GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Fighting Ursa, a Russian APT, has employed a car sales phishing lure to distribute the HeadLace backdoor malware targeting diplomats since March 2024. This strategy mirrors previous campaigns by the group and other Russian threat actors.  The attack leveraged public, free infrastructure services and exploited user clicks on malicious content within the car advertisement.  Hackers […]

The post Hackers Infect Windows With Backdoor Malware Via “Car For Sale” Ad appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

The notorious Mirai botnet has been observed exploiting a recently disclosed directory traversal vulnerability in Apache OFBiz. This Java-based framework, supported by the Apache Foundation, is used for creating ERP (Enterprise Resource Planning) applications, which are critical for managing sensitive business data despite being less prevalent than commercial alternatives. Vulnerability Details and Exploitation According to […]

The post Mirai Botnet Attacking Apache OFBiz Directory Traversal Vulnerability appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Attackers uploaded malicious Python packages targeting Raydium and Solana users to PyPI, leveraging a StackExchange post to distribute the malware.  The multi-stage malware stole sensitive data, drained cryptocurrency wallets, and established persistent backdoor access, bypassing Windows security protections, underscoring the vulnerability of software supply chains and the ineffectiveness of traditional endpoint security solutions against modern […]

The post Hackers Abused StackExchange Platform To Deliuver Malicious Python Package appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Mint-Stealer is a Malware-as-a-Service tool designed to exfiltrate sensitive data from compromised systems stealthily and targets a broad spectrum of data, including web credentials, cryptocurrency wallet details, gaming credentials, VPN configurations, messaging app data, and FTP client information.  Employing encryption and obfuscation, Mint-Stealer evades detection while actively stealing data. Distributed through dedicated websites and supported […]

The post Mint-stealer Targeting web browsers, VPN clients & messaging apps to Steal Logins appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

The Exodus Market, a haven for exiled criminals, has grown to become a significant player in the black market economy. The user “ExodusMarket” originally announced Exodus Market for Logs on the Cracked forum on February 10, 2024, after it was formally launched at the end of January 2024. Twice, in March 2024 and July 16, […]

The post Exodus Underground Market Place Emerging As A Heaven For Cybercriminals appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

⁤Hackers often attack ISP service providers for several illicit purposes. The most significant ones are disrupting internet services, stealing sensitive data, and many more.  ⁤Besides this, such compromise also provides hackers with control over a vast number of connected devices, which significantly impacts the malicious activities of the threat actors positively. ⁤ Volexity discovered StormBamboo’s […]

The post Hackers Hijacked ISP Service Provider To Poison Software Updates appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

The wide use and the huge user base of Android often lucrative the threat actors.  As threat actors often use Android malware to exploit vulnerabilities in the Android operating system.  This enables them to perform several illicit activities like stealing sensitive information, tracking user activity, and gaining unauthorized access to devices. Cleafy researchers recently detected […]

The post Beware Of New BingoMod Android Malware Steals Money & Formats Device appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have found a new way for hackers to steal sensitive information like passwords by eavesdropping on HDMI cables. This is a worrying development for computer users. ‘Researchers at Universidad de la República in Uruguay discovered that hackers can use artificial intelligence (AI) to decode signals from HDMI cables and see what’s displayed on […]

The post Researchers Details How Hackers Can Steal Passwords via HDMI Cables appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

A newly discovered vulnerability in Windows File Explorer has raised alarms within the cybersecurity community. Identified as CVE-2024-38100, this security flaw allows attackers to escalate privileges by exploiting a seemingly innocuous wallpaper feature. CVE-2024-38100 – Windows File Explorer Elevation of Privilege Vulnerability Released on July 9, 2024, CVE-2024-38100 is a critical vulnerability that Microsoft has […]

The post Leaked Wallpaper Vulnerability Exposes Windows Users to Privilege Escalation Attacks appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

The IRS-Criminal Investigation, the US Department of Justice (DOJ), and the Federal Bureau of Investigation (FBI), in partnership with the German Federal Criminal Police Office (BKA) and the Attorney General’s Office in Frankfurt, successfully seized the domain of the online cryptocurrency wallet Cryptonator. The takedown was due to the platform’s failure to implement appropriate anti-money […]

The post Authorities Seized Cryptonator Site & Charged the Admin appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has addressed several critical vulnerabilities in its Chromium-based Edge browser. Users of the affected versions are strongly advised to update to the latest version to mitigate potential security risks. According to the Asec Ahnlab reports, the vulnerabilities were found in Microsoft Edge versions 127.0.6533.88 and 127.0.6533.89. These versions are based on the Chromium engine, […]

The post Microsoft Patched a Critical Edge Flaw that Led to Arbitrary Code Execution appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Hackers have been actively exploiting a critical vulnerability in the WordPress plugin 简数采集器 (Keydatas). The vulnerability, CVE-2024-6220, allows unauthenticated threat actors to upload arbitrary files to a vulnerable site, potentially leading to remote code execution and complete site takeover. This alarming development underscores the importance of maintaining updated plugins and robust security measures. Discovery and […]

The post Hackers Actively Exploiting WordPress Plugin Arbitrary File Upload Vulnerability appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Today, the National Crime Agency (NCA) revealed the successful shutdown of Russian Coms, a sophisticated fraud platform responsible for defrauding thousands of victims worldwide. Established in 2021, this platform facilitated over 1.3 million scam calls to 500,000 unique UK phone numbers, resulting in estimated financial losses in the tens of millions. The Mechanics of Russian […]

The post NCA Shuts Down Major Fraud Platform that Triggers 1.8 Million Scam Calls appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Security Risk Advisors (SRA) announces the launch of VECTR Enterprise Edition, a premium version of its widely-used VECTR platform for purple teams and adversary management program reporting and benchmarking. VECTR Enterprise is designed to support organizations that want to mature and communicate the success of their purple team exercises with benchmarking and executive reporting features. […]

The post Security Risk Advisors Announces Launch of VECTR Enterprise Edition appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

A new variant of the TgRAT malware, initially discovered in 2022 targeting Windows systems, has been observed attacking Linux servers. This evolution marks a significant shift in the malware’s capabilities, broadening its potential impact on a wider range of systems. The Linux version of TgRAT was found in the wild earlier this month, raising alarms […]

The post TgRAT Malware Attacking Linux Servers with New Variant appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

In 2024, the safety of the internet has become paramount. Let’s be clear—we do not want cybercriminals to steal our private data. One of the ways to stay safe and sound online is by using a VPN.  So, what is a VPN? It’s a virtual private network that secures web browsing, including Chrome. It encompasses […]

The post Chrome: Essential Tools for Secure Browsing appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

A recently discovered vulnerability in Bitdefender’s GravityZone Update Server has raised significant security concerns. Identified as CVE-2024-6980, this flaw allows attackers to execute server-side request forgery (SSRF) attacks, potentially compromising sensitive data and systems. With a CVSS score of 9.2, this vulnerability is categorized as critical. The scoring breakdown indicates that the flaw is accessible […]

The post Bitdefender Flaw Let Attackers Trigger Server-Side Request Forgery Attacks appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

A forwarded Telegram video advertises heavily discounted, high-profile cryptocurrency projects, enticing viewers with links to a seemingly legitimate second-tier exchange and a concealed malicious link.  Through the use of this social engineering strategy, which is intended to lull victims into a false sense of security, users are most likely directed to a fraudulent platform to […]

The post Beware Of Malicious Crypto Management App That Drains Your Wallet appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Users use Voice Over Wi-Fi (VoWiFi) quite frequently nowadays, as it’s a technology that enables them to make voice calls over a Wi-Fi network. This technology does so without relying on traditional cellular networks.  Besides this, doing so allows the users to enhance their call quality and reliability in areas with poor network quality. But, […]

The post Voice Over Wi-Fi Vulnerability Let Attackers Eavesdrop Calls And SMS appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Delta Air Lines has enlisted the legal expertise of David Boies, chairman of Boies Schiller Flexner, to seek damages from cybersecurity firm CrowdStrike and tech giant Microsoft. This follows a catastrophic system crash on July 19 that resulted in the cancellation of thousands of flights and left millions of computers offline. Delta has suffered significant […]

The post CrowdStrike & Microsoft to Face Lawsuit from Delta Air Lines Following System Crash appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.