The LummaC2 obfuscator employs a novel control flow protection scheme designed specifically for its stealer component, which is part of a broader set of transformations, making it difficult for analysts to reverse engineer the binary. It introduces obfuscated code that…
Tag: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Hackers Abuse HTML Smuggling Technique To Deliver Sophisticated Phishing Page
Phishing attackers employed an HTML smuggling technique to deliver a malicious payload, as the attack chain started with a phishing email mimicking an American Express notification, leading to a series of redirects. The final redirect pointed to a Cloudflare R2…
Hackers Abusing Third-Party Email Infrastructure to Send Spam Mails
Hackers are increasingly exploiting third-party email infrastructures to send spam emails. This tactic complicates the detection and prevention of spam and threatens the integrity of legitimate email communications. By leveraging vulnerabilities in various online platforms, cybercriminals can masquerade as legitimate…
Hacking Kia Cars Remotely with a License Plate
Cybersecurity researchers have uncovered a significant vulnerability in Kia vehicles that allowed hackers to remotely control key functions using nothing more than a car’s license plate. This breach, discovered on June 11, 2024, exposed the potential for unauthorized access to…
Octo2 Android Malware Attacking To Steal Banking Credentials
The original threat actor behind the Octo malware family has released a new variant, Octo2, with enhanced stability for remote action capabilities to facilitate Device Takeover attacks. This new variant targets European countries and employs sophisticated obfuscation techniques, including the…
RansomHub Ransomware Using Multiple Techniques To Disable EDR And Antivirus
The RansomHub ransomware group tracked as Water Bakunawa, employs targeted spear-phishing to exploit the Zerologon vulnerability, allowing them to gain unauthorized access to networks, affecting various industries and critical infrastructure sectors, demanding ransom payments for data release. The group’s recent…
Researchers Backdoored Azure Automation Account Packages And Runtime Environments
Runtime environments offer a flexible way to customize Automation Account Runbooks with specific packages. While base system-generated environments can’t be directly modified, they can be indirectly changed by adding packages to the old experience and then switching to the new…
TWELVE Threat Attacks Windows To Encrypt Then Deleting Victims’ Data
The threat actor, formed in 2023, specializes in ransomware attacks targeting Russian government organizations. It encrypts and deletes victim data, exfiltrates sensitive information, and aims to inflict maximum damage on critical assets. The threat actor likely scans IP address ranges…
Google Warns Of North Korean IT Workers Have Infiltrated The U.S. Workforce
North Korean IT workers, disguised as non-North Koreans, infiltrate various industries to generate revenue for their regime, evading sanctions and funding WMD programs by exploiting privileged access to enable cyber intrusions. Facilitators, often non-North Koreans, assist these workers by laundering…
Beware Of Fake Verify You Are A Human Request That Delivers Malware
Researchers observed two distinct instances where users were inadvertently led to malicious websites after conducting Google searches for video streaming services. These victims were redirected to malicious URLs that employed a deceptive tactic while attempting to access sports or movie…