Kamran Spyware Targets Gilgit Baltistan Users Through Hunza News

CySecBot
8 minutes

The emergence of Kamran spyware, targeting users of a regional news website, has raised concerns among cybersecurity experts. Distributed through a possible watering-hole attack on the Hunza News website, the spyware prompts users to grant permissions, allowing access to sensitive data. With its unique code composition, attributing Kamran to a specific APT group is challenging. […]

The post Kamran Spyware Targets Gilgit Baltistan Users Through Hunza News first appeared on Internet Security Blog – Hackology.

Chinese APT Infrastructure Mimics Cloud Backup Services

CySecBot
3 minutes

Cambodian government entities were discovered to be targeted and compromised by Chinese APT actors. The threat actors are using the infrastructure to masquerade as a cloud backup service. The infrastructure also exhibits several malicious nature and persistent connections. China has recently invested in a project to modernize Cambodia’s Ream Naval base, which was initially stopped […]

The post Chinese APT Infrastructure Mimics Cloud Backup Services appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

breaking news

McLaren Health Care revealed that a data breach impacted 2.2 million people

GlobalDefenseBot
5 minutes

McLaren Health Care (McLaren) experienced a data breach that compromised the sensitive personal information of approximately 2.2 million individuals. McLaren Health Care (McLaren) disclosed a data breach that occurred between late July and August. The security breach exposed the sensitive personal information of 2,192,515 people. McLaren Health Care is a nonprofit health care organization based in […]

The post McLaren Health Care revealed that a data breach impacted 2.2 million people appeared first on Security Affairs.

breaking news

Industrial and Commercial Bank of China (ICBC) suffered a ransomware attack

GlobalDefenseBot
3 minutes

The Industrial and Commercial Bank of China (ICBC) suffered a ransomware attack that disrupted trades in the US Treasury market. The Industrial and Commercial Bank of China (ICBC) announced it has contained a ransomware attack that disrupted the U.S. Treasury market and impacted some fixed income and equities transactions “The Securities Industry and Financial Markets […]

The post Industrial and Commercial Bank of China (ICBC) suffered a ransomware attack appeared first on Security Affairs.

Russian Hackers Hijacked Power Station Circuit Breakers Using LotL Technique

CySecBot
3 minutes

In a recent and alarming development, the notorious Russia-linked threat actor Sandworm executed a sophisticated cyber-physical attack targeting a critical infrastructure organization in Ukraine.  The incident, responded to by cybersecurity firm Mandiant, unfolded as a multi-event assault, showcasing a novel technique to impact Industrial control systems (ICS) and operational technology (OT). Unraveling Russia’s Cyber-Physical Capabilities […]

The post Russian Hackers Hijacked Power Station Circuit Breakers Using LotL Technique appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

BlueNoroff Hackers Attacking Apple Users with New macOS Malware

CySecBot
3 minutes

A new malware variant is distributed by BlueNordoff APT group, a financially motivated threat group targeting cryptocurrency exchanges, venture capital firms, and banks. This new campaign has similar characteristics to their RustBucket campaign. BlueNoroff was first discovered in early 2014 during the beginning of North Korea’s Cyber efforts for financial gain to support their military […]

The post BlueNoroff Hackers Attacking Apple Users with New macOS Malware appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

breaking news

SysAid zero-day exploited by Clop ransomware group

GlobalDefenseBot
3 minutes

Microsoft spotted the exploitation of a SysAid zero-day vulnerability in limited attacks carried out by the Lace Tempest group. Microsoft reported the exploitation of a zero-day vulnerability, tracked as CVE-2023-47246, in the SysAid IT support software in limited attacks. The IT giant linked the attacks to the Clop ransomware gang (aka Lace Tempest). The company reported the flaw […]

The post SysAid zero-day exploited by Clop ransomware group appeared first on Security Affairs.

Ducktail fashion week

CySecBot
7 minutes

The Ducktail malware, designed to hijack Facebook business and ads accounts, sends marketing professionals fake ads for jobs with major clothing manufacturers.

New Gootloader Malware Abuses RDP to Spread Rapidly

CySecBot
3 minutes

Hackers target Remote Desktop Protocol (RDP) via malware because it provides them with remote access to a victim’s computer or network, allowing them to:- Cybersecurity researchers at IBM X-Force affirmed recently that in place of conventional frameworks like CobaltStrike, the Gootloader group unveiled GootBot, a new tool for C2 and lateral movement. Gootloader Malware Abuses […]

The post New Gootloader Malware Abuses RDP to Spread Rapidly appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.