LummaC2 Stealer Leverages Customized Control Flow Indirection For Execution
The LummaC2 obfuscator employs a novel control flow protection scheme designed specifically for its stealer component, which is part of a broader set of transformations,…
Category: GBHackers
Hackers Abuse HTML Smuggling Technique To Deliver Sophisticated Phishing Page
Phishing attackers employed an HTML smuggling technique to deliver a malicious payload, as the attack chain started with a phishing email mimicking an American Express…
Hackers Abusing third-party email infrastructure to Send Spam Mails
Hackers are increasingly exploiting third-party email infrastructures to send spam emails. This tactic complicates the detection and prevention of spam and threatens the integrity of…
Hacking Kia Cars Remotely with a License Plate
Cybersecurity researchers have uncovered a significant vulnerability in Kia vehicles that allowed hackers to remotely control key functions using nothing more than a car’s license…
Hackers Weaponizing PDF files To Deliver New SnipBot Malware
The RomCom malware family, particularly its SnipBot variant, has evolved into a sophisticated threat capable of ransomware, extortion, and targeted credential gathering. It employs various…
Researchers Backdoored Azure Automation Account Packages And Runtime Environments
Runtime environments offer a flexible way to customize Automation Account Runbooks with specific packages. While base system-generated environments can’t be directly modified, they can be…
TWELVE Threat Attacks Windows To Encrypt Then Deleting Victims’ Data
The threat actor, formed in 2023, specializes in ransomware attacks targeting Russian government organizations. It encrypts and deletes victim data, exfiltrates sensitive information, and aims…
Google Warns Of North Korean IT Workers Have Infiltrated The U.S. Workforce
North Korean IT workers, disguised as non-North Koreans, infiltrate various industries to generate revenue for their regime, evading sanctions and funding WMD programs by exploiting…
Octo2 Android Malware Attacking To Steal Banking Credentials
The original threat actor behind the Octo malware family has released a new variant, Octo2, with enhanced stability for remote action capabilities to facilitate Device…
RansomHub Ransomware Using Multiple Techniques To Disable EDR And Antivirus
The RansomHub ransomware group tracked as Water Bakunawa, employs targeted spear-phishing to exploit the Zerologon vulnerability, allowing them to gain unauthorized access to networks, affecting…
New Mallox Ransomware Linux Variant Attacking Enterprise Linux Servers
Kryptina RaaS, a free and open-source RaaS platform for Linux, initially struggled to attract attention. Still, after a Mallox affiliate’s staging server was leaked in…
TeamTNT Hackers Attacking VPS Servers Running CentOS
TeamTNT is targeting CentOS VPS clouds with SSH brute force attacks. It has uploaded a malicious script that disables security, deletes logs, and modifies system…