Cobalt Strike 4.9 Released: What’s New!
The latest version of Cobalt Strike 4.9 is now available. This release includes improvements to Cobalt Strike’s post-exploitation capabilities, including the ability to export Beacon…
Category: GBHackers
Mirai-based DDoS Attackers Adopted New Router Exploits
In September 2023, FortiGuard Labs’ vigilant team uncovered a significant development in the IZ1H9 Mirai-based DDoS campaign. This campaign, known for its aggressive tactics, had…
MacOS DirtyNIB Vulnerability Let Attackers Execute Malicious Code
A new zero-day vulnerability has been discovered in Apple’s macOS systems, which allows threat actors to execute code on behalf of a legitimate Apple application.…
Video Surveillance Camera Vulnerability to Disable Alarms
Pablo Martínez, a member of the Red Team at cybersecurity firm Entelgy Innotec Security, has uncovered significant vulnerabilities in low-cost video surveillance cameras available for…
Maintainers of a open tool Warns of Critical Curl Vulnerability
Two new vulnerabilities have been discovered in the widely used Curl tool. These two vulnerabilities are identified as CVE-2023-38545 and CVE-2023-38546. One of these vulnerabilities…
Lazarus APT Group Laundered $900 Million of Cryptocurrency
Threat actors have been laundering currencies with multiple methods. One of the most predominant ways they have been using lately was the Cross-chain crime. In…
Chinese Android-based Devices come pre-installed With Firmware
The Trojan War’s famous horse trick inspired the term for cyberattacks, where a user unwittingly downloads a file that causes harm when opened. HUMAN’s Satori…
Qakbot Deliver Knight Ransomware & Weaponized LNK Files
Qakbot’s infrastructure and cryptocurrency assets were seized by government authorities in an operation in August 2023 with the assistance of international allies, raising concerns about…
Chinese Hackers Attacking Industries using Cobalt Strike beacon
A cyber espionage campaign has been discovered in which threat actors use a variant of the HyperBro loader along with a Taiwan Semiconductor Manufacturing (TSMC)…
Storm-0324 Abusing Microsoft Teams To Gain Access & Deploy Ransomware
Storm-0324, a financially driven threat actor group, was detected delivering phishing messages using Microsoft Teams. In the past, it has been accused of disseminating phishing…
Top 10 Cybersecurity Misconfigurations for Assessments
In a recent joint effort to bolster national cybersecurity, the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have unveiled their…
Top 7 REST API Security Strategies to Secure Your Endpoints
In today’s REST API-driven landscape, most APIs are REST-based and widely utilized by web applications. These APIs are like versatile tools for sending and receiving…