Aggregator

Argentina's government told local media that authorities had detected an operation led by Russians that was spreading propaganda and disinformation.

Iran experienced a near-total internet blackout on Wednesday as tensions with Israel escalated into the first week of conflict. Global internet monitor NetBlocks reported almost near-total Internet disruptions in Iran as tensions with Israel escalated into the first week of conflict. However, the exact cause behind the collapse of Iran’s internet remains unclear. While the […]

ПМЭФ запустил новую киберсвязку.

该事件再次提醒行业：安全是一个整体。

Seqrite Labs has uncovered a sophisticated variant of the Masslogger credential stealer malware being distributed through VBScript Encoded (.VBE) files. This advanced threat, which likely spreads via spam emails or drive-by downloads, operates as a multi-stage fileless malware, heavily exploiting the Windows Registry to store and execute its malicious payload without writing files to disk. […]

The post Hackers Use VBScript Files to Deploy Masslogger Credential Stealer Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Просто хотел получить помощь? Жаль, но тебя ждёт лишь потеря данных, контроля и средств.

The DuckDuckGo web browser has expanded its built-in Scam Blocker tool to protect against a broader range of online scams, including fake e-commerce, cryptocurrency exchanges, and "scareware" sites. [...]

Finland's prosecution authority could bring charges soon against three Georgian nationals who were the most senior officers aboard a Russia-linked ship that dragged its anchor through Baltic Sea cables last year.

Satellite communications company Viasat is the latest victim of China's Salt Typhoon cyber-espionage group, which has previously hacked into the networks of multiple other telecom providers in the United States and worldwide. [...]

Viasat Inc., a leading U.S. satellite and wireless communications provider, has been identified as the latest victim in a sweeping cyberespionage campaign attributed to the Chinese state-sponsored group known as Salt Typhoon. The breach, which occurred during the 2024 U.S. presidential campaign, was discovered earlier this year and highlights the growing threat posed by advanced […]

The post Viasat Targeted in Cyberattack by Salt Typhoon APT Group appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Bilder Galerie. It has been declared as critical. This vulnerability affects unknown code of the file galerie.php. The manipulation of the argument config[root_ordner] leads to code injection. This vulnerability was named CVE-2007-4328. The attack can be initiated remotely. Furthermore, there is an exploit available.

North Korean hackers deploy PylangGhost malware through fake crypto job interviews targeting blockchain professionals with phishing and remote access tools.

The North Korea-aligned threat actor known as BlueNoroff has been observed targeting an employee in the Web3 sector with deceptive Zoom calls featuring deepfaked company executives to trick them into installing malware on their Apple macOS devices. Huntress, which revealed details of the cyber intrusion, said the attack targeted an unnamed cryptocurrency foundation employee, who received a

The Golden SAML assault is a lesser-known but much more dangerous threat in a world where password-based hacks breach millions of accounts every month. Unlike common password sprays or phishing attempts, Golden SAML attacks are rare, with Microsoft reporting only 20 incidents across fewer than ten unique customers over the past 24 months as of […]

The post Golden SAML Attack: How Attackers Gain Control of Federation Server’s Private Key appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The global cybersecurity landscape is facing a seismic shift as the Qilin ransomware group, also known as Agenda, has surged to the forefront of digital extortion, demanding ransoms as high as $50 million and disrupting critical services worldwide. Once an obscure player, Qilin has rapidly evolved into the most prevalent and technically sophisticated ransomware operation […]

The post Qilin Ransomware Rises as Major Threat, Demanding $50M in Ransom appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat analysis is a complex task that demands full attention, especially during active incidents, when every second counts. ANY.RUN’s Interactive Sandbox is designed to ease that pressure with an intuitive interface and fast threat detection.   Our new feature, Detonation Actions, takes this further by highlighting detonation steps during analysis. When a specific action is needed […]

The post Simplify Threat Analysis and Boost Detection Rate with Detonation Actions  appeared first on ANY.RUN's Cybersecurity Blog.

Оплатить нельзя. Спросить — тоже нельзя.

DALL-E for coders? That’s the promise behind vibe coding, a term describing the use of natural language to create software. While this ushers in a new era of AI-generated code, it introduces "silent killer" vulnerabilities: exploitable flaws that evade traditional security tools despite perfect test performance. A detailed analysis of secure vibe coding practices is available here. TL;DR: Secure

技术支持骗局层出不穷。安全公司 Malwarebytes 报告，骗子使用 Google 广告在苹果、微软等知名公司的网站注入假的技术支持电话号码。骗子首先在微软、苹果、惠普、PayPal、Netflix 等知名公司的 Google 搜索结果页面购买在顶部展示的广告，Google 只允许广告展示类似 https://www.microsoft.com 之类的链接，但允许在链接右侧添加不可见的参数，骗子就是利用这一漏洞在广告上添加了假的电话支持号码，类似给苹果网址加入参数 /kb/index?page=search&q=☏☏Call%20Us%20%2B1-805-749-2108%20AppIe。用户点击该链接会进入官网的一个有关电话技术支持号码搜索查询页面，显示无该结果。略懂一点技术的人能很轻松识别骗局，但此类骗局本就是针对不怎么了解技术的老年人。

A threat actor group known as Banana Squad has been found exploiting GitHub, a cornerstone platform for developers worldwide, by hosting over 60 malicious repositories containing hundreds of trojanized Python files. Discovered by the ReversingLabs threat research team, this campaign represents a shift toward stealthier and more sophisticated tactics in open-source exploitation. Sophisticated Supply Chain […]

The post Threat Actor Exploit GitHub and Hosted 60 GitHub Repositories with 100s of Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.