Author: Admin

07 March 2025Red LakshmananIntelligence threats /vulnerability The threatening entities of unknown origin were related to the malicious campaign mainly aimed at organizing in Japan since January 2025. “The attacker exploits vulnerability Cve-2024-4577Lack of Distance Code (RCE) in PHP-CGI PHP on Windows to gain initial victim vehicles, “Cisco Talos Chatan Raghuprasad Researcher – Note In a technical report published on Thursday. ‘The attacker uses plugins of public Cobalt Strike Kit “Taowu” to participate in operation. ” The goals of the malicious activity are covered by technology, telecommunications, entertainment, education and e -commerce companies in Japan. It all starts with the threat…

06 March 2025Red LakshmananIntelligence threats / vulnerability The threats of the actors standing for Medusa ransomware Almost 400 victims appeared for the first time when financially motivated attacks appeared in January 2023, which observed an increase of 42% from 2023 to 2024. In the first two months of 2025, the group stated more than 40 attacks, according to the Symantec hunting teams in a report that is shared with Hacker News. Cybersecurity tracks cluster called Spearwing. “Like most ransom operators, Spearwing and its branches conduct double required attacks by stealing the victims before encryption noted. “If the victims refuse to…

06 March 2025Red LakshmananMalicious software / redemption Financially motivated actor threats known as Encryption The organization of complex phishing campaigns was noted for deployment of information thefts and redemption, as well as working on a new product called Encryptrat. “Encrypthub is observed by focusing on users of popular applications, distributing Trojonized versions,” Outpost24 Krakenlabs – Note In a new report that shared with Hacker News. “In addition, the actor threatened also took advantage of payment for payment for installation (IPP).” Cybersecurity campaign described the actor threats as a burglary group that makes errors in prompt security and as a person…

06 March 2025Red LakshmananData safety / software safety Elastic updated security updates to address a critical security deficiency affecting Fran Software for data visualization Elasticalch This can lead to an arbitrary code. Vulnerability tracked as Cve-2025-25012It carries the CVSS 9.9 with a maximum of 10.0. This was described as a case of pollution of the prototype. “Prototype pollution in Kiban leads to an arbitrary code through a downloaded file download and specially designed HTTP requests,” the company – Note in a consultation released on Wednesday. Vulnerability of pollution prototype It is a Lack of security This allows the attackers to…

Cyber ​​-esproys are becoming more and more perfect, and traditional safety approaches are struggling to keep up. Organizations can no longer rely on periodic estimates or static vulnerability lists to remain safe. Instead, they need a dynamic approach that provides real -time understanding as the attackers move on the environment. There are attackers schedules here. After taking the potential attack paths, they offer a more strategic way to identify and mitigate the risk. In this article, we will study the benefits, types and practical application of attack schedules. Understanding the tiers of the attack The graph of the attack This…

06 March 2025Red LakshmananData Violation / Web Safety More than 1000 WordPress -based sites have been infected with the third JavaScript code that introduces four separate rear parts. “Create four back – Note Wednesday analysis. The JavaScript malicious code has been found to be submitted via cdn.csyndication (.) Com. As writing, as much as 908 sites Hold the links to the domain in question. Functions of the four back are explained below – Backdoor 1, which loads and sets a fake plugin called “Ultra SEO CPU”, which is then used to execute teams issued Backdoor 2 that introduces malicious JavaScript…

The US Department of Justice (DOJ) has announced the accusation of 12 Chinese citizens for allegedly participating in a wide scheme aimed at stealing data and suppression of free speech and disagreement worldwide. A personality Include two officers of the Ministry of Public Security of the People’s Republic of China (PRC), eight employees of the alleged Private company PRC, Anthun Information Technology Co. Ltd. (安洵信息技术有限公司) also known as I-Soonand members of an advanced sustainable threat 27 (APT27AKA BUDWWORM, BRONZE Union, EMISAR PANDA, LUCKY MOUSE and Iron Tiger) – Wu Job, Chief Executive Director Chen Chen (陈诚), Chief Operational Director Wang…

05 March 2025Red LakshmananMobile Security / Artificial Intelligence Google has announced the crackdown on artificial intelligence (AI) that support the functions of the scam to provide Android devices and their personal information. “These features specifically focus on spoken scorches that can often appear initially harmless before turning into harmful situations,” Google – Note. “And even more phones that call use cheat methods to hide their real numbers and pretend they trust companies.” The company said it cooperates with financial institutions to better understand the nature of the scammers who face customers, allowing it to develop AI models that can take…

05 March 2025Red LakshmananCyber ​​-bue / malicious software Actor threats known as Dark Caracal was associated with a company that launched a remote access titled by Poco Rat when attacking Hispanic purposes in Latin America in 2024. The resulting data come from the Russian cybersecurity company of positive technologies that described malicious software loaded with a “full set of espionage”. “It can download files, record screenshots, execute teams and manipulate systems,” – researchers Denis Kazakov and Sergei Samokhin – Note In a technical report published last week. Poco rat was Previously documented Coffense in July 2024, which details the phishing…

05 March 2025Red LakshmananNetwork safety / data violation In January 2021, the actor threatened in China, which stands for the operation of security deficiencies in Microsoft Exchange Servers in January 2021 to focus on the supply chain of information technology as a means to obtain initial access to corporate networks. This is according to new findings by the Microsoft intelligence group that said Silk typhoon (Previously Hafnium) Hacking Group is now aimed at IT -solutions such as remote control and cloud applications to get securing. “After a successful compromise victim silk typhoon uses stolen keys and powers to penetrate the…