Author: Admin

February 17, 2025Red LakshmananSafety of the final points / malicious software Microsoft stated that revealed a new version of the famous malicious Apple MacOS software called Xcsset As part of limited attacks in the wild. “The first known option from 2022, this last malicious Xcsse software software – Note In a message that is divided into X. “These advanced features add to the previously known opportunities of this family malicious programs, such as targeting digital wallets, collecting data from the Notes application and exiding system information and files.” Xcsset is a complex modular malicious MacOS, which is known to focus…

Read More

February 17, 2025Red LakshmananArtificial Intelligence / Data Protection South Korea has officially suspended new downloads of Chinese artificial intelligence (AI) Chatbot Deepek in the country until the service changes to its mobile applications to comply with data protection rules. Downloads were stopped since February 15, 2025, 18:00 local time, personal information protection commission (PIPC) – Note In a statement. The web -service remains available. The agency said it started its own analysis of Deepseek immediately after its launch and “revealed some shortcomings in the functions of communication and policy of processing personal information with the providers of other manufacturers.” Deepseek…

Read More

February 17, 2025Red LakshmananIntelligence threats / cyber -ataka Cybersecurity researchers spilled light on a new back hill, which uses a telegram as a mechanism of team communications and control (C2). The NETSKOPE threat laboratories, which describe the functions of malicious software, described it as perhaps Russian origin. “Malicious software consists in Holong and once performs it as a back”, a security researcher Leandra Fros – Note in an analysis published last week. “Although malicious software seems to be still in development, it is quite functional.” After launching the Backdoor is designed to check if it works in a certain place…

Read More

February 17, 2025Hacker NewsSecurity / Attack Modeling Cyber ​​-Prosis develops – is your defense strategy support? Available new free guide there Explains why continuous managing threats (CTEM) is a reasonable approach to active cybersecurity. It’s a concise report The fact is why a comprehensive CTEM approach is the best general strategy to attract cyber -defense business in the conditions of developing attacks. It also presents a real world scenario that illustrates how the business will go against the attack on the form of three safety frames – the vulnerability management (VM), the surface control (ASM) and CTEM. With VM the…

Read More

February 15, 2025Red LakshmananMobile Security / Technology Google is working on a new Android security feature that blocks device owners from changing sensitive settings when the phone call continues. In particular, the Anti -Call defense in the call includes preventing users to enable setup settings to install applications from unknown sources and accessing access. Development was First reported Author Android. Users trying to do this during telephone calls are provided in the message: “The scammers often require this type of action on the phone, so it is blocked to protect you”, “If you manage to take this action by someone…

Read More

February 14, 2025Red LakshmananVulnerability / devops Cybersecurity researchers revealed a new type of attack on confusion called Whoami, which allows anyone publishing Amazon’s image (Si) With a specific name to obtain the code within the Amazon Web Services account (AWS). “When executed on scale, this attack can be used to access the thousands of accounts,” – Datadog Labs Security STH ART researcher – Note In a report that shared with Hacker News. “The vulnerable sample can be found in many private and open source repositors.” At the heart of its attack is a supply seizure attack, which provides for the…

Read More

February 14, 2025Red LakshmananBrowser’s safety / cryptocurrency North Korean actor threats known as Group Lazarus was associated with a previously unregistered JavaScript implant called Marstech1 as part of limited target attacks on developers. The active operation was named Marstech Mayhem SecurityScorecard, and malicious software, put with an open source storage, located on GitHub, which is associated with a profile called “Success”. The profile, which has been operating since July 2024, is no longer available on the hosting code platform. Implant is designed to collect system information and can be built into sites and NPM packages, creating a risk chain risk.…

Read More

The threats of the actors standing for RansomHub It was noted that the Ransomware-How’s Service Scheme (RAAS) is observed using security deficiencies in Microsoft Active Directory and Netlogon protocol for escalation of privileges and obtaining unauthorized access to the domain victim network controller within its strategy after the complex. “RansomHub has sent more than 600 organizations worldwide, covering sectors such as health care, finance, government and critical infrastructure, firmly establishing it as the most active ransom group in 2024,” IB-IB analysts ” – Note In an exhaustive report published this week. Group Ransomware first appeared In February 2024, having acquired…

Read More

February 14, 2025Red LakshmananEnterprise Safety / Cyber ​​-Ataka Microsoft draws attention to the new cluster threat that it causes Storm-2372 This was due to the new set of cyber -offices aimed at different sectors since August 2024. The attacks are aimed at government, non -governmental organizations (NGOs), services and technology of information technology (IT), protection, telecommunications, health, higher education and energy/oil and gas to the east. The actor threats that with average confidence is evaluated to be coordinated with Russian interests, Viktina and trading means, targeting users using messages such as WhatsApp, Signal and Microsoft, falsely saying that is a…

Read More

Social engineering Move quickly, at the speed of the generative II. This offers bad actors several new tools and methods of research, survey and operation of organizations. In recent communication, the FBI noted: “As the technology continues to develop,” cybercriminals “are also doing. This article studies some consequences of this acceleration, which begins from the Genoa. And he studies what that means for IT Liders responsible for the control of protection and mitigating vulnerabilities. More realism, the best base and scripts of multiple attacks Traditional social engineering methods usually provide for anyone who knows the goal. The attacker can hide…

Read More