Author: Admin
Gitvenom’s malicious software steals $ 456K in Bitcoin using fake GitHub projects to get into your wallets
February 25, 2025Red LakshmananIntelligent heavy Cybersecurity researchers pay attention to the current company aimed Located on GitHub. A company that covers hundreds of shelters was christened Movable Casper. “Infected projects include automation tool to interact with Instagram accounts, telegrams that allow Bitcoin wallets remotely and cracking tool for a valiant game,” the Russian supplier said. “All of these alleged functions of the project were fake, and cybercrime behind the company stole personal and bank data, as well as expelled Cryptowalt from the clipboard.” The theft of 5 bitcoins, approximately $ 456,600, contributed to the theft of 5 bitcoins. It is…
February 25, 2025Red LakshmananSecurity / vulnerability Windows A large -scale malicious company has been found that use a vulnerable Windows driver associated with adlice products to exit and deliver Gh0st rats malicious software. “For further evading the identity of the attackers intentionally created several options (with different hash) drivers 2.0.2, changing certain parts PE while maintaining the signature,” the crossing point – Note In a new report published on Monday. Cybersecurity company said the malicious activity involved thousands of malicious samples in the first stage used to deploy a program capable of stopping the software to detect endpoints (EDR) by…
Various industrial organizations in the Asia-Pacific region (APAC) were aimed at phishing attacks aimed at providing a well-known malware called Fatalrat. “The threat was organized by the attackers using the legitimate Delivery of the cloud content of Chinese cloud (CDN) Myqcloud and Youda Cloud Hotes services as part of its attack infrastructure,” Casperson ICS CERT – Note In the report on Monday. “The attackers used a complex multi -stage basis for a useful load to ensure evasion.” Activities have nominated state bodies and industrial organizations, in particular production, construction, information technology, telecommunications, health care, energy and energy, as well as…
Two actively exploited security deficiencies in Adobe and Oracle products that are indicated by Cisa
February 25, 2025Red LakshmananNetwork security / vulnerability Agency for cybersecurity and US infrastructure (CISA) has added Two disadvantages of security that affectShip) A catalog based on evidence of active operation. The vulnerabilities in question are below – Cve-2017-3066 (CVSS assessment: 9.8) – a vulnerability of desserization that affects Adobe Coldfusion at Apache Blazeds Library, allowing an arbitrary code. (Corrected in April 2017) Cve-2014-20953 (CVSS assessment: 8.8) – a vulnerability of desserization that affects Oracle Agile Plm, which allows a low privileged attacker with network access via HTTP to threaten the system. (Corrected in January 2024) There are currently no public…
February 24, 2025Red LakshmananSecurity / vulnerability of the final points Cybersecurity researchers warn of a new company that uses hacked software versions as bait for the spread of information thefts such as Lumma and ACR thefts. AHNLAB Safety Intelligence Center said he had observed the spike in the ACR’s theft of theft since January 2025. A noticeable aspect of malicious software for theft is the use of technology called Detolish Dead Drop To get the actual command and control server (C2). This includes reinforcing on legal services such as Steam, Telegram’s Telegraph, Forms Google and Google Slides. “The actors threaten…
Rushing does not immediately manage – it slowly floods your protection in the stages. As a ship that is lined with water, the attack begins quietly, under the surface, with thin warning signs that are easy to miss. As long as the encryption begins, too late to stop the flood. Each stage of ransom attack offers a small window to discover and stop the threat until it is too late. The problem is that most organizations do not observe the signs of the early warning – allowing the attackers to quietly disable backups, escalation of privileges and evading the detection…
February 24, 2025Red LakshmananCloud security / encryption Google Cloud has announced digital signatures Quantum Safe in Google Cloud Key Management (Cloudy km) For software keys as a method for Bulletproof encryption systems against the threat representing cryptographically related to quantum computers. The function that is now in the previous viewing coees with the standards of the National Institute of Standards and Technology (NIST) formalized In August 2024. “Our road card CMS KMS PQC includes support for Nist Post-Qantum crystography (FIPS 203, FIPS 205, both in the software (Cloud KMS), and in the Equipment (Cloud HSM) “,” Cloud Division “Company Company…
February 24, 2025Red LakshmananSoftware / Data Protection Australia has become the last country that prohibits the safety software in the Russian company, citing national security problems. “After considering the analysis of the threat and risk I determined that the use of products and web -Kaspersky Lab, Inc. sabotage,” Stephanie Foster PSM, secretary of the Department of Internal Affairs, – Note. “I also considered an important need for a strong political signal to critical infrastructure and other Australian governments regarding the unacceptable security risk associated with the use of products and web services Kaspersky Lab, Inc..” Foster noted that the organizations…
February 22, 2025Red LakshmananFinancial crime / cryptocurrency The exchange of cryptocurrencies on Friday showed that the “complex” attack led to the theft of over $ 1.46 billion with one of its Ethereum Hold’s wallets (offline, which made it the largest in the history of the crystal. “The incident happened when our Eth Multisig Cold Wallet execution Transfer to our warm wallet. Unfortunately, this deal was manipulated by a complex attack that masked the signing interface, showing the correct address, changing the basic logic of a reasonable contract, “bybit” – Note In a message on X. “As a result, the attacker…
February 22, 2025Red LakshmananMisinformation / artificial intelligence Openai on Friday disclosed What he banned the set of accounts that used his Chatgpt tool to develop a suspicious artificial intelligence tool (AI). It is said that the social media is likely to listen to social media Models LamaWith the accounting records that use AI models to create detailed descriptions and analysis of documents for the apparatus capable of collecting data in real time and report on anti-Chinese stocks in the West and share ideas with the Chinese authorities. The company was named an expert review of the ” -in -the -“…