Author: Admin
Microsoft warns about e-mail attacks with taxation using PDFS and QR Codes for Delivery Programs
Microsoft warns about multiple phishing companies that use tax related topics to deploy malware and theft of powers. “These companies, in particular – Note In a report that shared with Hacker News. The characteristic aspect of these companies is that they lead to phishing Raccoon365The electronic crime platform, which first appeared in early December 2024. Also delivered deleted Trojans access (rats) as a rat Remcos, as well as other malware and frame after operation such as LatrodectusAhkbot, Gulatorand Brutetel C4 (BRC4). It is estimated that one of these companies, noticed by the technological giant on February 6, 2025, sent hundreds…
North Korean threats behind a contagious interview have taken more and more popular Clickfix Social engineering tactics to attract people looking for work in the field of cryptocurrencies to deliver a previously unregistered back Go, called GolangHost in Windows and Macos Systems. The new activity that is estimated throughout the campaign has been named Interview Clickfake French Cybersecurity Company SEKOIA. Increased interviewAlso monitored as deport development, Dev#Popper and the famous Chollima, is known, has been valid at least from December 2022, although it was only recorded for the first time in the late 2023. “It uses legitimate web -residues to…
03 April 2025Hacker News The rules have changed. Again. Artificial intelligence brings new powerful tools to business. But it also gives cybercriminals smarter ways of attack. They move faster, aiming at more accurately and slipping past the old defense without noticing. And here’s the harsh truth: If your security strategy has not developed with AI, you are already behind. But you’re not alone – and you’re not powerless.Now Cybercriminals use II not only to automate the attacks, but also to customize them – according to phishing sheets, cloning of voice, manipulation of data models and check systems for subtle weaknesses…
Google Patches a quick vulnerability that allows the silent translation of the files without consent
03 April 2025Red LakshmananPrivacy / vulnerability of data Cybersecurity researchers disclosed Details of the new vulnerability that affects the short Google data utility for Windows, which can be used to achieve service (DOS) or send arbitrary files to the target device without approval. The downside, tracked as Cve-2014-10668 (CVSS assessment: 5.9), this is bypass for two of the 10 deficiencies that were originally revealed by Safebreach Labs in August 2024 Quickshell. It was considered in the fast share for the Windows version 1.0.2002.2 after a responsible disclosure in August 2024. The investigation of these 10 vulnerabilities, which are collectively monitored…
03 April 2025Red LakshmananIntelligence threats / mobile security It has been found that fake versions of popular smartphone models sold at reduced prices Triad. “More than 2,600 users in different countries have encountered a new version of Triada, most in Russia,” Kaspersky – Note In the report. The infections were recorded between March 13 and 27, 2025. Triada – This is the name given to the Android modular family that was that was For the first time discovered In the Russian cybersecurity campaign in March 2016. Trojan remote access (rat), it is equipped for theft of a wide range of…
In one of the largest coordinated law enforcement operations, the authorities dismantled Kidflix, a streaming platform that offered sexual abuse material (CSAM). “A total of 1.8 million users worldwide entered the platform between April 2022 and March 2025,” “European Parliament – Note In a statement. “On March 11, 2025, the server, which contained about 72,000 videos at the time was confiscated by German and Dutch authorities.” The European Law Enforcement has described it as the largest operation that has been combined by the sexual exploitation of children. It was a codonomed operating stream. A perennial zonewhich began in 2022 and…
03 April 2025Red LakshmananCybersecurity / Intelligence threats Hated hunters warn of the complex Company Web Skimmer This uses an outdated application programming interface (API) with a payment processor to check the stolen payment information before exclusion. “This tactic guarantees that the attackers are sent only valid card data, making the operation more efficient and potentially more difficult to detect,” – JSCrambler Pedro Fortuna, David Alves and Pedro Marrucho Researchers – Note In the report. 49 merchants estimate have been hit by the company today. Fifteen compromised sites have taken steps to remove malicious scenarios. Activity is estimated as at least…
Google Fixed Run vulnerability that allows unauthorized access to the image through improper use of iam
02 April 2025Red LakshmananCloud security / vulnerability Cybersecurity researchers have revealed details of the vulnerability of the escalation of privileges in the Google Cloud Cloud Platform (GCP), which could allow malicious actors to access container images and even introduce a malicious code. ‘Vulnerability can allow such an identity to abuse his audit audit – Note In a report that shared with Hacker News. Cybersecurity campaign was called a lack of security. After the responsible disclosure of Google, he addressed the problem since January 28, 2025. Google Cloud Run is a fully managed service to perform container applications in a scalable,…
02 April 2025Red LakshmananCrypto -Hockey / malicious software Cybersecurity researchers spilled light on “automatic proposal” called Botnet for mining cryptocurrency Ban (AKA DOTA) is known to be focused on SSH server with weak powers. “Outlaw-it’s malicious Linux software that rests on the SSH Bruth, Cryptocurrency mining and the spread of worms to infect and maintain control over systems,” elastic safety laboratory – Note in a new analysis published on Tuesday. By law is also the name given to the actor threatening for malicious software. He is believed to be of Romanian origin. Other hacking groups prevail Cryptojingingingeking includes 8220, Keksec…
02 April 2025Hacker NewsMatching / data protection Introduction As the cybersecurity landscape develops, service providers play an increasingly important role in maintaining sensitive data and compliance with sectoral rules. The National Institute of Standards and Technology (NIST) offers a comprehensive set of frames that provide a clear path to reliable cybersecurity practice. For service providers follow Nist standards is a strategic business solution. The fulfillment not only protects customer data, but also increases the authority, ordering the incident and provides a competitive advantage. A Step -by -step guide Designed to help service providers understand and implement Nist compliance for their…