PLAYFULGHOST, a Gh0st RAT variant, leverages distinct traffic patterns and encryption, which spread via phishing emails and SEO poisoning of bundled applications, enabling keylogging, screen capture, and other malicious remote access capabilities. A phishing campaign employed a .jpg file as…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
PoC Exploit Released For Critical Windows LDAP RCE Vulnerability
The CVE-2024-49112 vulnerability in Windows LDAP allows remote code execution on unpatched Domain Controllers, as a zero-click exploit leverages this by crafting malicious LDAP requests, which, sent without any user interaction, exploit a memory corruption vulnerability within the LDAP service. …
Windows 11 BitLocker Encryption Bypassed to Extract Full Volume Encryption Keys
A cybersecurity researcher has demonstrated a method to bypass BitLocker encryption on Windows 11 (version 24H2) by extracting full volume encryption keys (FVEK) from memory. Using a custom-built tool named Memory-Dump-UEFI, the researcher was able to retrieve sensitive cryptographic keys to…
Researchers Uncover Phishing-As-A-Service Domains Associated With Tycoon 2FA
The Tycoon 2FA platform is a Phishing-as-a-Service (PhaaS) tool that enables cybercriminals to easily launch sophisticated phishing attacks targeting two-factor authentication (2FA). It provides a service that simplifies the process for attackers. and offers an intuitive interface, allowing for the…
SmuggleShield – Browser Extension to Detect HTML Smuggling Attacks
SmuggleShield, a recently launched browser extension, is gaining attention in the cybersecurity space for its innovative approach to mitigating HTML smuggling attacks. With its stable version (2.0) now available, SmuggleShield provides an additional layer of protection for everyday internet users,…
EC2 Grouper Hackers Using AWS Tools To Exploit Compromised Credentials
Cloud security researchers have uncovered alarming trends in identity compromises within Amazon Web Services (AWS) environments. Among the most prolific threat actors is a group dubbed “EC2 Grouper,” known for exploiting compromised credentials to carry out sophisticated attacks using AWS…
Trend Micro Apex One Vulnerabilities Let Escalate Privilege
Trend Micro has addressed six high-severity vulnerabilities in its Apex One and Apex One as a Service product, which could allow attackers to escalate privileges on affected Windows systems. These vulnerabilities were disclosed under the Common Vulnerabilities and Exposures (CVE) system and have been…
US Army Soldier Arrested for Allegedly Selling Customer Call Records From AT&T & Verizon
A 20-year-old U.S. Army soldier, Cameron John Wagenius, has been arrested and indicted by federal authorities for allegedly selling confidential customer call records stolen from major telecommunications companies AT&T and Verizon. Known online as “Kiberphant0m,” Wagenius was apprehended near an…
D-Link Warns of Botnets Exploiting End-of-Life Routers
D-Link warned users of several legacy router models about known vulnerabilities actively exploited by botnets. These devices, which have reached End-of-Life (EOL) and End-of-Service (EOS), are at heightened risk of being targeted by malware strains known as “Ficora” and “Capsaicin.”…
New Stealthy Malware Leveraging SSH Over TOR Attacking Ukrainian Military
Researchers recently discovered a malicious campaign targeting Ukrainian military personnel through fake “Army+” application websites, which host a malicious installer that, upon execution, extracts the legitimate application alongside the Tor browser. The installer includes a PowerShell script that indicates the…