Author: Admin
January 23, 2025Ravi LakshmananNetwork Security / Vulnerability Cisco has released software updates to address a critical security flaw affecting meeting management that could allow an authenticated remote attacker to gain administrative privileges in sensitive cases. The vulnerability, tracked as CVE-2025-20156, has a CVSS score of 9.9 out of 10.0. This has been described as a privilege escalation flaw in the Cisco Meeting Management REST API. “This vulnerability exists because proper authorization is not performed for REST API users,” the company said said in consultation on Wednesday. “An attacker could exploit this vulnerability by sending API requests to a specific endpoint.”…
January 23, 2025Ravi LakshmananCloud Security / Cryptojacking Google on Wednesday shed light on a financially motivated threat actor by name TRIPLE POWER for opportunistically targeting cloud environments for cryptojacking and local ransomware attacks. “This actor engaged in a variety of threats, including cryptocurrency mining operations on compromised cloud resources and ransomware,” the tech giant’s cloud division said in a statement. 11th Threat Horizons Report. TRIPLESTRENGTH engages in a trio of malicious attacks including illegal cryptocurrency mining, ransomware and extortion, and advertising access to various cloud platforms including Google Cloud, Amazon Web Services, Microsoft Azure, Linode, OVHCloud and Digital Ocean to…
January 22, 2025Ravi LakshmananCyber Security / National Security The new Trump administration has ended all memberships on advisory committees under the Department of Homeland Security (DHS). “Consistent with the commitment of the Department of Homeland Security (DHS) to eliminate misuse of resources and to ensure that DHS activities prioritize our national security, I am issuing an executive order terminating all current memberships on advisory committees within DHS, effective immediately.” a. Benjamin S. Huffman said in a note dated Jan. 20, 2025. “The committee’s future work will be focused solely on advancing our critical mission of protecting the homeland and supporting…
Threat actors are exploiting an unspecified zero-day vulnerability in Cambium Networks cnPilot routers to deploy a variant of the AISURU botnet called AIRASHI to conduct distributed denial of service (DDoS) attacks. According to QiAnXin XLab, the attacks have loan funds security flaw since June 2024. Additional details of the flaws have been withheld to prevent further abuse. Some of the other flaws armed with a distributed denial of service (DDoS) botnet include CVE-2013-3307, CVE-2016-20016, CVE-2017-5259, CVE-2018-14558, CVE-2020-25499, CVE-2020-8515, CVE-2022-3573, CVE-2022-40005, CVE-2022-44149, CVE-2023-28771as well as those affecting AVTECH IP cameras, LILIN video recorders and Shenzhen TVT devices. “The AIRASHI operator posted…
January 22, 2025Ravi LakshmananDark Web / Cryptocurrency US President Donald Trump on Tuesday announced a “full and unconditional pardon” for Ross Ulbricht, the creator of the notorious Silk Road drug market, after he spent 11 years behind bars. “I just called the mother of Ross William Ulbricht to let her know that in honor of her and the Libertarian Movement that has so strongly supported me, I have just been pleased to sign a full and unconditional pardon for her son Ross,” Trump said in a message shared on Truth Social. “The scum who tried to convict him were some…
January 22, 2025Hacker newsRisk Assessment / Browser Security As GenAI tools and SaaS platforms become a staple in the employee toolbox, the risks associated with data exposure, identity vulnerabilities, and uncontrolled browsing have skyrocketed. Forward-thinking security teams are looking for security controls and strategies to address these risks, but they don’t always know which risks to prioritize. In some cases, they may have blind spots in the existence of risks. A new one to help additional risk assessment now available. The assessment will be customized for each organization’s viewing environment, assessing their risks and providing actionable information. Security and IT…
A previously undocumented Advanced Persistent Threat Group (APT) with China has been named PlushDaemon was linked to a supply chain attack targeting a South Korean virtual private network (VPN) provider in 2023, according to new ESET findings. “The attackers replaced the legitimate installer with one that also deployed the group’s proprietary implant, which we called SlowStepper, a multi-functional backdoor with a toolkit of over 30 components,” said ESET researcher Facunda Muñoz. said in a technical report shared with The Hacker News. PlushDaemon is believed to be a China-related group that has been active since at least 2019 and targets individuals…
January 22, 2025Ravi LakshmananVulnerability / Enterprise Security Oracle encourages customers to apply it Critical January 2025 patch update (CPU) to address 318 new security vulnerabilities covering its products and services. The most serious of the flaws is a flaw in the Oracle Agile Product Lifecycle Management (PLM) Framework (CVE-2025-21556, CVSS Score: 9.9) that could allow an attacker to seize control of sensitive instances. “Easily exploitable vulnerability allows low-privileged attackers with network access via HTTP to compromise the Oracle Agile PLM Framework,” it said description security holes in the NIST National Vulnerability Database (NVD). It should be noted that Oracle warned…
January 22, 2025Ravi LakshmananBotnet / network security Web infrastructure and security company Cloudflare said on Tuesday that it has detected and blocked a 5.6 terabits per second (Tbps) distributed denial of service (DDoS) attack, the largest attack reported to date. The UDP-based attack occurred on October 29, 2024. and was directed at one of the customers, an unnamed Internet Service Provider (ISP) in East Asia. The activity began with a Mirai- botnet option. “The attack lasted just 80 seconds and occurred from more than 13,000 IoT devices,” Cloudflare’s Omer Joachimik and Jorge Pacheco. said in the report. However, the average…
January 21, 2025Ravi LakshmananBotnet / Vulnerability Cyber security researchers have warned of a new large-scale campaign exploiting security flaws in AVTECH IP cameras and Huawei HG532 routers to connect devices to a Mirai botnet variant called Murdoc_Botnet. The ongoing activity “demonstrates advanced capabilities by exploiting vulnerabilities to compromise devices and create extensive botnet networks,” Qualys security researcher Shilpesh Trivedi said in an analysis. It is known that the company has been active since at least July 2024, p more than 1370 systems infected to date. Most of the cases of infection were located in Malaysia, Mexico, Thailand, Indonesia and Vietnam.…