Hackers are increasingly exploiting third-party email infrastructures to send spam emails. This tactic complicates the detection and prevention of spam and threatens the integrity of legitimate email communications. By leveraging vulnerabilities in various online platforms, cybercriminals can masquerade as legitimate…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Hacking Kia Cars Remotely with a License Plate
Cybersecurity researchers have uncovered a significant vulnerability in Kia vehicles that allowed hackers to remotely control key functions using nothing more than a car’s license plate. This breach, discovered on June 11, 2024, exposed the potential for unauthorized access to…
Octo2 Android Malware Attacking To Steal Banking Credentials
The original threat actor behind the Octo malware family has released a new variant, Octo2, with enhanced stability for remote action capabilities to facilitate Device Takeover attacks. This new variant targets European countries and employs sophisticated obfuscation techniques, including the…
RansomHub Ransomware Using Multiple Techniques To Disable EDR And Antivirus
The RansomHub ransomware group tracked as Water Bakunawa, employs targeted spear-phishing to exploit the Zerologon vulnerability, allowing them to gain unauthorized access to networks, affecting various industries and critical infrastructure sectors, demanding ransom payments for data release. The group’s recent…
Researchers Backdoored Azure Automation Account Packages And Runtime Environments
Runtime environments offer a flexible way to customize Automation Account Runbooks with specific packages. While base system-generated environments can’t be directly modified, they can be indirectly changed by adding packages to the old experience and then switching to the new…
TWELVE Threat Attacks Windows To Encrypt Then Deleting Victims’ Data
The threat actor, formed in 2023, specializes in ransomware attacks targeting Russian government organizations. It encrypts and deletes victim data, exfiltrates sensitive information, and aims to inflict maximum damage on critical assets. The threat actor likely scans IP address ranges…
Google Warns Of North Korean IT Workers Have Infiltrated The U.S. Workforce
North Korean IT workers, disguised as non-North Koreans, infiltrate various industries to generate revenue for their regime, evading sanctions and funding WMD programs by exploiting privileged access to enable cyber intrusions. Facilitators, often non-North Koreans, assist these workers by laundering…
Beware Of Fake Verify You Are A Human Request That Delivers Malware
Researchers observed two distinct instances where users were inadvertently led to malicious websites after conducting Google searches for video streaming services. These victims were redirected to malicious URLs that employed a deceptive tactic while attempting to access sports or movie…
New Mallox Ransomware Linux Variant Attacking Enterprise Linux Servers
Kryptina RaaS, a free and open-source RaaS platform for Linux, initially struggled to attract attention. Still, after a Mallox affiliate’s staging server was leaked in May 2024, Kryptina’s modified version, branded Mallox v1.0, gained prominence. The research examines the data…
TeamTNT Hackers Attacking VPS Servers Running CentOS
TeamTNT is targeting CentOS VPS clouds with SSH brute force attacks. It has uploaded a malicious script that disables security, deletes logs, and modifies system files to kill existing miners, remove Docker containers, and redirect DNS to Google servers. The…