Author: Admin
January 21, 2025Ravi LakshmananEmail Security / Botnet A global network of around 13,000 compromised Mikrotik routers has been used as a botnet to spread malware through spam campaigns, latest addition to a list of botnets works on MikroTik devices. Infoblox Security Researcher David Brunsdon: The activity “takes advantage of misconfigured DNS records to communicate email protection techniques. said in a technical report published last week. “This botnet uses Mikrotik’s global network of routers to send malicious emails that appear to originate from legitimate domains.” The DNS security company that gave the company its code name Microprinting errorsaid his analysis was…
Former analyst working for the US Central Intelligence Agency (CIA) pleaded guilty to the transfer of top secret national defense information (NDI) to persons who did not have the necessary permission to receive it and tried to hide the activity. Asif William Rahman, 34, of Vienna, had been a CIA operative since 2016 and had a Top Secret clearance with access to classified classified information (SCI). He was is charged on two counts of illegal transfer of NDI in November 2024 after his arrest. He pleaded guilty to two counts of willful possession and transmission of classified information related to…
Imagine receiving a penetration test report that has more questions than answers. Questions like: “Have all the functionalities of the web application been tested?” or “Were there any security issues that could have been discovered during testing?” often remain unresolved, raising concerns about the thoroughness of security testing. This frustration is common among many security teams. Pentest reports, while critical, often lack the depth and detail needed to truly evaluate a project’s success. Even with years of experience working with cybersecurity teams and managing ethical hacking projects, we’ve often encountered the same challenges. Whether partnering with external pentest providers or…
January 21, 2025Ravi LakshmananCyber Attack / Windows Security Cybersecurity researchers are drawing attention to a series of cyberattacks targeting Chinese-speaking regions such as Hong Kong, Taiwan and mainland China using a known malware called ValleyRAT. The attacks use a multi-stage loader called PNGPlug to deliver the ValleyRAT payload, Intezer said in a technical report published last week. The chain of infection begins with a phishing page designed to encourage victims to download a malicious Microsoft Installer (MSI) package disguised as legitimate software. Once executed, the installer deploys a benign application to avoid suspicion and also stealthily extracts an encrypted archive…
January 21, 2025Ravi LakshmananMalware/cyber threats Ukraine’s Emergency Response Team (CERT-UA) warns of ongoing attempts by unknown threat actors to impersonate cybersecurity agencies by sending connection requests to AnyDesk. AnyDesk’s requests claim they are intended to perform an audit to assess the “security level,” CERT-UA added, warning organizations to be wary of such social engineering attempts that seek to exploit user trust. “It is important to note that CERT-UA may use remote access software such as AnyDesk under certain circumstances,” CERT-UA said. “But such actions are taken only after prior agreement with the owners of cyber defense facilities through officially approved…
January 20, 2025Ravi LakshmananAndroid / Malware The Threat actor known as Not the team has been linked to a new Android malware in a highly targeted cyberattack. The artifacts the company in question called Tanzeem (which means “organization” in Urdu) and Tanzeem Update were spotted in October and December 2024 by cybersecurity firm Cyfirma. The apps in question were found to have the same functionality, except for minor changes in the user interface. “Although the app is supposed to function as a chat app, it doesn’t work after installation and closes after obtaining the necessary permissions,” says Cyfirma. noted in…
January 20, 2025Ravi LakshmananNetwork Security / Vulnerability New research has revealed security vulnerabilities in many tunneling protocols which can allow attackers to perform a wide range of attacks. “Internet hosts that accept tunneled packets without verifying the identity of the sender can be hijacked to conduct anonymous attacks and secure access to their networks,” Top10VPN said in a collaborative study with KU Leuven professor and researcher Mathy Vanhoef. More than 4.2 million hosts, including VPN servers, ISP home routers, core Internet routers, mobile network gateways, and content delivery network (CDN) nodes, were identified as affected. China, France, Japan, the USA…
Every week seems to bring news of another data breach, and it’s no wonder why: it’s harder than ever to keep sensitive data safe. And it’s not just because companies are dealing with more data. Data flows and user roles are constantly changing, and data is stored across different technologies and in cloud environments. Not to mention that compliance requirements are becoming more stringent and sophisticated. The problem is that while the data landscape has evolved rapidly, conventional strategies for securing that data have become a thing of the past. Gone are the days when data existed in predictable places…
January 20, 2025Ravi LakshmananAttack on the supply chain / Solana Cybersecurity researchers have discovered three sets of malicious packages in the npm and Python Package Index (PyPI) repositories that have the ability to steal data and even delete sensitive data from infected systems. The list of identified packages is given below – @async-mutex/mutex, typographic variant of async-mute (npm) dexscreener, which pretends to be a library for accessing liquidity pool data from decentralized exchanges (DEX) and interacting with the DEX Screener platform (npm) solana-transaction-toolkit (npm) solana-stable-web-hooks (npm) cschokidar-next, typoscotic by chokidar (npm) achokidar-next, typosquat by chokidar (npm) achalk-next, typosquat chalk (npm)…
January 19, 2025Ravi LakshmananSocial Media / Data Privacy The popular video sharing social network TikTok is officially here got dark in the United States, 2025, as the federal ban on the supplement takes effect on January 19, 2025. “We regret that the US law banning TikTok will go into effect on January 19 and force us to make our services temporarily unavailable,” the company said in a statement. said in a pop-up message. “We are working to restore our service in the US as soon as possible, and we appreciate your support. Stay tuned.” The immediate result of the ban…