The education and publishing giant Scholastic has fallen victim to a significant data breach affecting approximately 8 million people. The breach, which has been attributed to a self-proclaimed “furry” hacker going by the alias “Parasocial,” was first reported by the…
Hackers Exploiting YouTube to Spread Malware That Steals Browser Data
Malware actors leverage popular platforms like YouTube and social media to distribute fake installers. Reputable file hosting services are abused to host malware and make detection challenging. Password protection and encoding techniques further complicate analysis and evade early sandbox detection.…
Credit Card Skimmer Hits WordPress Checkout Pages, Stealing Payment Data
Researchers analyzed a new stealthy credit card skimmer that targets WordPress checkout pages by injecting malicious JavaScript into the WordPress database. On checkout pages, the malware is designed to steal credit card information from users who are visiting those pages.…
Furry Hacker Breaches Scholastic Exposes Data of 8 Million People
The education and publishing giant Scholastic has fallen victim to a significant data breach affecting approximately 8 million people. The breach, which has been attributed to a self-proclaimed “furry” hacker going by the alias “Parasocial,” was first reported by the…