Author: Admin
This year, this year, this year did not stand out the title of ransoms and feats of zero days, which were most released this year in the report on the Verizon 2025 data investigation (DBIR)-this was what they fueled them. Quiet but consistently, two major factors played a role in some of the worst violations: the third impact and Machine’s abuse. According to DBIR 2025, the third involvement in the violations double Year per year, jumping out 15% to 30%. In parallel, the attackers are increasingly operating machines and unverified machine accounts for access, escalation of privileges and sensitive data.…
06 May 2025Red LakshmananCloud security / devops Microsoft warned that use pre -made templates such as leaving the box during the box for the way Kubernetes The deployment can open the door for incorrect conditions and valuable leaks. “While these” connecting and players “options greatly simplify the process of setting, they often prefer the simplicity of security,” Michael Katchinsky and Josi Wezman from Defender for Cloud Research Team – Note. “As a result, a large number of applications are ultimately unfolding in incorrect default setting, exposing the attackers that expose sensitive data, cloud resources, or even the whole environment.” Helm…
Microsoft Entra ID (formerly Azure Active Directory) is the basis of modern identity management, allowing you to provide safe access to applications, data and services to your business. As the hybrid and the cloud is accelerated, the Entra ID plays an even more central role – the management of authentication, pursuing policy and connecting users in distributed conditions. This fame also makes it the main goal. Microsoft reports more than 600 million attacks on ID Entra every day. Not only are it random attempts, but they include agreed, permanent and more automated companies aimed at using even small vulnerabilities. What…
06 May 2025Red LakshmananVulnerability / mobile security Google has liberated Monthly security updates for Android with 46 safety deficiencies, including one vulnerability he said that the wild is being operated. Vulnerability in question, -cve-2025-27363 (CVSS: 8.1), a lack of high speed in a system component, which can lead to the execution of the local code without requiring additional privileges. “The most difficult of these issues is the high safety vulnerability in the systemic components, which can lead to the execution of the local code without additional privileges,” Google said on Monday. “User interaction is not needed for operation.” It is…
06 May 2025Red LakshmananCybersecurity / vulnerability A recently disclosed Critical Lack of Security that affects the Langflow platform with open source added to well -known exploited vulnerabilities (Ship) A catalog by the US Agency on Cybersecurity and Infrastructure (CISA), citing evidence of active operation. Vulnerability tracked as Cve-2025-3248It carries the CVSS 9.8 with a maximum of 10.0. “Langflow contains missing authentication vulnerability in/API/V1/Codid/Code Endpoint, which allows a remote, unauthorized attacker to perform an arbitrary code using the developed HTTP requests,” Cisa said. In particular, it was found that the final point is incorrectly caused by the built -in Python Exec…
05 May 2025Red LakshmananVulnerability / zero day Agency for cybersecurity and US infrastructure (CISA) has added The maximum lack of security affecting the Commvault command center to the famous operated vulnerability catalog (KEV) is just over a week after it has been publicly revealed. The vulnerability in question is Cve-2025-34028 (CVSS: 10.0), a traversal mistake affecting 11.38 innovative issue, from versions 11.38.0 to 11.38.19. It was considered in versions 11.38 and 11.38.25. “The Commvault Command Center contains a vulnerability of the path that allows a remote, unauthorized attacker to perform an arbitrary code,” Cisa – Note. The disadvantage essentially allows…
05 May 2025Red LakshmananNetwork security / vulnerability Cybersecurity researchers have revealed a number of safety vulnerabilities in the AirPlay protocol, which can be successfully used by the attacker to adopt sensitive devices that support their own wireless technology. Disadvantages were collectively named Air According to the Israeli Cybersecurity campaign Oligo. “These vulnerabilities can be attacked by attackers to potentially take control of the devices that support Airplay-including both Apple devices and other devices that use SDK Airplay,”-Uri Cat, Avi Lumensky and Gal Elbez – Note. Some vulnerabilities, such as CVE-2025-24252 and CVE-2025-24132, can be raised together to create another RCE…
The actors of the threat, known as the golden chickens, were attributed to two new families of malicious programs, called TerrasteAlerv2 and Terralogger, which implies constant development efforts to set up and diversify their arsenal. “TerraSteAlerv2 is designed to collect browser credentials, data wallet data and browser extension information,” Future Insikt Group records – Note. “On the contrary, the terralogger is a stand-upone. It uses a common low-level hook to record and record logs into local files.” Golden chickens, also known as Venom Spider notorious The family of malicious programs called More_eggs. It is known that it has been active…
03 May 2025Red LakshmananAttack of supply chain / malicious software Cybersecurity researchers have discovered three harmful Go Modules, which include embarrassed code to get a useful load to the next stage that can irrevitate the basic Linux disc and make it unsolvable. Package names are given below – GITHUB (.) Com/TRUEFULPHAM/Prototransform GitHub (.) Com/Blankloggia/Go-MCP GitHub (.) Com/Steelpoor/TLSPROXY ‘Although the legal appeared, these modules were held high clouded code Designed to obtain and execute distant useful loads “Research Package Kush Rada – Note. Packages are designed to check if the operating system they work on Linux, and if so, get a…
03 May 2025Red LakshmananMalicious software / operational technology The Iranian group funded by the state has been linked to a long-term cyber-break-up aimed at critical national infrastructure (CNI) in the Middle East, which lasted for almost two years. Activities, which lasted at least May 2023 to February 2025, entailed “wide espionage and suspected network affiliations – tactics that are often used to maintain constant access for future strategic superiority”, the Fortiguard incident team (FGIR) – Note In the report. The network security company noted that the attack demonstrates a covered trading apparatus with a famous Lemon sandstone (Previously Rubidium), which…