Windows Arbitrary File Deletion Flaw Leads System compromise
Threat actors were using Windows Arbitrary File Deletion to perform Denial-of-service attacks on systems affected by this vulnerability. However, recent reports indicate that this Windows…
Category: GBHackers
Beware of Fake Browser Updates that Install Malware on Systems
In recent times, it’s been observed that fake malware-loaded browser updates are gaining rapid growth in the threat landscape. Rapid7 researchers recently identified a Fake…
Researchers uncover Gamaredon’s Infrastructure that Uses Word Docs
Gamaredon, also known as Primitive Bear, Actinium, or Shuckworm, is a Russian Advanced Persistent Threat (APT) group active since at least 2013. It is a…
Top 10 SaaS Security Checklist in 2023
Software as a Service (SaaS) security refers to the measures and practices employed to protect SaaS solutions’ data, applications, and infrastructure. SaaS is a cloud…
Sponsor Malware Attacking Government, and Healthcare Organizations
The Ballistic Bobcat is an Iran-aligned APT group, and initially, about two years ago, cybersecurity researchers at ESET tracked this threat group. Here below, we…
Hive0117 Group Attacking Employees of significant industries
Hive0117 group has launched a new phishing campaign, which targets individuals working for significant industries in the energy, banking, transportation, and software security sectors with…
Fix for 4 Security Vulnerabilities
Notepad++ v8.5.7 has been released, which has several bug fixes and new features. There has also been Integrity and authenticity validation, added Security enhancement and…
Hackers Using Microsoft Teams to Deliver DarkGate Malware
Recent reports indicate that threat actors have been using Microsoft Teams to deliver DarkGate Loader malware. The campaign originated from two compromised external Office 365…
Hackers Exploit Zero-Day Flaw in management software
In the evolving hospitality industry landscape, where vacation rental software has transitioned from luxury to necessity, a growing concern emerges regarding cybersecurity. This software, while…
Researchers Uncover Phishing Empire Attacking 56,000+ Microsoft 365 Accounts
Recent reports indicate that a new threat actor named “W3LL” has been discovered running a large phishing empire completely hidden until now. It was also…
PHPFusion Flaw Allows Attackers to Read Critical System Data
On Tuesday, Synopsys addressed High and medium vulnerabilities CVE-2023-2453, and CVE-2023-4480 discovered in PHPFusion by the researchers. PHPFusion is an open-source content management system (CMS)…
Hackers Use Weaponized LNK Files to Deploy RedEyes Malware
AhnLab Security Emergency Response Center (ASEC) has issued a warning about a significant security threat involving the distribution of malicious LNK files. This threat, known…