Author: Admin

February 26, 2025Red LakshmananLinux / Endpoint Security Universities and state organizations in North America and Asia were aimed at previously unregistered Linux malware called Auto Color in November to December 2024, according to the Palo Alto Networks 42. “After installing a car coloration allows the subject to threaten full remote access to compromised machines, which is very difficult to remove without specialized software,” security researcher Alex Armstrong – Note In the technical record of malicious software. The carculator named the initial load on the basis of the file name renamed the installation itself after installation. It is currently unknown how…

Read More

More than a year when there was an internal chat out of gang of ransomers known as Black Basta were Posted on the Internet A leak that provides unprecedented visibility of their tactics and internal conflicts among their members. The Russian language speaks on the Matrix Messaging platform between September 18, 2023 and September 28, 2024, initially traced on February 11, 2025, which goes into the pen OperateWhich claimed that they published the data because the group was aimed at Russian banks. The leak identity remains a mystery. Black bast He first got into the focus of his focus in…

Read More

February 25, 2025Red LakshmananMalicious software / cyber -beno Opposition activists in Belarus, as well as Ukrainian military and government organizations are the purpose of a new company that uses documents that are involved Picassoloader. The cluster threats are evaluated as an extension of a long -standing company installed by an actor erected in Belarus know To match the Russian interests of security and the promotion of stories criticized by NATO. “The company has been preparing since July-August 2024 and entered the active phase in November-December 2024,”-Researcher Sentinelone Tom Hegel – Note In a technical report that is shared with Hacker…

Read More

Cybersecurity researchers have indicated an updated Lightspy implant, which is supplied by an expanded data collection set to obtain information from social media platforms such as Facebook and Instagram. Lightspy – this is the name given Modular spy software it efficient Infecting both Windows and Apple systems to collect data. It was first recorded in 2020, focusing on Hong Kong users. This includes information about the Wi-Fi network, screenshots, placement, icloud key, sound recordings, photos, browser history, contacts, call history and SMS messages, as well as data from various applications such as files, rubles, Mail Master, Telegram, Telegram, Telegram, Telegram.…

Read More

February 25, 2025Red LakshmananIntelligent heavy Cybersecurity researchers pay attention to the current company aimed Located on GitHub. A company that covers hundreds of shelters was christened Movable Casper. “Infected projects include automation tool to interact with Instagram accounts, telegrams that allow Bitcoin wallets remotely and cracking tool for a valiant game,” the Russian supplier said. “All of these alleged functions of the project were fake, and cybercrime behind the company stole personal and bank data, as well as expelled Cryptowalt from the clipboard.” The theft of 5 bitcoins, approximately $ 456,600, contributed to the theft of 5 bitcoins. It is…

Read More

February 25, 2025Red LakshmananSecurity / vulnerability Windows A large -scale malicious company has been found that use a vulnerable Windows driver associated with adlice products to exit and deliver Gh0st rats malicious software. “For further evading the identity of the attackers intentionally created several options (with different hash) drivers 2.0.2, changing certain parts PE while maintaining the signature,” the crossing point – Note In a new report published on Monday. Cybersecurity company said the malicious activity involved thousands of malicious samples in the first stage used to deploy a program capable of stopping the software to detect endpoints (EDR) by…

Read More

Various industrial organizations in the Asia-Pacific region (APAC) were aimed at phishing attacks aimed at providing a well-known malware called Fatalrat. “The threat was organized by the attackers using the legitimate Delivery of the cloud content of Chinese cloud (CDN) Myqcloud and Youda Cloud Hotes services as part of its attack infrastructure,” Casperson ICS CERT – Note In the report on Monday. “The attackers used a complex multi -stage basis for a useful load to ensure evasion.” Activities have nominated state bodies and industrial organizations, in particular production, construction, information technology, telecommunications, health care, energy and energy, as well as…

Read More

February 25, 2025Red LakshmananNetwork security / vulnerability Agency for cybersecurity and US infrastructure (CISA) has added Two disadvantages of security that affectShip) A catalog based on evidence of active operation. The vulnerabilities in question are below – Cve-2017-3066 (CVSS assessment: 9.8) – a vulnerability of desserization that affects Adobe Coldfusion at Apache Blazeds Library, allowing an arbitrary code. (Corrected in April 2017) Cve-2014-20953 (CVSS assessment: 8.8) – a vulnerability of desserization that affects Oracle Agile Plm, which allows a low privileged attacker with network access via HTTP to threaten the system. (Corrected in January 2024) There are currently no public…

Read More

February 24, 2025Red LakshmananSecurity / vulnerability of the final points Cybersecurity researchers warn of a new company that uses hacked software versions as bait for the spread of information thefts such as Lumma and ACR thefts. AHNLAB Safety Intelligence Center said he had observed the spike in the ACR’s theft of theft since January 2025. A noticeable aspect of malicious software for theft is the use of technology called Detolish Dead Drop To get the actual command and control server (C2). This includes reinforcing on legal services such as Steam, Telegram’s Telegraph, Forms Google and Google Slides. “The actors threaten…

Read More

Rushing does not immediately manage – it slowly floods your protection in the stages. As a ship that is lined with water, the attack begins quietly, under the surface, with thin warning signs that are easy to miss. As long as the encryption begins, too late to stop the flood. Each stage of ransom attack offers a small window to discover and stop the threat until it is too late. The problem is that most organizations do not observe the signs of the early warning – allowing the attackers to quietly disable backups, escalation of privileges and evading the detection…

Read More