Aggregator

Двухслойный пирог из сульфида хрома изменит будущее электроники.

Symantec has recently identified a sophisticated phishing campaign targeting users of Monex Securities (マネックス証券), a prominent online securities company in Japan formed through the merger of Monex, Inc. and Nikko Beans, Inc. The company provides individual investors with a range of financial services, making it an attractive target for cybercriminals. The phishing operation involves the […]

The post New Phishing Campaign Targets Investors to Steal Login Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a concerning development, CERT-UA, Ukraine’s Computer Emergency Response Team, has reported a series of cyberattacks attributed to the hacker group identified as UAC-0219. These attacks, which have been ongoing since the fall of 2024, utilize an advanced PowerShell-based malware tool named WRECKSTEEL to infiltrate computers and extract sensitive data. The primary targets include government […]

The post UAC-0219 Hackers Leverage WRECKSTEEL PowerShell Stealer to Extract Data from Computers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The malware, first discovered in 2016, has been updated over the years, and the latest version is now hiding in the firmware of counterfeit mobile phones.

Hunters International, a ransomware group suspected to be a rebrand of the infamous Hive ransomware, has been linked to widespread attacks targeting Windows, Linux, FreeBSD, SunOS, and ESXi systems. Emerging in October 2023, the group has gained notoriety for its sophisticated techniques in data exfiltration and extortion. Cybersecurity researchers have noted similarities between Hunters International’s […]

The post Hunters International Linked to Hive Ransomware in Attacks on Windows, Linux, and ESXi Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a recent cyberattack attributed to the Qilin ransomware group, threat actors successfully compromised a Managed Service Provider (MSP) by mimicking the login page of ScreenConnect, a popular Remote Monitoring and Management (RMM) tool. The attack, which occurred in January 2025, highlights the growing sophistication of phishing campaigns targeting MSPs to exploit downstream customers. Sophos’ […]

The post Qilin Operators Imitate ScreenConnect Login Page to Deploy Ransomware and Gain Admin Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly uncovered cyber-espionage campaign, dubbed Operation HollowQuill, has been identified as targeting academic, governmental, and defense-related networks in Russia using weaponized PDF documents. The operation, tracked by SEQRITE Labs APT-Team, leverages decoy research invitations to infiltrate systems associated with the Baltic State Technical University (BSTU “VOENMEKH”), a key institution for defense and aerospace research […]

The post Operation HollowQuill Uses Malicious PDFs to Target Academic and Government Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

CISO mind maps are helpful, but they reinforce a tactical view of security. Learn why modern CISOs need a new mental model focused on strategy, value, and board-level impact.

The post CISO Transformation: It’s Time for a New Mental Model first appeared on Identient.

The post CISO Transformation: It’s Time for a New Mental Model appeared first on Security Boulevard.

Technology Giant Accused of Using 'Wordplay' to Previously Deny Breach Reports
Cybersecurity experts have slammed Oracle's handling of a large data breach that it's reportedly confirming to 140,000 affected cloud infrastructure clients - but only verbally, and not in writing - following nearly two weeks of it having denied that any such breach occurred.

As Tax Day approaches in the United States on April 15, Microsoft has detected several tax-themed phishing campaigns employing various tactics. These campaigns use malicious hyperlinks and attachments to deliver credential phishing and malware including RaccoonO365, AHKBot, Latrodectus, BruteRatel C4 (BRc4), and Remcos.

The post Threat actors leverage tax season to deploy tax-themed phishing campaigns appeared first on Microsoft Security Blog.

As Tax Day approaches in the United States on April 15, Microsoft has detected several tax-themed phishing campaigns employing various tactics. These campaigns use malicious hyperlinks and attachments to deliver credential phishing and malware including RaccoonO365, AHKBot, Latrodectus, BruteRatel C4 (BRc4), and Remcos.

The post Threat actors leverage tax season to deploy tax-themed phishing campaigns appeared first on Microsoft Security Blog.

Документ нацелен исключительно на противодействие кибератакам.

今日暂未更新资讯~
更多最新文章，请访问SecWiki

A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been rated as critical. This issue affects some unknown processing of the file /aboutus.php. The manipulation of the argument pagetitle leads to sql injection. The identification of this vulnerability is CVE-2025-3231. The attack may be initiated remotely. Furthermore, there is an exploit available.

How AI agents can help purple teaming, inside the stolen credential ecosystem, and more: We read through the RSA agenda so you don't have to.

MFA Fatigue Attacks on the Rise Yet another challenge is undermining the effectiveness of MFA: MFA fatigue attacks. In an MFA fatigue attack (sometimes also referred to as an “MFA bombing” or “push bombing” attack), a hacker who already possesses a valid username and password bombards the rightful user with repeated MFA login approval requests […]

The post Stopping MFA Fatigue Attacks Before They Start: Securing Your Entry Points appeared first on Security Boulevard.