Author: Admin

05 March 2025Red LakshmananMobile Security / Artificial Intelligence Google has announced the crackdown on artificial intelligence (AI) that support the functions of the scam to provide Android devices and their personal information. “These features specifically focus on spoken scorches that can often appear initially harmless before turning into harmful situations,” Google – Note. “And even more phones that call use cheat methods to hide their real numbers and pretend they trust companies.” The company said it cooperates with financial institutions to better understand the nature of the scammers who face customers, allowing it to develop AI models that can take…

05 March 2025Red LakshmananCyber ​​-bue / malicious software Actor threats known as Dark Caracal was associated with a company that launched a remote access titled by Poco Rat when attacking Hispanic purposes in Latin America in 2024. The resulting data come from the Russian cybersecurity company of positive technologies that described malicious software loaded with a “full set of espionage”. “It can download files, record screenshots, execute teams and manipulate systems,” – researchers Denis Kazakov and Sergei Samokhin – Note In a technical report published last week. Poco rat was Previously documented Coffense in July 2024, which details the phishing…

05 March 2025Red LakshmananNetwork safety / data violation In January 2021, the actor threatened in China, which stands for the operation of security deficiencies in Microsoft Exchange Servers in January 2021 to focus on the supply chain of information technology as a means to obtain initial access to corporate networks. This is according to new findings by the Microsoft intelligence group that said Silk typhoon (Previously Hafnium) Hacking Group is now aimed at IT -solutions such as remote control and cloud applications to get securing. “After a successful compromise victim silk typhoon uses stolen keys and powers to penetrate the…

USB Drive Attacks Create a significant risk of cybersecurity by using the daily use of USB -device for delivering malware and bypassing traditional network safety measures. These attacks lead to violations of data, financial losses and operational violations, and a long -term influence on the reputation of the organization. An example is the stuxnet worm, revealed in 2010, malicious software designed to focus on industrial management systems, in particular Iranian nuclear enrichment facilities. It exploits multiple vulnerabilities with zero day and spread primarily through USB discs, making it one of the first examples of cyberattacks with real physical effects. Stuxnet…

The rapid adoption of cloud services, SAAS applications and the transition to remote work fundamentally reworked how businesses work. These technological successes have created the world of opportunities, but also caused difficulties that create significant security threats. At the heart of these vulnerabilities lie Identity- Gateway to business security and number one attack vector for bad actors. Learn the importance of upgrading identity strategies And the benefits of centralizing identity in your safety ecosystem to protect your organization from expensive disorders in improving efficiency. The growth of fragmented technological stacks Days were held when enterprises relied on a single decision…

05 March 2025Red LakshmananCyber ​​-bue / network security Actor threats known as Lotus panda It is observed in the field of government, production, telecommunications and media sectors in the Philippines, Vietnam, Hong Kong and Taiwan with updated versions of the famous back day called SAGERUNEX. “Lotus Blossom uses Backdoor Sagerunex at least since 2016 and is increasingly using long -term shells and develops new SAGERUNEX malware,” Cisco Talos Joey Chen researcher – Note in an analysis published last week. Lotus Panda, also known as Billbug, bronze Elgin, lotus Blasom, Spring -Tsmok and Trip, is a suspect of a Chinese hacking…

05 March 2025Red LakshmananWith open source / malicious software Cybersecurity researchers warn of the current malicious company aimed at the Go Ekosystem with Typized Modules designed to deploy malware on Linux and Apple Macos Systems. “Acting threats posted at least seven packages that present themselves widely used GO libraries, including one (GitHub (.) Com/Dlultowmulti/Hypert), which appears – Note In a new report. “These packages share repeated malicious names and consistent methods of aggravation, which suggests that a coordinated actor threats that can be quickly turned.” While all of them continue to be available in the official package storage, their relevant…

04 March 2025Red LakshmananCybercrime / Intelligence threats Subjects with the threat that deploy black bosom and cactus ransom have been found on the same Backconnect (BC) module to maintain constant control over the contaminated hosts, a sign that the branches associated with black bacon can go to the cactus. “After penetration, it gives the attackers a wide range of remote controls, allowing them to perform commands on an infected machine,” – Trend Micro – Note Monday analysis. “This allows them to steal sensitive data such as login credentials, financial information and personal files.” It is worth noting that the details…

04 March 2025Red LakshmananVulnerability / cloud security Broadcom has liberated Safety updates to solve three active security deficiencies in VMware ESXI, workstation and merger that can lead to code and disclosure. The list of vulnerabilities is the following – Cve-2025-2224 (CVSS assessment: 9.3) -In time of vulnerability of use time (TOCTOU), which leads to record outside the malicious actor with local administrative privileges on the virtual machine can use to perform the code as the VMX-Virgin machine operating on the hoste Cve-2025-2225 (CVSS’s assessment: 8.2) – An arbitrary vulnerability of the recording that a malicious actor with privileges during the…

04 March 2025Red LakshmananNetwork safety / ransom Internet services providers (providers) in China and the West coast of the United States have been the goal of a massive company that deployed the theft of cryptocurrency information and miners on compromised hosts. The resulting data come from the SPLUNK research group, which states that the activity also led to the delivery of various binary files that facilitate the data of the data, as well as the ways to establish persistence in the systems. Unknown threaten subjects conducted “minimum intrusive operations to avoid detection, except for artifacts created in accounts that have…