Author: Admin

06 June 2025Hacker NewsArtificial Intelligence / Zero Trust When AI generative tools became widely available at the end of 2022, not only technologists paid attention. Employees of all branches immediately recognized the potential of the generative II to improve productivity, streamline communication and acceleration. Like many waves of consumer IT innovations, the storage and cooperation platforms, the storage platform, and landed at the enterprise, not through official channels, but through the hands of employees who seek to work smarter. Faced with the risk when they are subjected to sensitive data into AI public interfaces, many organizations responded with urgency and…

06 June 2025Hacker NewsCyber ​​-Resistance / Testing penetration Cybersecurity includes both playing a good guy and a bad guy. Diving deep into advanced technology, but there is also a robber in the dark network. Definition of technical policy as well as the behavior of the attacker profiling. Security teams cannot be focused on simple current, they must inhabit the attacker’s thinking. Aev comes here. AEV (checking the confrontation) is a advanced offense technology that mimics how opponents will attack your system while providing recovery strategies. This allows you to detect and decide how your environment can be used and what…

According to Cisco Talos findings, critical infrastructure in Ukraine was aimed at invisible data on double -glazing names Pathwiper. “The attack was instrumental through the legitimate framework of the endpoint administration, indicating that the attackers probably had access to the administrative console, which was used to issue malicious commands and the deployment of Pathwiper on connected final points,” Jacob Finn, DMYTRO KORZHEVIN and ASHEER MALHOTRARRARARARARARARARAR – Note in an analysis published on Thursday. The attack is evaluated as the work of Russia-NEXUS Advanced Prosteptory DePort (APT) based on the observed trade and the possibility of overlapping with devastating malicious software…

05 June 2025Red LakshmananBrowser’s safety / safety online Cybersecurity researchers have indicated several popular Google Chrome extensions that were found to transfer data to HTTP and the secrets of the tough code in their code, exposing users to privacy and security risks. “Several widely used extensions (…) unintended sensitive data on simple http”, Yuanzhin Ga, a security researcher in the Symantec security and response team ,, – Note. “By doing this, they expose domains, machine identifiers, operating system details, analytics and even deleting information in open texts.” The fact that network traffic is not encrypted means that they are sensitive…

05 June 2025Red LakshmananIntelligence threats / network security Actor threats known as Bitter A group supported by a state was assessed, which was instructed to collect a intelligence that is in line with the interests of the Indian government. This is according to new conclusions, jointly published exhausting two parts Analysis. “Their diverse set of tools shows consistent coding models in the families of malware, especially in the collection of system information and string exacerbations,” said the researchers Abdullah Elshinbara, Jonas Wagner, Nick ATFID and Constantine Klinger. Gorky, also known as Apt-C-08, Apt-Q-37, Hazy Tiger, Orange Yali, T-APT-17 and Ta397,…

The Iranian burglary group was associated with a new set of cyber napades aimed at Kurdish and Iraqi government officials in early 2024. Activities related to a group of threats ESET is tracked as A flying lineevaluated with medium confidence to be a subclaming inside OvalFamous Iranian National Cyber ​​Affairs. It is said to have been working since September 2017 when it is aimed at officials related to the Kurdistan regional government (KRG). “This group develops malware to maintain and expand access in Iraq and KRG organizations,” Slovak cybersecurity campaign – Note In a technical report that is shared with…

Security teams face increasing requirements with more tools, more data and higher expectations than if you are. The councils approve the large security budgets, but still ask the same question: what business gets in return? CISO replies reports on control and counting vulnerability – but executives want to understand the risk in terms of financial impact, operational impact and avoiding loss. Disabling has become difficult to ignore. The average cost of the violation reached $ 4.88 million, reports The latest IBM data. This figure reflects not only the reaction to the incident, but also the downtime, lost performance, reduced customers…

05 June 2025Red LakshmananDark network / law enforcement On Wednesday, the US Department of Justice (Doj) announced the capture of cryptocurrency funds and about 145 Clearnet and Dark Web domains related to the illegal map market called Bidencash. “Bidencash market operators use the platform to simplify the purchase and sale of stolen credit cards and related personal information,” Doj – Note. “Bidencash administrators charged the fee for each transaction made on the site.” Bidencash launched in March 2022 to fill the void left by the disconnect stop Complaint to joker A year earlier and several other card forums like Unicc.…

05 June 2025Red LakshmananNetwork security / vulnerability Cisco has released security patches to address a critical security lack that affects the identity engine (ISE), which, if successfully used, can allow unauthorized actors to carry out malicious actions on sensitive systems. Security defect, tracked as Cve-2025-20286Carries CVSS 9.9 out of 10.0. This has been described as static vulnerability of accounts. “The vulnerability in Amazon Web Services (AWS), Microsoft Azure and Oracle Cloud Infrastructure (OCI) deploying Cisco Identiss Services Engine (ISE) can allow unauthorized, remote attackers to access sensitive data Violations of services within the affected systems “,” the company that has…

04 June 2025Red Lakshmanan Threat of intelligence / data violation Google revealed the details of the financially motivated threat cluster stating that he was “specializing” on voice phishing (AKA Vishing) aimed at violating copies of organizations for large -scale data theft and subsequent extortion. Intelligence team at threat of technological giant tracks activity under nickname Unc6040which, according to his words Com. “Over the past few months, UNC6040 has demonstrated repeated success in violation of networks, forcing him to bring himself to his support employee in a convincing telephone based on telephone engineering,” company company company – Note In a report…