Author: Admin

03 April 2025Red LakshmananCybersecurity / Intelligence threats Hated hunters warn of the complex Company Web Skimmer This uses an outdated application programming interface (API) with a payment processor to check the stolen payment information before exclusion. “This tactic guarantees that the attackers are sent only valid card data, making the operation more efficient and potentially more difficult to detect,” – JSCrambler Pedro Fortuna, David Alves and Pedro Marrucho Researchers – Note In the report. 49 merchants estimate have been hit by the company today. Fifteen compromised sites have taken steps to remove malicious scenarios. Activity is estimated as at least…

02 April 2025Red LakshmananCloud security / vulnerability Cybersecurity researchers have revealed details of the vulnerability of the escalation of privileges in the Google Cloud Cloud Platform (GCP), which could allow malicious actors to access container images and even introduce a malicious code. ‘Vulnerability can allow such an identity to abuse his audit audit – Note In a report that shared with Hacker News. Cybersecurity campaign was called a lack of security. After the responsible disclosure of Google, he addressed the problem since January 28, 2025. Google Cloud Run is a fully managed service to perform container applications in a scalable,…

02 April 2025Red LakshmananCrypto -Hockey / malicious software Cybersecurity researchers spilled light on “automatic proposal” called Botnet for mining cryptocurrency Ban (AKA DOTA) is known to be focused on SSH server with weak powers. “Outlaw-it’s malicious Linux software that rests on the SSH Bruth, Cryptocurrency mining and the spread of worms to infect and maintain control over systems,” elastic safety laboratory – Note in a new analysis published on Tuesday. By law is also the name given to the actor threatening for malicious software. He is believed to be of Romanian origin. Other hacking groups prevail Cryptojingingingeking includes 8220, Keksec…

02 April 2025Hacker NewsMatching / data protection Introduction As the cybersecurity landscape develops, service providers play an increasingly important role in maintaining sensitive data and compliance with sectoral rules. The National Institute of Standards and Technology (NIST) offers a comprehensive set of frames that provide a clear path to reliable cybersecurity practice. For service providers follow Nist standards is a strategic business solution. The fulfillment not only protects customer data, but also increases the authority, ordering the incident and provides a competitive advantage. A Step -by -step guide Designed to help service providers understand and implement Nist compliance for their…

02 April 2025Hacker NewsSurface / attack on the Internet When evaluating the external surface of the organization’s attacks get problems with encryption Special attention. Why? Their widespread use, complexity of configuration and visibility of the attackers, and users make them more likely. This emphasizes how important your SSL configurations are to maintain the security of your web application and minimize your attack surface. However research shows that most (53.5%) sites have inadequate security and that Weak SSL/TLS configuration is one of the most common apps. Get the correct SSL configuration and you increase your cyber resistance and save your apps…

02 April 2025Red LakshmananRedemption / Email Security A funded actor of a threat known as Fin7 was associated with the back of the found Android Banking Trojan the name of the same name) that can give them remote access to the impaired Windows systems. “This malicious software allows the attackers to perform the teams of remote shells and other system operations, giving them full control over the infected machine,” Swiss Cybersecurity Company – Note In the technical report of malicious software. Fin7, also called carbon spider, elbus, golden niagari, sangria and wild cow Russian Cybercrime Group famous for its is…

02 April 2025Red LakshmananDetection of threat / malicious software Cybersecurity researchers have discovered the updated version of the forklifts called Hijack Loader, which implements new features to eliminate and establish persistence on impaired systems. “The bypassing forces released a new module that implements the fake stack caused to hide the origin of functional calls (eg – Note In the analysis. “The bypass loader added a new module to check VM to detect malware analysis and sandbox.” The forklift, which was first discovered in 2023, offers the opportunity to deliver useful load in the second stage, such as the information malicious…

01 April 2025Red LakshmananCrypto -Hockey / Security Cloud Open PostgreSQL specimens are the goal of a current company designed to obtain unauthorized access and deploying cryptocurrency miners. Wiz Wiz Cloud Security said the activity is a penetration recruitment that was first indicated by Aqua Security in August 2024 Pg_mem. The company was related to the “Wizard” track, which threatens as Jinx-0126. “Since then, the actor threatens developed, introducing the methods of evading protection, such as the deployment of binary files with a unique hash on the target and performing a useful miner load, probably evading (platform Cloud Worker loads), which…

01 April 2025Red LakshmananEncryption / email safety Upon 21st birthday gmailGoogle has announced the main update that allows the enterprise users to send encrypted to the end (E2EE) to any user in any mailbox in several clicks. This feature is unfolding from today in beta -version, allowing users to send E2ee emails to Gmail users to the organization, planning to send E2ee emails to any Gmail mailbox in the coming weeks and to any mailbox at the end of this year. Making a new encryption model – an alternative to safe/multifunctional Internet extension (S/mime) Protocol – is distinguished in that…

Cybersecurity researchers shed light on a new actor associated with China, called Earth Alux This is aimed at various key sectors such as government, technology, logistics, production, telecommunications, IT services and retail trade in the Asia-Pacific regions (APAC) and Latin American (Latam). “The first observation of his activities took place in the second quarter of 2023; then the APAC region was noted,” – Trend Micro Researchers Lenart Bermejj, Ted Lee and Theo Cheen – Note In a technical report published on Monday. “He was also spotted in Latin America near the mid -2024.” The main goals of the countries on…