Author: Admin
February 8, 2025Red LakshmananArtificial intelligence / safety supply chain Cybersecurity researchers found two malicious machine learning models (ML) on the hug that used unusual “broken” salted cucumber files to avoid detection. “Files of salted cucumbers extracted from the mentioned Pytorch archives showed malicious Python content at the beginning of the file,” Carl Zanka ReversingLabs Researcher – Note In a report that shared with Hacker News. “In both cases, the harmful load was a typical reverse platform reverse shell that connects to the tough code.” The approach was named Nullifai because it provides attempts to solve The passage of existing guarantees…
07 February 2025Red LakshmananMobile Security / Artificial Intelligence The new Deepseek mobile application audit for the Apple iOS operating system has found that bright security issues, the main thing that it sends sensitive data over the Internet that allows you to encrypt, exposing it with interception and manipulation. The assessment comes from nowsecure, which also showed that the app does not follow the best security practices and that it collects extensive user data and devices. “DEEPEEK iOS app sends some mobile app registration and devices online without encryption”, company – Note. “This exposes any data on the internet both passive…
07 February 2025Red LakshmananCloud security / web -security Microsoft warns of a dangerous practice in which software developers include publicly disclosed ASP.Net keys from publicly available resources, thus investing their applications into the path of attackers. The Technological Giant Intelligence Team stated that it was observing limited activity in December 2024, which included an unknown threat actor using the ASP.Net’s public static key for imposing malicious code and delivery Godl Frame after operation. He also noted that he identified more than 3,000 publicly discovered keys that could be used for these attacks View the Infrosting Codes. “While many previously known…
07 February 2025Hacker NewsVulnerability / malicious software The US Cybersecurity and infrastructure agencies (CISA) have warned that the lack of security affecting Trimble Urban work Asset management software focused on GIS was actively operating in the wild. The vulnerability in question is the CVE-2025-0994 (CVSS V4: 8.6), desserization of an unreliable data error that can allow the attacker to conduct the removed code. “This can allow authentified users to implement the code implementation on the Microsoft Infort Services (IIS) Customer Customer,” Cisa – Note In an advisory order of February 6, 2025. The disadvantage affects the following versions – CityWorks…
Fundamentals for social engineering attacks – people’s manipulation – may have not changed for many years. These are vectors – how these methods are unfolding – developing. And, like most industries these days, AI accelerates its evolution. This article studies how these changes affect business and how cybersecurity leaders can respond. Establishing attacks: Use a trusted identity Traditional forms of defense have already fought for solving social engineering, “the cause of most data violations”, according to Thomson Reuters. The next generation of cyber-fades working on AI can now start these attacks with unprecedented speed, scale and realism. Old Way: Silicone…
07 February 2025Red LakshmananFinancial security / compliance with regulatory requirements The Central Bank of India, the Indian Reserve Bank (RBI), said it is introducing an exclusive “bank” on the Internet for banks in the country to combat digital financial fraud. “This initiative is aimed at reducing cybersecurity threats and malware, such as phishing; and streamlining safe financial services, thereby increasing the trust in digital banking and payment services,” Irbi – Note in a statement issued today. To this end, the Institute for Development and Studies in Banking Technology (IDRBT) will act as an exclusive registrar. It is expected that registration…
07 February 2025Red LakshmananVulnerability / intelligence threats The actors threatened were observed in the exploitation of recently disclosed security deficiencies in Simplehelp (RMM) software as a predecessor for ransom attack. The invasion applied the vulnerabilities that have now been put to gain initial access and maintain permanently remote access to the uncertain target network, according to the Chapecurity Company Field Effect Effect Effect report, which is shared by Hacker News. “The attack included the rapid and intentional execution of multiple tactics, methods and procedures after compromise (TTPS), including the detection of network and system, creating administrator accounts and creating mechanisms…
06 February 2025Red LakshmananCybercrime / Ransomware In 2024, $ 813.5 million has been raised for a total of $ 813.5 million, which decreased compared to $ 1.25 billion in 2023. The total amount required during the first half of 2024 amounted to $ 459.8 million, Blockchain Intelligence Chenkalysis said, adding paying activities after July 2024 by 3.94%. “The number of ransomers increased in H2, but the chain payments have declined, suggesting that more victims were aimed but less paid,” company company company – Note. Adding to the problems is an increasingly fragmented ransom ecosystem, which, as a result of the…
06 February 2025Red LakshmananCyber -Ataka / malicious software Bogus websites advertised by Google Chrome were used to distribute malicious trooper access settings called Valleyrat. Malicious software, first discovered in 2023, is explained by the actor of the threat, which is monitored as a silver fox, and previous attacks are primarily focused on Chinese regions such as Hong Kong, Taiwan and mainland China. “This actor is increasingly targeted in a key role in the finance organizations, accounting and sales-proclaiming strategic attention to high-value positions with access to sensitive data and systems,” Morphisek Schmuel Invo – Note In a report published earlier…
North Korean, apt kimusuk, uses malicious software for theft of accounts supported by browser
06 February 2025Red LakshmananIntelligence threats / malicious software According to Kimusuki, connected with North Korea nation -known as Kimusuki New conclusions from the AHNLAB security intelligence center (ASEC). The attacks start with phishing sheets containing the Windows Fast Access File (LNK), which is disguised as Microsoft or PDF -document. The opening of this attachment is caused by PowerShell or Mshta.exe, a legitimate Microsoft Binary designed to launch HTML applications (HTA) responsible for downloading and launching useful loads from an external source. South Korean cybersecurity company said the attacks were over Mandash and the custom version of the deleted desktop with…