1010.cx – Page 91 – cybersecurity / defense / intelligence

Matanbuchus 3.0 Unleashes AstarionRAT via ClickFix Social Engineering and Silent MSI Installs

·

cyber security, Cyber Security News

Matanbuchus 3.0 has resurfaced in a tightly orchestrated intrusion chain that blends ClickFix social engineering, silent MSI installations, DLL sideloading, and a new remote access trojan dubbed AstarionRAT, underscoring how mature loaders are evolving toward stealthy, multi‑stage operations rather than simple payload delivery. The attack starts with a ClickFix prompt that convinces the victim to copy and […]

The post Matanbuchus 3.0 Unleashes AstarionRAT via ClickFix Social Engineering and Silent MSI Installs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
India’s Largest Pharmacy Exposes Customer Personal Data and Internal System Access

·

cyber security, Cyber Security News, Data Breach

A major security vulnerability was recently discovered in the online infrastructure of Dava India, one of the country’s largest generic pharmacy retail chains. The breach, identified by security researcher Eaton, exposed sensitive customer personal data and granted unauthorized access to internal management systems through insecure super administrator APIs. The vulnerability stemmed from an exposed API […]

The post India’s Largest Pharmacy Exposes Customer Personal Data and Internal System Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Webinar: How Modern SOC Teams Use AI and Context to Investigate Cloud Breaches Faster

·

Cloud attacks move fast — faster than most incident response teams. In data centers, investigations had time. Teams could collect disk images, review logs, and build timelines over days. In the cloud, infrastructure is short-lived. A compromised instance can disappear in minutes. Identities rotate. Logs expire. Evidence can vanish before analysis even begins. Cloud forensics is fundamentally

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
New ‘ClickFix’ Malware Payload Targets Browser Cache, Warns Cybersecurity Experts

·

cyber security, Cyber Security News, Malware

Threat actors on underground forums are now promoting a new “ClickFix” payload-delivery technique that hides malware in the browser cache to evade endpoint detection and response (EDR) tools. The seller pitches the method as an evolution of existing ClickFix/FileFix social‑engineering chains, claiming it can execute malicious code via Windows File Explorer without generating obvious network […]

The post New ‘ClickFix’ Malware Payload Targets Browser Cache, Warns Cybersecurity Experts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
My Day Getting My Hands Dirty with an NDR System

·

My objectiveThe role of NDR in SOC workflowsStarting up the NDR systemHow AI complements the human responseWhat else did I try out?What could I see with NDR that I wouldn’t otherwise?Am I ready to be a network security analyst now? My objective As someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience using a network detection and response (

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
How to Securely Edit and Redact Sensitive PDFs: A Cybersecurity Guide

·

cybersecurity, Data Redaction, Data Security, PDF, pdfFiller, Privacy, Security

PDF security guide covering redaction, metadata risks, compliance standards, and safe editing of password-protected files to prevent data leaks.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
EU Parliament Suspends AI Integration on Corporate Devices Over Cybersecurity Fears

·

AI, cyber security, Cyber Security News, GenAI

The European Parliament has taken a precautionary step by disabling built-in artificial intelligence features on work devices issued to lawmakers and staff members, citing unresolved cybersecurity and data protection risks. The decision follows an internal IT security assessment that identified potential vulnerabilities in how AI-powered tools handle sensitive information. According to an internal communication from the Parliament’s […]

The post EU Parliament Suspends AI Integration on Corporate Devices Over Cybersecurity Fears appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
New Sophisticated ‘Carding-as-a-Service’ Marketplaces Fuel Surge in Credit Card Fraud

·

cyber security, Cyber Security News

Credit card fraud has matured into a service-based criminal economy where stolen cards, malware, and support are bundled and sold like commercial products. Underground “dump shops” such as Findsome, UltimateShop, and Brian’s Club now operate as full-fledged carding-as-a-service (CaaS) marketplaces, mirroring legitimate e‑commerce platforms in usability, scale, and customer focus. At the core of this ecosystem is […]

The post New Sophisticated ‘Carding-as-a-Service’ Marketplaces Fuel Surge in Credit Card Fraud appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
DigitStealer Infostealer Targets macOS, Revealing Critical Infrastructure Vulnerabilities

·

cyber security, Cyber Security News, macOS, Vulnerabilities

DigitStealer is an increasingly active macOS‑targeting infostealer whose predictable command‑and‑control (C2) setup exposes structural weaknesses in its operators’ infrastructure decisions. While technically sophisticated on the endpoint, its reuse of the same providers, protocols, and registration patterns has made much of its backend unusually easy to fingerprint and track. The malware is typically delivered via spoofed […]

The post DigitStealer Infostealer Targets macOS, Revealing Critical Infrastructure Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Microsoft Finds “Summarize with AI” Prompts Manipulating Chatbot Recommendations

·

New research from Microsoft has revealed that legitimate businesses are gaming artificial intelligence (AI) chatbots via the “Summarize with AI” button that’s being increasingly placed on websites in ways that mirror classic search engine poisoning (AI). The new AI hijacking technique has been codenamed AI Recommendation Poisoning by the Microsoft Defender Security Research Team. The tech giant

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶