GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

Researchers observed Lumma Stealer activity across multiple online samples, including PowerShell scripts and a disguised EXE installer, as analysis revealed a parent-child relationship between these samples, all of which communicated with the same C2 server. The Lumma Stealer Trojan, observed in the provided sample, employs advanced techniques to exfiltrate sensitive data from popular browsers and […]

The post Lumma Stealer Attacking Users To Steal Login Credentials From Browsers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated attack targeting various organizations, unlike typical nation-sponsored attacks.  While primarily associated with BeaverTail and InvisibleFerret malware, SOCs have recently observed OtterCookie deployed within this campaign.  OtterCookie exhibits distinct behavior from its predecessors, demonstrating the campaign’s evolution and expanding threat landscape, which […]

The post New ‘OtterCookie’ Malware Attacking Software Developers Via Fake Job Offers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The recent discovery of the NjRat 2.3D Professional Edition on GitHub has raised alarms in the cybersecurity community. This notorious Remote Access Trojan (RAT), also known as Bladabindi, has long been a tool of choice for cybercriminals due to its extensive capabilities and ease of use. The availability of its latest version on an open-source […]

The post NjRat 2.3D Pro Edition Shared on GitHub: A Growing Cybersecurity Concern appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability, CVE-2024-3393, has been identified in the DNS Security feature of Palo Alto Networks’ PAN-OS software. This flaw allows unauthenticated attackers to exploit firewalls through specially crafted packets, causing denial-of-service (DoS) conditions. The issue has been actively exploited, prompting urgent mitigation measures. Details of the Vulnerability The vulnerability stems from improper handling of […]

The post Palo Alto Networks Vulnerability Puts Firewalls at Risk of DoS Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat Analysts have reported alarming findings about the “Araneida Scanner,” a malicious tool allegedly based on a cracked version of Acunetix, a renowned web application vulnerability scanner. The tool has been linked to illegal activities, including offensive reconnaissance, scraping user data, and identifying vulnerabilities for exploitation. The “Araneida Scanner” is being sold on platforms like […]

The post Araneida Scanner – Hackers Using Cracked Version Of Acunetix Vulnerability Scanner appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which involves the systematic collection and exploitation of genuine identity documents and images.  Attackers utilize these resources to develop and sell techniques for bypassing identity verification systems, presenting a significant database and evolving threats to businesses and individuals alike.  Researchers have identified […]

The post A Dark Web Operation Acquiring KYC Details TO Bypass Identity Verification Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Adobe has issued a critical security update for ColdFusion versions 2023 and 2021 to address a major vulnerability that could lead to an arbitrary file system read. The identified vulnerability, CVE-2024-53961, has a known proof-of-concept exploit, making the updates crucial for users. This release underscores Adobe’s commitment to ensuring the security and integrity of its […]

The post Adobe Warns of ColdFusion Vulnerability Allows Attackers Read arbitrary files appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Two malicious Python packages, Zebo-0.1.0 and Cometlogger-0.1, were recently detected by Fortinet’s AI-driven OSS malware detection system. These packages, spotted on November 16 and November 24, 2024, respectively, represent significant threats to users by leveraging advanced malware techniques. These findings underscore the critical importance of robust cybersecurity measures to protect against such sophisticated threats. Malicious […]

The post Beware of New Malicious PyPI packages That Steals Login Details appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A Brazilian man, Junior Barros De Oliveira, has been charged with multiple counts of cybercrime and extortion for hacking into the computer systems of a Brazilian subsidiary of a New Jersey-based company and attempting to extort millions in Bitcoin. The indictment, unsealed in Newark federal court on December 23, 2024, accuses De Oliveira of accessing […]

The post Brazilian Hacker Arrested Hacking Computers & Selling Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

McDonald’s India (West & South) / Hardcastle Restaurants Pvt. Ltd. operates a custom McDelivery web app for ordering McDonald’s food for delivery, dine-in, and takeout.  The app is popular, with over 10 million downloads on Google Play and #16 in Food & Drink on the Apple App Store and offers various options to choose from […]

The post McDonald’s Delivery App Bug Let Customers Orders For Just $0.01 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cryptocurrency hacking incidents in 2024 surged 21.07% YoY to $2.2 billion, with 303 breaches reported, which marks the fifth year exceeding $1 billion in stolen funds, demonstrating a concerning correlation between crypto market growth and the scale of cyberattacks.  Crypto hacking activity experienced a significant surge in the first half of 2024, reaching $1.58 billion […]

The post North Korean Hackers Stolen $2.2 Billion From Crypto Platforms In 2024 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hackers have reportedly infiltrated and extracted a vast 82 GB of sensitive data from the Indonesian government’s Regional Financial Management Information System (Sistem Informasi Pengelolaan Keuangan Daerah, or SIPKD). This system is operated by the Badan Pendapatan, Pengelolaan Keuangan, dan Aset Daerah (BPPKAD), which translates to the Regional Revenue, Finance, and Asset Management Agency of Blora […]

The post Indonesia Government Data Breach – Hackers Leaked 82 GB of Sensitive Data Online appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

IBM has issued a security bulletin warning of two vulnerabilities in its AIX operating system that could potentially lead to denial-of-service (DoS) attacks. The affected kernel extensions—perfstat and TCP/IPmpresent risks to systems running on AIX 7.2, AIX 7.3, VIOS 3.1, and VIOS 4.1. The vulnerabilities are tracked under CVE-2024-47102 and CVE-2024-52906, each with a Common […]

The post IBM AIX TCP/IP Vulnerability Lets Attackers Exploit to Launch Denial of Service Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Apache Software Foundation has issued a security alert regarding a critical vulnerability in Apache HugeGraph-Server. The flaw, identified as CVE-2024-43441, could potentially allow authentication bypass due to an issue with assumed-immutable data in JWT tokens. The vulnerability impacts versions 1.0 to 1.3 of Apache HugeGraph-Server, prior to the release of version 1.5.0. Users running […]

The post Apache Auth-Bypass Vulnerability Lets Attackers Gain Control Over HugeGraph-Server appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Chinese National Internet Emergency Center (CNIE) has revealed two significant cases of cyber espionage targeting Chinese technology companies and research institutions. These attacks, suspected to be orchestrated by U.S. intelligence agencies, aimed to steal sensitive commercial secrets and intellectual property, raising alarm over the growing sophistication of cyber threats. Targeting Advanced Material Design Companies […]

The post USA Launched Cyber Attack on Chinese Technology Firms appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing millions of systems to potential remote code execution (RCE) and privilege escalation attacks. The vulnerability, assigned CVE-2024-56334, highlights the importance of secure coding practices when dealing with untrusted user input. The vulnerability resides in the getWindowsIEEE8021x function of the systeminformation package, specifically affecting versions ≤5.23.6. The issue […]

The post Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer through malicious packages disguised as legitimate tools. The threat actor, “k303903,” compromised hundreds of machines before the packages were removed.  Subsequent analysis revealed that “k303903” likely operates under the aliases “shegotit2” and “pressurized,” all exhibiting identical or highly similar tactics, techniques, […]

The post Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the initial sample (MD5 14f6c034af7322156e62a6c961106a8c) provided valuable insights into its version and development timeline.  A second suspicious sample on the same machine, while exhibiting similar functionality to BellaCiao, was a C++ reimplementation of an older version, suggesting a potential evolution in the […]

The post BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A seemingly benign health app, “BMI CalculationVsn,” was found on the Amazon App Store, which secretly collected sensitive user data, including installed app package names and incoming SMS messages, posing a significant privacy threat. The BMI calculator app conceals malicious intent, as the app’s primary function is a smokescreen for a variety of harmful activities, […]

The post Malicious Apps On Amazon Appstore Records Screen And Interecpt OTP Verifications appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Lazarus Group has recently employed a sophisticated attack, dubbed “Operation DreamJob,” to target employees in critical sectors like nuclear energy, which involves distributing malicious archive files disguised as legitimate job offers.  Once executed, these files unleash a multi-stage infection chain, comprising a downloader, loader, and backdoor, allowing the threat actor to establish persistent access […]

The post Lazarus Hackers Using New VNC Based Malware To Attack Organizations Worldwide appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.