Author: Admin
April 18, 2025Red LakshmananIoT / malicious software safety Cybersecurity researchers warn of the constant risks provided by distributed malicious software refusal (DDOS) XorddosFrom 71.3 percent of the attacks between November 2023 and February 2025, sent to the US. “From 2020 to 2023, Trojan Xorddos has increased significantly in prevalence,” Cisco Talos Joey researcher – Note In the Thursday analysis. “This trend is not only due to the widespread global distribution of the Triana XordDOS, but also to the impact on the malicious DNS-related and control (C2). Almost 42 percent of compromised devices are located in the US, then Japan, Canada,…
April 18, 2025Red LakshmananSecurity / vulnerability Windows Cybersecurity and US Infrastructure Agency (CISA) on Thursday on Thursday added Lack of high school security that affects Microsoft Windows to known exploited vulnerabilities (Ship) Catalog, subsequent reports of active exploitation in the wild. Vulnerability assigned to CVE ID Cve-2025-24054 (CVSS assessment: 6.5), this is a new Windows Local Network Manager (Ntlm) The hash -spinning fake bug that Microsoft was secured last month as part of the patch upgrade on Tuesday. NTLM is a hereditary authentication protocol that Microsoft is officially outdated last year in favor of Kerberos. In recent years, the threats…
Chinese actor threats known as Mustang Panda He was linked to cyber -napad aimed at an uncertain organization in Myanmar with previously unrelated instruments, emphasizing the constant efforts from the subjects threat to enhanced and the effectiveness of his malware. These include updated versions of the famous rear Toneas well as a new side motion tool called Starproxy, two Keylogger cadencies Splatcloak. “Toneshell, the back of the Mustang Panda, was updated with changes in its FAKETLS Command and Control (C2) communications protocol, as well as in customer IDs creation and storage methods,” said the Zscaler OPHERLABZ SINGH IN A IN…
Several hacking groups funded by the state from Iran, North Korea and Russia have been found to use the increasingly popular CLICFIX social engineering tactics to deploy malware over three months from the end of 2024 to early 2025. Phisching companies taking strategy were attributed to clusters tracking Ta427 (Kimusuki), Ta450 (AKA MUDDYWATER, UNK_REMOTEROGE, and Ta422 (AKA APT28). Clickfix was the initial access methodology, primarily related to cybercrime groups, although the effectiveness of the approach also led to the adoption of nation -states. “Inclusion Clickfix does not revolutionize companies conducted by TA427, Ta450, Unk_remoterogue and Ta422, and instead replaces the…
April 17, 2025Red LakshmananCybersecurity / malicious software Microsoft draws attention to the permanent Malvertising company that uses Node.js to provide malicious loads capable of theft of information and data exports. Activity For the first time discovered In October 2024, lures related to cryptocurrency trading were used to trick users to install a robber from fraudulent sites that are masked as legal software, such as Binance or Tradingview. The downloaded installation comes in a dynamic reference library (“Customactions.dll”), which is responsible for harvesting basic system information using the Windows Management (WMI) instrument and sustainability settings through the planned task. In an…
April 17, 2025Hacker NewsPassword safety / Blockchain Blockchain is most famous for its use in cryptocurrencies such as Bitcoin, but also has significant applications for authentication online. Because businesses in different sectors are increasingly covered by blockchain safety tools, can technology once replace passwords? How does blockchain work Blockchain is a safe way to maintain, encrypt and exchange digital transactions. The benefits of its safety follow from its decentralized character: this Distributed books can refer to participants of different nodesAnd this is invariably. All users retain control as a group, that is, no person can change the book. How can…
April 17, 2025Red LakshmananVulnerability / safety network A critical security vulnerability was disclosed in Erlang/Open Telecom Platform (OTP) Introducing SSH, which can allow the attacker to perform an arbitrary code under certain conditions. Vulnerability tracked as Cve-2025-32433Received the maximum CVSS 10.0 score. “The vulnerability allows the attacker with the network access to the Erlang/OTP SSH server to perform arbitrary code without pre -authentication,” – researchers of the Ruhr Bochum Fabian Bäumer, Marcus Brinkmann, Marcel Maehren and Jörg Schwenk – Note. The problem follows from improper processing of SSH reports, which essentially allow the attacker to send reports of the connection…
April 17, 2025Red LakshmananVulnerability / safety network US Cybersecurity Agency and US Infrastructure (CISA) added Lack of security affecting safe mobile access Sonicwall (Fat) 100 gateway series to known exploited vulnerabilities (Ship) A catalog based on evidence of active operation. High-speed vulnerability, tracked as the CVE-2021-20035 (CVSS: 7.2), is due to the case of the operating system injection, which may lead to the code. “Incorrect neutralization of special elements in the SMA100 control interface allows for remote authentic attackers to enter arbitrary commands as a” no one “that can potentially lead to code,” Sonicwall – Note In a consultation published…
April 17, 2025Red LakshmananZero day / vulnerability Apple on Wednesday liberated Security updates for iOS, iPados, MacOS Sequoia, TVOS and Visionos to solve the two disadvantages of security, which, he said, came under active exploitation in the wild. The vulnerabilities in question are below – Cve-2025-31200 (CVSS assessment: 7.5) – Memory corruption vulnerability Main audio Frame that can allow the execution of the code when processing audio potato in the abused media file Cve-2025-31201 (CVSS assessment: 6.8) – Vulnerability in the RPAC component that can be used by an attacker with an arbitrary reading and recording capacity Checking of the…
April 16, 2025Red LakshmananSecurity / vulnerability of the final points Cybersecurity researchers described in detail four different vulnerabilities mainly Windows components Task Planning Service This can be used by local attackers to escalate privileges and erasing magazines to cover evidence of malicious activity. Problems have been identified in binary specified “Schtasks.exe”Which allows the administrator to create, remove, request, change, work and conclude planned tasks on a local or remote computer. “A (Managing User Account) vulnerability was found in Microsoft Windows, allowing the attackers to bypass the user account control, allowing them to perform highly accelerated (system) teams without approval -…