Author: Admin
Inside the most innocent appearance, an exciting landscape or a ridiculous meme, can hide something dangerous, waiting for its moment to hit. No amazing file names. No antivirus warnings. Just a harmless picture, secretly hiding the useful load that can steal the data, perform malicious software and capture your system without traces. This is Steganography, a secret weapon weapon to conceal malicious code inside the harmless files. By built data into the images, the attackers eliminate the detection, relying on individual scenarios or processes for extracting and performing a hidden useful load. Let’s figure out how it works, why it’s…
March 11, 2025Red LakshmananICS / vulnerability security Moxa Taiwanese has released a security update to address a critical security deficiency that affects PT switches that can allow the attacker to bypass authentication guarantees. Vulnerability tracked as Cve-2014-12297The CVSS V4 9.2 was assigned with a maximum of 10.0. “Multiple Moxa PT switches are vulnerable to the bypass authentication due to deficiencies in the mechanism of their authorization,” the company – Note In a consultative issue released last week. “Despite the server check on the client and rear -level side, the attackers can use weaknesses in its implementation. This vulnerability can allow…
March 11, 2025Red LakshmananCyber -Spying / Marine Security Marine and logistics companies in South and Southeast Asia, the Middle East and Africa became the object of an advanced threat (APT), called Sidewinder. The attacks observed by the Caspersorski in 2024 spread to Bangladesh, Cambodia, Djibouti, Egypt, the United Arab Emirates and Vietnam. Other tasks of interest include nuclear power plants and infrastructure in South Asia and Africa, as well as telecommunications, consulting, IT companies, real estate and hotel agencies. In the form of wider expansion of its mark, Sidewinder also directed diplomatic structures in Afghanistan, Algeria, Bulgaria, China, India, Maldives,…
March 11, 2025Red LakshmananEnterprise safety / vulnerability Cybersecurity and US Infrastructure Agency (CISA) added Five Safety Disadvantages affecting Veracore and Ivanti Endpoint (EPM) to their famous exploited vulnerabilities (Ship) A catalog based on evidence of active exploitation in the wild. The list of vulnerabilities is the following – Cve-2024-57968 – Unlimited file upload vulnerability in Veracore’s commitment, which allows a remotely unauthorized attacker to upload files to unintentional folders using Upload.apsx Cve-2025-25181 – SQL injections in Veracore’s attachment, which allows remote attackers to perform arbitrary SQL commands Cve-2014-13159 – The absolute way of vulnerability of the path to Ivanti EPM,…
March 10, 2025Red LakshmananCybersecurity / malicious software Cybersecurity researchers have demonstrated a new technique that allows you to expand the malicious browser to bring themselves for any installed additions. “Polymorphic extensions create a pixel perfect copy of the target icon, HTML Popup, work processes and even temporarily disables the legitimate expansion, making it extremely convincing to the victims that they provide real expansion, Squarex – Note In a report published last week. The proclamated powers can then be abused by the threat of internet capture and gain unauthorized access to sensitive personal and financial information. The attack affects all chromium-based…
March 10, 2025Red LakshmananTheft of data / cryptocurrency The Middle East and North Africa have been the goal of a new company that provides a modified version of well -known malware called Assembly Since September 2024. “The company that uses social media to distribute malware is related to the current geopolitical climate of the region,” positive researchers – Note in an analysis published last week. “The attackers accept malicious software in legal accounts in online files or telegrams created specifically for this purpose.” The company estimates that since the fall of 2024 approximately 900 victims, the Russian cybersecurity company added,…
The need for single security Google Workspace is where the teams cooperate, share ideas and get a job. But although it makes it easier to work, it also creates new security problems. Cybercriminals are constantly developing, finding ways to use incorrect conditions, theft of sensitive data and user accounts. Many organizations try to secure their environment by combining different safety tools, hoping that several layers of protection will keep them safe. But in reality, this flap approach often creates blind spots, making it more difficult – no easier – to protect against threats. In order to truly ensure Google Workspace…
March 10, 2025Red LakshmananIntelligence threats / cybercrime New mass malicious campaign – infects users named miner cryptocurrency Silentcryptominer Making it as a tool designed to bypass Internet units and restrictions around the Internet service. Cyberski Russian Cyosporsky said activity is part of a greater trend when cybercrime is increasingWpd) Tools for distribution of malware under the guise of bypass restriction programs. “Such software is often distributed as archives with the instructions for the installation of the text in which the developers recommend that the security decisions, citing false positives,” – researchers Leonid Bezverchenko, Dmitry Pikush and Oleg Kupreeviev – Note.…
07 March 2025Red Lakshmanan In hunters threatens there shed light on “complex and developing instrumental set of malware” called Ragnar loader This is used by different groups of cybercrime and ransomware such as Ragnar Locker (AKA Monstrous Mantis), Fin7, Fin8 and Wukless Mantis (Ex-Revil). “Ragnar Loader plays a key role in maintaining access to compromised systems, helping the attackers to stay on networks for long-term operations,” said the Swiss Cybersecurity company Prodavft in a statement shared with Hacker News. “Although this is due to the Ragnar Locker group, it is unclear whether they have them or just rent it to…
07 March 2025Red LakshmananCryptocurrency / Required Program The coalition of international law enforcement agencies confiscated the web -resort -related cryptocurrency exchange (“Garantx (.)), Almost three years after the service was sanctioned by the US Treasury in April 2022. “The Garantx Domain was confiscated by the US Secret Service in accordance with the US Prosecutor’s Office in the Eastern District of Virginia in accordance with the 18 USC §§ 981 and 982,” the seizure website reads. The operation was conducted in coordination with the criminal department of the US Department of Justice, the Federal Bureau of Investigation, the European Postalation, the…