C2 frameworks, crucial for post-exploitation operations, offer open-source alternatives to Cobalt Strike. They streamline the management of compromised systems, enable efficient collaboration, and evade detection by providing customizable behaviors. It is a toolset attackers use to control and manage compromised…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Microsoft Warns Of Vanilla Tempest Hackers Attacking Healthcare Sector
Microsoft has identified a new attack vector employed by the financially motivated threat actor Vanilla Tempest. This actor has been observed leveraging the INC ransomware to target healthcare organizations within the United States. Specifically, Vanilla Tempest is exploiting vulnerabilities in…
Beware Of Fake Captcha Attacks That Delivers Lumma Stealer Malware
In the past four weeks, a significant increase in malware distribution attempts via fake Captcha campaigns has been observed, targeting over 1.4 million users. Lumma Stealer, a hazardous malware designed for data theft, is the primary payload being distributed. Cybercriminals…
Russian Hackers Registering Domains Targeting US Tech Brands
Researchers are tracking a Russian threat actor deploying domains involved in crypto scams targeting the US Presidential Election and tech brands. The scams offer double crypto returns for deposits and are designed to deceive users into sending coins to attacker-controlled…
Critical Arc Browser Vulnerability Let Attackers Execute Remote Code
Arc’s Boosts feature lets users customize websites with CSS and JavaScript. While JavaScript Boosts are not shareable to protect security, they are synced across devices for personal use. Misconfigured Firebase ACLs enabled unauthorized users to modify the creatorID of Boosts,…
Flax Typhoon’s Botnet Actively Exploiting 66 Vulnerabilities In Various Devices
The Five Eyes agencies recently released a joint cybersecurity advisory detailing a new botnet, Flax Typhoon, linked to Chinese state-sponsored actors. The advisory highlights the actors’ use of compromised routers and IoT devices to establish a vast botnet capable of…
Multiple 0-Day Flaws in Automated Tank Gauge Systems Threaten Critical Infrastructure
Cybersecurity researchers from BitSight TRACE have uncovered multiple 0-day vulnerabilities in Automated Tank Gauge (ATG) systems, which are integral to managing fuel storage tanks across various critical infrastructures. These vulnerabilities in six ATG systems from five vendors pose significant threats…
MoneyGram Confirms Cyberattack Following Outage
MoneyGram, a leading global money transfer service, has confirmed that it was the victim of a cyberattack, following a significant network outage that disrupted customer services worldwide. The company initially reported an issue with connectivity across several of its systems,…
Kansas County Ransomware Attack Exposed Nearly 30,000 Residents’ Sensitive Data
Franklin County, Kansas, has fallen victim to a ransomware attack that compromised the sensitive data of nearly 30,000 residents. The breach occurred on May 19, 2024, and was not discovered until August 29, 2024. According to a report submitted by…
Researcher Details Cisco Smart Licensing that Lets Attacker Control Device
Cisco disclosed a critical vulnerability identified as CVE-2024-20439, affecting its Smart Licensing Utility. An independent researcher discovered this vulnerability through reverse engineering. It involves a hardcoded static password that could allow attackers to gain unauthorized access and control over affected…