Author: Admin
February 18, 2025Red LakshmananMalicious software / network safety Chinese actor threats known as Winnti was attributed to a new company named Revivalsstone This is aimed at Japanese companies in the production, materials and energy sectors in March 2024. Activity minute The Japanese Cybersecurity Company crosses with the threat cluster, tracked by Trend Micro as The land of Freibugwhich was evaluated by the subsidiary within the cyber -Spying APT41 Cuckoo operationand Symantec like Blackfly. APT41 It was described as a highly qualified and methodical actor with the ability to strengthen the espionage attacks, as well as poison the supply chain. His…
February 18, 2025Red LakshmananIntelligence threats / malicious software Cybersecurity researchers warn of a new company that uses online injecting to deliver new malicious Apple MacOS software as Frigidtealer. Activities have been linked to a previously unregistered threat actor known as TA2727, with information thefts for other platforms such as Windows (Windows (Windows (Theft of a lama or Deer) and Android (Walk). TA2727 – “Actor threats that use fake themed updates – Note In a report that shared with Hacker News. It is one of the recently discovered threatens as well as TA2726, which is evaluated as an Operator of the…
February 18, 2025Red LakshmananVulnerability / safety network Juniper Networks has released security updates to address a critical security lack that affects a reasonable router session, Smart Winder and Wan router products that can be used to control the capture of sensitive devices. Tracked as Cve-2025-21589The vulnerability carries the CVSS V3.1 9.8 and the CVS V4 9.3 mark. “Bypass authentication using an alternative way or vulnerability of the channel in session sessions of the Seest Season Season can allow the attacker to pass authentication and take administrative control over the device,” company company company – Note In advisory. Vulnerability affects the…
February 18, 2025Hacker NewsArtificial intelligence / cyber -defense It’s AI really Restoration of the cyber-threatening landscape, or the constant eardrum of excitement, which drown with a real, more sensitive, real danger? According to Picus Labs Red Report 2025 In which more than a million samples of malware are analyzed, there has not been a significant overvoltage. Yes, opponents certainly continue innovation, and although II will certainly start playing a greater and big role, the latest data suggest that a set of known tactics, methods and procedures (TTPS) is still dominated in the industry. The noise around artificial intelligence certainly dominates…
New Xerox Printer Disadvantages can allow the attackers to seize Windows Active Directory credentials
February 18, 2025Red LakshmananVulnerability / safety of businesses Security vulnerabilities were disclosed in the Xerox Versalink C7025 multifunctional printers (MFPS), which could allow the attackers to record authentication accounts using the opposite attacks using the catalog access protocol (catalogs (catalogs.Ldap) and SMB/FTP services. “This passage attack uses vulnerability that allows malicious actors to change the MFP configuration and force the MFP device to send authentication data back to the malicious actor,” Rapid7 Deral Heland security researcher – Note. “If a malicious actor can successfully use these problems, it will allow them to seize the accounts for Windows Active Directory. This…
February 18, 2025Red LakshmananHacking malicious programs / web -sight Cybersecurity researchers have indicated the theft of malicious software, which was observed, focused on e -commerce sites that manages Magento, masking malicious content in images in the HTML code to stay under the radar. Magecart is a name that is provided with malicious software capable of stealing sensitive information about payment from online trading sites. Attacks are known to use a wide range of methods- both on customers and on the server- for compromise sites and deploying a credit card to ease the theft. Usually, such malicious software works or loaded…
February 17, 2025Red LakshmananSafety of the final points / malicious software Microsoft stated that revealed a new version of the famous malicious Apple MacOS software called Xcsset As part of limited attacks in the wild. “The first known option from 2022, this last malicious Xcsse software software – Note In a message that is divided into X. “These advanced features add to the previously known opportunities of this family malicious programs, such as targeting digital wallets, collecting data from the Notes application and exiding system information and files.” Xcsset is a complex modular malicious MacOS, which is known to focus…
February 17, 2025Red LakshmananArtificial Intelligence / Data Protection South Korea has officially suspended new downloads of Chinese artificial intelligence (AI) Chatbot Deepek in the country until the service changes to its mobile applications to comply with data protection rules. Downloads were stopped since February 15, 2025, 18:00 local time, personal information protection commission (PIPC) – Note In a statement. The web -service remains available. The agency said it started its own analysis of Deepseek immediately after its launch and “revealed some shortcomings in the functions of communication and policy of processing personal information with the providers of other manufacturers.” Deepseek…
February 17, 2025Red LakshmananIntelligence threats / cyber -ataka Cybersecurity researchers spilled light on a new back hill, which uses a telegram as a mechanism of team communications and control (C2). The NETSKOPE threat laboratories, which describe the functions of malicious software, described it as perhaps Russian origin. “Malicious software consists in Holong and once performs it as a back”, a security researcher Leandra Fros – Note in an analysis published last week. “Although malicious software seems to be still in development, it is quite functional.” After launching the Backdoor is designed to check if it works in a certain place…
February 17, 2025Hacker NewsSecurity / Attack Modeling Cyber -Prosis develops – is your defense strategy support? Available new free guide there Explains why continuous managing threats (CTEM) is a reasonable approach to active cybersecurity. It’s a concise report The fact is why a comprehensive CTEM approach is the best general strategy to attract cyber -defense business in the conditions of developing attacks. It also presents a real world scenario that illustrates how the business will go against the attack on the form of three safety frames – the vulnerability management (VM), the surface control (ASM) and CTEM. With VM the…