Author: Admin
February 19, 2025Hacker NewsWindows / malicious software safety Users who are on the search for popular games have been enlisted in the loading of the trapped installers, which led to the deployment of the miner cryptocurrency on the compromised hosts of Windows. A large -scale activity has been registered Oldydobry A Russian cybersecurity company Kaspersky, who first discovered it on December 31, 2024. It lasted a month. The goals of the company include people and enterprises around the world, and the Casperson telemetry reveals higher concentrations of infection in Russia, Brazil, Germany, Belarus and Kazakhstan. “This approach has helped the…
February 19, 2025Red LakshmananIntelligence threats / vulnerability Cybersecurity and US Infrastructure Agency (CISA) added Two disadvantages of security affectShip) A catalog based on evidence of active operation. Disadvantages are below – Cve-2025-0108 (CVSS Assessment: 7.8) -Vulnerability of Authentification Passage Palo Alto Web Interface Pan -OS, which allows unauthorized attackers with network access to the management interface to get around authentication, usually required and causes certain scenarios Cve-2024-53704 (CVSS Assessment: 8.2) – Incorrect Authentication Vulnerability in SSLVPN authentication mechanism, which allows a remote attacker to bypass authentication Palo Alto Networks has since confirmed Hacker News that she noticed active attempts to…
February 18, 2025Red LakshmananVulnerability / safety network Two safety vulnerabilities were found in the Safe OpenSSH Secure network, which can be successfully used by an active machine (MITM) and a refusal attack (DOS), respectively, under certain conditions. Vulnerability minute According to the study threaten Qualys (TRU), there is listed below – Cve-2025-26465 – The Openssh Client Contains A Logic Error Between Versions 6.8p1 to 9.9p1 (inclusive) A LEGITIMATE Server When A Client Attempts To Connect To This (introduced in December 2014) Cve-2025-26466 – Customer and server Openssh vulnerable to the DOS attack before the sensor between versions 9.5p1 to 9.9p1…
February 18, 2025Red LakshmananCyber -bue / malicious software Chinese state actor threats known as Mustang Panda It has been noted that a new technique is used to eliminate and maintain control of infected systems. This involves the use of legitimate Microsoft Windows Utilities called Microsoft Application Virtualization Injector (Mavinject.exe) to introduce a harmful useful load of the actor into external process, waitfor.exe, every time the use of the ESET anti -virus is discovered – Note In a new analysis. “The attack includes a refusal of several files, including legitimate executable files and malicious components, as well as deploying PDF baits…
February 18, 2025Red LakshmananMalicious software / network safety Chinese actor threats known as Winnti was attributed to a new company named Revivalsstone This is aimed at Japanese companies in the production, materials and energy sectors in March 2024. Activity minute The Japanese Cybersecurity Company crosses with the threat cluster, tracked by Trend Micro as The land of Freibugwhich was evaluated by the subsidiary within the cyber -Spying APT41 Cuckoo operationand Symantec like Blackfly. APT41 It was described as a highly qualified and methodical actor with the ability to strengthen the espionage attacks, as well as poison the supply chain. His…
February 18, 2025Red LakshmananIntelligence threats / malicious software Cybersecurity researchers warn of a new company that uses online injecting to deliver new malicious Apple MacOS software as Frigidtealer. Activities have been linked to a previously unregistered threat actor known as TA2727, with information thefts for other platforms such as Windows (Windows (Windows (Theft of a lama or Deer) and Android (Walk). TA2727 – “Actor threats that use fake themed updates – Note In a report that shared with Hacker News. It is one of the recently discovered threatens as well as TA2726, which is evaluated as an Operator of the…
February 18, 2025Red LakshmananVulnerability / safety network Juniper Networks has released security updates to address a critical security lack that affects a reasonable router session, Smart Winder and Wan router products that can be used to control the capture of sensitive devices. Tracked as Cve-2025-21589The vulnerability carries the CVSS V3.1 9.8 and the CVS V4 9.3 mark. “Bypass authentication using an alternative way or vulnerability of the channel in session sessions of the Seest Season Season can allow the attacker to pass authentication and take administrative control over the device,” company company company – Note In advisory. Vulnerability affects the…
February 18, 2025Hacker NewsArtificial intelligence / cyber -defense It’s AI really Restoration of the cyber-threatening landscape, or the constant eardrum of excitement, which drown with a real, more sensitive, real danger? According to Picus Labs Red Report 2025 In which more than a million samples of malware are analyzed, there has not been a significant overvoltage. Yes, opponents certainly continue innovation, and although II will certainly start playing a greater and big role, the latest data suggest that a set of known tactics, methods and procedures (TTPS) is still dominated in the industry. The noise around artificial intelligence certainly dominates…
New Xerox Printer Disadvantages can allow the attackers to seize Windows Active Directory credentials
February 18, 2025Red LakshmananVulnerability / safety of businesses Security vulnerabilities were disclosed in the Xerox Versalink C7025 multifunctional printers (MFPS), which could allow the attackers to record authentication accounts using the opposite attacks using the catalog access protocol (catalogs (catalogs.Ldap) and SMB/FTP services. “This passage attack uses vulnerability that allows malicious actors to change the MFP configuration and force the MFP device to send authentication data back to the malicious actor,” Rapid7 Deral Heland security researcher – Note. “If a malicious actor can successfully use these problems, it will allow them to seize the accounts for Windows Active Directory. This…
February 18, 2025Red LakshmananHacking malicious programs / web -sight Cybersecurity researchers have indicated the theft of malicious software, which was observed, focused on e -commerce sites that manages Magento, masking malicious content in images in the HTML code to stay under the radar. Magecart is a name that is provided with malicious software capable of stealing sensitive information about payment from online trading sites. Attacks are known to use a wide range of methods- both on customers and on the server- for compromise sites and deploying a credit card to ease the theft. Usually, such malicious software works or loaded…