GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

North Korean hackers are estimated to have stolen a staggering $2.2 billion in 2024, up 21% from 2023. With advanced tactics and increasing sophistication, the Democratic People’s Republic of Korea (DPRK) has positioned itself as a dominant force in crypto theft, targeting both decentralized finance (DeFi) platforms and centralized exchanges to fund its state-sponsored programs. […]

The post North Korean Hackers Stolen $2.2 Billion from Crypto Platforms in 2024 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A staggering 17 million patient records, containing sensitive personal and medical information, have been stolen in a devastating ransomware attack on PIH Health. The cyberattack, which began on December 1, has disrupted operations at three hospitals: PIH Health Downey Hospital, PIH Health Whittier Hospital, and PIH Health Good Samaritan Hospital, as well as affiliated urgent […]

The post 17M Patient Records Stolen in Ransomware Attack on Three California Hospitals appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new malware variant called Nunu Stealer is making headlines after being advertised on underground hacker forums and Telegram channels. Priced at $100 per month, this malicious tool is gaining attention for its extensive capabilities and potential to wreak havoc on individuals and organizations alike. According to a post shared by a ThreatMon on X, the malware […]

The post Threat Actors Selling Nunu Stealer On Hacker Forums appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical vulnerability has been identified in Siemens’ User Management Component (UMC), which could allow unauthenticated remote attackers to execute arbitrary code. The flaw, designated CVE-2024-49775, is a heap-based buffer overflow vulnerability. Siemens has issued Security Advisory SSA-928984 and urges customers to implement recommended fixes or mitigations to minimize the risks. Details of the Vulnerability The […]

The post Siemens UMC Vulnerability Allows Arbitrary Remote Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Foxit Software has issued critical security updates for its widely used PDF solutions, Foxit PDF Reader and Foxit PDF Editor. The updates—Foxit PDF Reader 2024.4 and Foxit PDF Editor 2024.4/13.1.5—were released on December 17, 2024, to counter vulnerabilities that could leave users exposed to remote code execution (RCE) attacks. Details of the Vulnerabilities The security flaws […]

The post Foxit PDF Editor Vulnerabilities Allows Remote Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has swiftly addressed a critical security vulnerability affecting Windows 11 (version 23H2), which could allow local attackers to escalate privileges to the SYSTEM level. Security researcher Alex Birnberg showcased the exploit during the renowned TyphoonPWN 2024 cybersecurity competition, securing third place for his demonstration of the flaw. TyphoonPWN, one of the premier cybersecurity competitions, […]

The post Windows 11 Privilege Escalation Vulnerability Lets Attackers Execute Code to Gain Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A Romanian man has been sentenced to 20 years in prison for his involvement in the notorious NetWalker ransomware attacks. The sentencing, which took place in the Middle District of Florida, also included a forfeiture order of $21.5 million in illicit proceeds, as well as restitution payments totaling $14,991,580.01. Daniel Christian Hulea, 30, of Jucu […]

The post NetWalker Ransomware Operator Sentenced to 20 Years in Prison appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

 The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical vulnerability impacting BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) products. This newly uncovered flaw tracked as CVE-2024-12356, could allow attackers to execute malicious commands, posing a severe risk to global enterprises relying on these tools for secure remote access and […]

The post CISA Warns of BeyondTrust Privileged Remote Access Exploited in Wild appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

 The Cybersecurity and Infrastructure Security Agency (CISA) has issued eight detailed advisories on vulnerabilities affecting Industrial Control Systems (ICS). These vulnerabilities impact critical software and hardware across various industries, posing risks of service disruption, unauthorized access, and malicious code execution. The following are the key vulnerabilities, their associated Common Vulnerabilities and Exposures (CVEs), and mitigation […]

The post CISA Releases Eight New ICS Advisories to Defend Cyber Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new and advanced ransomware family, dubbed NotLockBit, has emerged as a significant threat in the cybersecurity landscape, closely mimicking the behavior and tactics of the notorious LockBit ransomware. NotLockBit notably distinguishes itself by being one of the first ransomware strains designed to effectively attack both macOS and Windows operating systems, showcasing powerful cross-platform capabilities. […]

The post NotLockBit – Previously Unknown Ransomware Attack Windows & macOS appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Through the use of XLoader and impersonating SharePoint notifications, researchers were able to identify a sophisticated malware delivery campaign.  A link that was disguised as a legitimate SharePoint notification was included in the emails that were sent out at the beginning of the attack.  The engine flagged the message as malicious based on several factors: […]

The post Beware Of Malicious SharePoint Notifications That Delivers Xloader Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Researchers have identified a rise in malicious activity on the VSCode Marketplace, highlighting the vulnerability of the platform to supply chain attacks similar to those previously seen in the npm community. Malicious actors are increasingly exploiting npm packages to distribute malicious code, mirroring tactics previously used in VSCode extensions that involve the npm package etherscancontracthandler, […]

The post Malicious Supply Chain Attacking Moving From npm Community To VSCode Marketplace appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

TA397, also known as Bitter, targeted a Turkish defense organization with a spearphishing email containing a RAR archive, which included a decoy PDF, a malicious LNK file disguised as a PDF, and an ADS file with PowerShell code.  This technique, common for TA397, leverages NTFS ADS to establish persistence and deploy further malware like wmRAT […]

The post Hackers Weaponizing LNK Files To Create Scheduled Task And Deliver Malware Payload appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

BADBOX is a cybercriminal operation infecting Android devices like TV boxes and smartphones with malware before sale, which are often sold through reputable retailers and pose a significant threat to users due to their pre-installed malicious software, making detection challenging. It previously thought eradicated has resurfaced with a significantly expanded reach, infecting over 192,000 Android […]

The post BADBOX Botnet Hacked 74,000 Android Devices With Customizable Remote Codes appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Europol has published a groundbreaking report titled “Leveraging Legitimacy: How the EU’s Most Threatening Criminal Networks Abuse Legal Business Structures.”  The report uncovers the alarming extent to which organized crime groups exploit legitimate business structures to strengthen their power, evade law enforcement, and expand their illegal activities. Building on the findings of its April 2024 study, “Decoding […]

The post Europol Details on How Cyber Criminals Exploit legal businesses for their Economy appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a proposed update to the National Cyber Incident Response Plan (NCIRP), inviting public feedback on the draft. This highly anticipated revision, outlined in a pre-decisional public comment draft released this month, aims to address the evolving cybersecurity landscape amidst increasing threats to critical infrastructure, national security, […]

The post CISA Proposes National Cyber Incident Response Plan appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a joint cybersecurity advisory, the FBI, CISA, NSA, and partner agencies from Canada, the United Kingdom, and Israel have issued an urgent warning about ongoing malicious cyber activities by advanced persistent threat (APT) actors affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC). The advisory provides critical new details on tactics, techniques, and procedures (TTPs) […]

The post Iranian Hackers Launched A Massive Attack to Exploit Global ICS Infrastructure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A high-severity vulnerability has been discovered in the popular web framework, Next.js, which allows attackers to bypass authentication under specific circumstances. The issue, cataloged as CVE-2024-51479, affects versions from 9.5.5 up to 14.2.14. Developers using these versions must quickly upgrade to the patched version 14.2.15 to secure their applications. Authorization Bypass in Next.js ( CVE-2024-51479) […]

The post Next.js Vulnerability Let Attackers Bypass Authentication appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

In a decisive move to bolster cloud security, the Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01: Implementing Secure Practices for Cloud Services. This directive mandates federal civilian agencies to adopt stringent security measures for their cloud-based systems in response to the growing threat of cyberattacks targeting cloud environments.  CISA […]

The post CISA Issues Secure Practices for Cloud Services To Strengthen U.S Federal Agencies appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Fortinet, a global leader in cybersecurity solutions, has issued an urgent security advisory addressing two critical vulnerabilities affecting its FortiManager and FortiWLM products. The vulnerabilities, which can allow unauthorized code execution and sensitive file read access, demand immediate attention to mitigate risks. OS Command Injection in FortiManager (CVE-2024-48889) A critical Improper Neutralization of Special Elements in […]

The post Fortinet Critical Vulnerabilitiy Let Attackers Inject Commands Remotely appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.