Cyber Attack Archives - GBHackers Security | #1 Globally Trusted Cyber Security News Platform

CRON#TRAP Campaign Attacks Windows Machine With Weaponized Linux Virtual Machine

Tushar Subhra — Wed, 06 Nov 2024 12:17:25 +0000

Weaponized Linux virtual machines are used for offensive cybersecurity purposes, such as “penetration testing” or “exploiting vulnerabilities.” These setups often use the tools and frameworks that are designed for ethical hacking. Securonix researchers recently detected CRON#TRAP campaign that has been attacking Windows machines with weaponized Linux virtual machines. Technical analysis CRON#TRAP is a sophisticated cyber […]

The post CRON#TRAP Campaign Attacks Windows Machine With Weaponized Linux Virtual Machine appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

APT36 Hackers Attacking Windows Deevices With ElizaRAT

Aman Mishra — Tue, 05 Nov 2024 10:33:08 +0000

APT36, a sophisticated threat actor, has been actively targeting Indian entities with advanced malware like ElizaRAT, which is designed for espionage. It leverages cloud-based services for covert communication and data exfiltration. Recent campaigns have seen significant enhancements in ElizaRAT’s evasion techniques, making it a potent tool for persistent attacks. The integration of ApoloStealer into the […]

The post APT36 Hackers Attacking Windows Deevices With ElizaRAT appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit

Aman Mishra — Mon, 04 Nov 2024 13:08:31 +0000

The Evasive Panda group deployed a new C# framework named CloudScout to target a Taiwanese government entity in early 2023, which leverages three modules, CGM, CGN, and COL, to hijack web sessions and access cloud services like Google Drive, Gmail, and Outlook. By stealing cookies from a victim’s browser, CloudScout can bypass 2FA and IP […]

The post Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files

Aman Mishra — Mon, 04 Nov 2024 12:40:55 +0000

Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in various sectors. The attacks involve sending signed RDP configuration files to thousands of targets, aiming to compromise systems for intelligence gathering. The actor impersonates Microsoft employees and references other cloud providers to increase credibility, so users are advised to be […]

The post Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Russia, Iran, And China Influence U.S. Elections, Microsoft Warns

Aman Mishra — Mon, 04 Nov 2024 12:02:03 +0000

The researchers have observed consistent efforts by Russia, Iran, and China to exert foreign influence on democratic processes in the United States. Recent U.S. government actions have exposed Iranian cyberattacks on the Trump-Vance campaign and the dissemination of stolen Trump campaign materials to Biden campaign associates and media outlets. Foreign entities can spread misleading information […]

The post Russia, Iran, And China Influence U.S. Elections, Microsoft Warns appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A Massive Hacking Toolkit From “You Dun” Threat Group Developed To Lauch Massive Cyber Attack

Gurubaran — Mon, 04 Nov 2024 11:58:04 +0000

The “You Dun” hacking group exploited vulnerable Zhiyuan OA software using SQL injection, leveraging tools like WebLogicScan, Vulmap, and Xray for reconnaissance. They further escalated privileges on compromised hosts with tools like traitor and CDK. Active Cobalt Strike server leaked, revealing its use in various cyberattacks, including ransomware deployment (LockBit 3) and data theft. The […]

The post A Massive Hacking Toolkit From “You Dun” Threat Group Developed To Lauch Massive Cyber Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Russian Hackers Attacking Ukraine Military With Malware Via Telegram

Aman Mishra — Mon, 04 Nov 2024 11:53:34 +0000

Researchers discovered a Russian-linked threat actor, UNC5812, utilizing a Telegram persona named “Civil Defense. ” This persona has been distributing Windows and Android malware disguised as legitimate software designed to aid potential conscripts in Ukraine. Once installed, these malicious apps silently deploy additional malware, including SUNSPINNER, while engaging in influence operations to undermine Ukrainian mobilization […]

The post Russian Hackers Attacking Ukraine Military With Malware Via Telegram appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Notorious WrnRAT Delivered Mimic As Gambling Games

Aman Mishra — Tue, 29 Oct 2024 13:15:55 +0000

WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games like Badugi, Go-Stop, and Hold’em to disguise itself as a malicious program. The attackers created a fraudulent gambling website that, when accessed, prompts users to download a game launcher. Instead of initiating the game, the launcher installs the malicious WrnRAT […]

The post Notorious WrnRAT Delivered Mimic As Gambling Games appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

ClickFix Malware Infect Website Visitors Via Hacked WordPress Websites

Aman Mishra — Tue, 29 Oct 2024 08:53:46 +0000

Researchers have identified a new variant of the ClickFix fake browser update malware distributed through malicious WordPress plugins. These plugins, disguised as legitimate tools, inject malicious JavaScript code into compromised websites, tricking users into installing malware. The malware uses blockchain technology to obtain malicious payloads, exploiting social engineering tactics to deceive victims. Over 6,000 websites […]

The post ClickFix Malware Infect Website Visitors Via Hacked WordPress Websites appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

IcePeony Hackers Exploiting Public Web Servers To Inject Webshells

Aman Mishra — Tue, 22 Oct 2024 11:15:30 +0000

IcePeony, a China-nexus APT group, has been active since 2023, targeting India, Mauritius, and Vietnam by exploiting SQL injection vulnerabilities to compromise systems using webshells and backdoors, leveraging a custom IIS malware called IceCache. The attackers accidentally exposed a server containing sensitive data, including a zsh_history file that revealed their detailed attack timeline and techniques. […]

The post IcePeony Hackers Exploiting Public Web Servers To Inject Webshells appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.