Cloudflare Server Compromised Due to Leaked Access Token
On November 23, 2023, Cloudflare detected a threat actor on the self-hosted Atlassian server. The attack was initiated using a single stolen access token and…
Category: GBHackers
Researchers Unvield the Sophisticated Ransomware by Black Hunt
The Black Hunt ransomware has recently become a significant threat to the cybersecurity landscape. This malicious software has already wreaked havoc on around 300 companies…
Multiple Container Flaws allow attackers to access host OS
Four new vulnerabilities have been identified in containers that could allow a threat actor to escape the container and gain access to the host system.…
What is SaaS Sprawl and how to Combat its Security Risks?
When we talk about the cloud, it’s not just a matter of data drifting weightlessly in some digital ether. The cloud environment is more like…
Mispadu Malware Exploits Windows SmartScreen to Attack Users
A new variant of Mispadu stealer has been identified by researchers, which specifically targets victims in Mexico. This variant of Mispadu stealer utilizes the Windows…
Hackers Using 130,000+ Domains for Cyber Attacks
A new large-scale campaign named “ApateWeb ” has been discovered, which uses over 130,000 domains to deliver scareware, potentially unwanted programs, and other scam pages.…
FritzFrog Botnet Attacking Linux Servers to Steal SSH Credentials
The FritzFrog botnet, originally identified in 2020, is an advanced peer-to-peer botnet built in Golang that can operate on both AMD and ARM-based devices. With…
New Android Malware on Google Play Disguised as News Apps
Twelve malicious Android espionage applications have been discovered by researchers, with all of them executing a remote access trojan (RAT) code known as VajraSpy. Six…
State-of-the-Art Redis Malware Bypasses Security Solutions
Discovering a clandestine and potent menace, Aqua Nautilus researchers have brought to light the HeadCrab, an advanced threat actor wielding bespoke malware targeting Redis servers…
Ivanti Discloses 2 New zero-days, 1 Under Active Exploitation
Two new zero-day vulnerabilities have been discovered in Ivanti Connect Secure and Ivanti Policy Secure products that are assigned with CVE-2024-21888 and CVE-2024-21893. Additionally, one…
Any.RUN Sandbox Now Expanded to Analyze Linux Malware
The ANY.RUN sandbox has now been updated with support for Linux, further enhancing its ability to provide an isolated and secure environment for malware analysis…
Pawn Storm APT Launch Hash Relay Attacks on Govt Departments
In the analysis by Trendmicro, they dissect the recent maneuvers of this advanced persistent threat (APT) actor, shedding light on its unyielding repetition of tactics…