Researchers Detailed Credential Abuse Cycle
The United States Department of Justice has unsealed an indictment against Anonymous Sudan, a hacking group responsible for distributed denial-of-service attacks. LameDuck, a new threat…
Category: GBHackers
ToxicPanda Banking Malware Attacking Banking Users To Steal Logins
Recent research has uncovered a new strain of malware developed for Android devices, initially misidentified as TgToxic. Despite sharing some bot command similarities, this malware,…
Azure API Management vulnerabilities Let Attackers Escalate Privileges
Recent discoveries by Binary Security have revealed critical vulnerabilities in Azure API Management (APIM) that could allow attackers with minimal privileges to escalate their access and take…
Google Patches High-Severity Vulnerabilities in Chrome
Google has released a new update for its Chrome browser, addressing two high-severity vulnerabilities. The Stable channel has now been updated to version 130.0.6723.116/.117 for Windows and…
Hackers Created 100+ Fake Web Stores To Steal Millions Of Dollars From Customers
The Phish, ‘n’ Ships fraud operation leverages, compromised websites to redirect users to fake online stores, which, optimized for search engine visibility, trick victims into…
ClickFix Exploits GMeet & Zoom Pages to Deliver Sophisticated Malware
A new tactic, “ClickFix,” has emerged. It exploits fake Google Meet and Zoom pages to deliver sophisticated malware. The Sekoia Threat Detection & Research (TDR)…
Hackers Using AV/EDR Bypass Tool From Cybercrime Forums To Bypass Endpoints
Researchers uncovered two previously unknown endpoints with older Cortex XDR agents that used to test an AV/EDR bypass tool were compromised, granting unauthorized access. The…
APT36 Hackers Attacking Windows Deevices With ElizaRAT
APT36, a sophisticated threat actor, has been actively targeting Indian entities with advanced malware like ElizaRAT, which is designed for espionage. It leverages cloud-based services…
Google Patched 40 Security Vulnerabilities Along With Two Zero-Days
Google has released a batch of security updates addressing 40 vulnerabilities, two of which are critical zero-day exploits. As reported in the November 2024 Android…
Russian Hackers Attacking Ukraine Military With Malware Via Telegram
Researchers discovered a Russian-linked threat actor, UNC5812, utilizing a Telegram persona named “Civil Defense. ” This persona has been distributing Windows and Android malware disguised…
A Massive Hacking Toolkit From “You Dun” Threat Group Developed To Lauch Massive Cyber Attack
The “You Dun” hacking group exploited vulnerable Zhiyuan OA software using SQL injection, leveraging tools like WebLogicScan, Vulmap, and Xray for reconnaissance. They further escalated…
Russia, Iran, And China Influence U.S. Elections, Microsoft Warns
The researchers have observed consistent efforts by Russia, Iran, and China to exert foreign influence on democratic processes in the United States. Recent U.S. government…