Author: Admin

March 26, 2025Hacker NewsLicking Program / Safety Finally Russian loud hacking group called Redcurl He was associated with the ransom company for the first time, which notes the departure on the “threat of the actor”. Activity observe The Romanian Bitdefender Cybersecurity Company provides for the deployment of never seen a ransom, called QWCRIPT. RedcurlThey are also called the Earth Capr and the Red Wolf, has the history of the orchestration of corporate attacks aimed at different structures of Canada, Germany, Norway, Russia, Slovenia, Ukraine, the United Kingdom and the United States. It is known that it has been actively operating…

Read More

March 26, 2025Red LakshmananSecurity / vulnerability Windows Actor threats known as Encryption Exploits the recently concurrent security vulnerability in Microsoft Windows as a zero day to provide a wide range of malware families, including back and information theft such as Rhadamanthys and Ctealc. “In this attack, the actor threatens .Msc files and multilingual – Note In the analysis. Vulnerability in questionMmc) This can allow the attacker to bypass the security function at the local level. It was fixed The company earlier this month as patch update on Tuesday. Trend Micro gave a feat nickname MSC Eviltwin, tracking the suspected Russian…

Read More

March 26, 2025Red LakshmananAttack of supply chain / malicious software Cybersecurity researchers have discovered two malicious packages in the NPM register, which is designed to infect another established local package, emphasizing the constant evolution of the supply chain attacks aimed at ecosystem with open source. Packages in question Ethers-PROVIDER2 and Ethers-Providerzwith the first loaded 73 times today because it was publish March 15, 2025. The second package, which is probably removed by the authors of malware, did not attract boot. “These were simple bootloaders whose malicious useful burden was deftly hidden,” – researcher Reversinglabs Lucia Valentic – Note In a…

Read More

When people think about cybersecurity threats, they often find out the external hackers who invaded the network. However, some of the most devastating violations stem from organizations. Whether through negligence or malicious intentions, insiders can expose your organization with significant risk of cybersecurity. According to Verizon’s Report on Investigation by Data Violation 202457% of companies experience more than 20 incidents associated with insider per year, and the human mistake is involved in 68% of data violations. With this insider attacks lead to the highest costs, an average of $ 4.99 million for the attack, depending on 2024 g by the…

Read More

March 26, 2025Red LakshmananPassword safety / cybercrime Actors threatens use an electronic crime instrument called Atlantis aio In accordance with the results of pathological security, a lot of verification for automation of accounts. Atlantis Oe “appeared as a powerful weapon in the cyber -dracan arsenal, which allowed the attackers to experience millions of stolen powers in a quick continuity”, cybersecurity company, cybersecurity campaign – Note In the analysis. Accounting is a type of cyberattack, in which the opponent collects stolen accounting accounts, which usually consists of lists of users or email addresses and passwords, and then uses them to obtain…

Read More

March 26, 2025Red LakshmananVulnerability / data safety Broadcom has released safety patches to solve high -speed security lack in VMware tools for Windows that can lead to bypass authentication. The vulnerability, which is monitored as the CVE-2025-22230, is assessed by 7.8 on a ten-point total vulnerability (CVSS). “VMware tools for Windows contain vulnerability of authentication from the wrong access control,” Broadcom – Note in a warning issued on Tuesday. “The No. of non -administrative privileges on Windows VM may be able to perform certain high -profile operations within this VM.” It is attributed to the identification and report on the…

Read More

March 26, 2025Red LakshmananThe security / vulnerability of the browser Google has released fixes outside the range to resolve high-speed security lack in its Chrome browser for Windows, which, he said, was used in the wild as part of the attacks aimed at organizations in Russia. Vulnerability tracked as Cve-2025-2783It was described as a case of “the wrong handle provided in uncertain circumstances in Mojo on Windows”. Movy It turns to the collection of time of execution libraries that provide a platform-lady mechanism for interneculation (IPC). As usual, Google has not disclosed the additional technical specificity about the nature of…

Read More

March 25, 2025Red LakshmananIntelligence threats / malicious software The new investigation has revealed almost 200 unique commands and control (C2) related to malicious software called Raspine Robin. “Raspberry Robin (also known as Roshtyak or Storm-0856) is a complex and developing actor threats providing primary brokers’ services (IAB) by many criminal groups, many of which are connected with Russia,” “Silent Push” – Note In a report that shared with Hacker News. Out of it appearance In 2019, malicious program has become Pipeline for various malicious strains such as Socgholish, Dridex, Lockbit, ICEDID, Bumblebee and TRUEBOT. It is also called the Qnap…

Read More

March 25, 2025Red LakshmananCyber ​​-bue / network security According to the new report, the Sygnia reaction firm, which deals with the main telecommunications company located in Asia, was allegedly broken by hackers funded by the Chinese state, which spent more than four years in its systems. Cybersecurity Company monitors activity called Weavers are antsDescribing the actor the threat as a hidden and very stable. The name of the telecommunications provider was not revealed. “Using web -Obolonki and tunneling, the attackers supported perseverance and promoted cyber -spying,” Signia – Note. “The group behind this invasion (…) is aimed at obtaining and…

Read More

Organizations now use on average 112 apps Saas- The figure that continues to grow. In a 2024 study 49% of 644 respondents who often used Microsoft 365 General data showed more than 1000+ Microsoft 365 Saas connections to SAAS on average for deployment. And this is just one major Saas supplier. Imagine other unforeseen critical safety risks: Each SAAS app has unique security configurations- Adoption of erroneous conditions is the highest risk. Important for business app (CRM, financial and cooperation tools) retain a huge amount of sensitive data, making them the main goals for attackers. Shadows IT and Third Integration…

Read More