Author: Admin
March 18, 2025Red LakshmananCyber -Ataka / malicious software At least four different threatening subjects have been identified as involved in an updated version Badbox. These include Salestracker Group, Moyu Group, Lemon Group and Longtv, according to the national team and research group on Human Satori, published in collaboration with Google, Trend Micro, Shadowserver and other partners. “Complex and Expanded Fraud Operation” was named BadBox 2.0. It was described as the largest bott -infected connected TVs (CTV), which when they were disclosed. “Badbox 2.0, like its predecessor, begins with the back of inexpensive consumer devices that allow remotely loading fraud modules,”-the…
March 18, 2025Red LakshmananVulnerability / firmware safety The critical safety vulnerability has been disclosed in the MEGARAC AMI (BMC) software management software, which can allow the attacker to bypass authentication and carry out actions after operation. Vulnerability tracked as Cve-2024-54085Carnate CVSS V4 10.0, indicating the maximum burden. “Local or remote attacker can use vulnerability by accessing remote control (Redfish) or internal host BMC (Redfish)”, “Company Showare Security Company Eclypsium – Note In a report that shared with Hacker News. “The operation of this vulnerability allows the attacker to remotely control the compromised server, remotely deploy malicious software, required software, firmware…
March 18, 2025Red LakshmananAI / safety software safety Cybersecurity researchers have revealed details about the new vector of the supply chain called “sourdough”, which affects artificial intelligence (AI), which is supported by code editor such as GitHub Copilot and Cersor, which will introduce a malicious code. “This technique allows hackers silently endangered AI-Zeented code by introducing hidden malicious instructions into the seemingly innocent file – Note In a technical report that is shared with Hacker News. “Using hidden Unicode characters and sophisticated evading methods in the model facing useful load, threatening subjects can manipulate AI to insert a malicious code…
March 18, 2025Red LakshmananCloud security / security of businesses Google makes the biggest acquisition in its history by acquiring Wiz Company Company Wiz in a $ 32 billion transaction. “This acquisition is an investment of Google Cloud to speed up two big and growing trends in the AI era: improved cloud security and the ability to use multiple clouds (multi),” technological giant – Note Today. He added the acquisition, which is subject to normative approval, designed to provide customers of the “comprehensive security platform”, which provides a modern IT -year. CEO of Google Cloud Thomas Curian – Note Combining your…
March 18, 2025Red LakshmananVulnerability / safety windows The unobtrusive lack of security that affects Microsoft Windows was used by 11 state groups from China, Iran, North Korea and Russia as part of data theft, espionage and financially motivated companies dating from 2017. A zero day vulnerability, tracked by Trend Micro’s Nero Day (Zdi) initiative as Appear-CAN-25373refers to a problem that allows bad actors to perform hidden malicious teams on the victim car using the created Windows or Shell Link (.lnk). “Attacks use the hidden command line arguments in .lnk files to perform malicious loads, complicating the detection,” said security researchers…
March 18, 2025Red LakshmananFraud with Advertising / Mobile Security Cybersecurity researchers have warned of a large-scale ad falsification campaign that used hundreds of malicious applications published in Google Play store to serve full-screen advertising and conduct phishing over. “In the app – Note In a report that shared with Hacker News. The details of the activity were For the first time disclosed At the beginning of this month (IAS) (IAS), documented the opening of more than 180 applications that were designed to deploy endless and intrusive full-screen interstitial video advertising. The Advertising Fraud Scheme was a couple. These applications, which…
March 18, 2025Red LakshmananCyber -bue / malicious software Hated hunters shed more light on Previously discovered The campaign of malicious programs conducted by the Chinese, leveled by the Chinese mirror threat that directed a diplomatic organization in the European Union with the back of Anel. The attack found by ESET at the end of August 2024, nominated the Central -European diplomatic institute with baits related to Word exhibitionThe planned to start in Japan in Osaki next month. Activities was named code name Operation Akairyū (Japanese for Reddragon). Active with at least 2019, Mirrorface is also called the ground porridge. This…
March 18, 2025Hacker NewsAuthentication / Identity Security While OKTA provides reliable security features, configuration drift, identity distribution and misuse can enable the attackers to find their way. This article covers four key ways to actively support OKTA as part of your personnel security efforts. Okta serves as a cornerstone of identity and security control for organizations around the world. However, this fame has made it the main goal for cybercriminals seeking access to valuable corporate identities, applications and sensitive data. While OKTA provides reliable security features and recommended best practices, maintaining proper security control requires constant vigilance. Drift configuration, identity…
Microsoft draws attention to the new remote access of Trajan (Rat) named Motionless This states that they use advanced methods of detection of the parties and are stored in the target conditions for the ultimate purpose of stealing sensitive data. Malicious software contains “steal information in the target system, such as the credentials stored in the browser, digital wallet, data stored in the clipboard, and system information”, the Microsoft response team team – Note In the analysis. The technical giant stated that he had discovered Stilachirat in November 2024, and his features of the rats are present in the dll…
March 17, 2025Red LakshmananVulnerability / safety online The recently disclosed lack of security, which affects Apache Tomcat, was actively exploited in the wild after publishing public evidence (POC) only 30 hours after public disclosure. Vulnerability tracked as Cve-2025-24813affects the above versions – Apache Tomcat 11.0-M1 to 11.0.2 Apache Tomcat 10.0-M1 to 10.1.34 Apache Tomcat 9.0-M1 to 9.0.98 This concerns the case Record the Enable for the default serulet (disabled by default) Partial Class Support (Enabled by default) Target URL for sensitive safety is loaded, which is the submarine target URL for public downloads Knowledge of the attacker about the names…