Author: Admin

04 March 2025Red LakshmananVulnerability / mobile security Google has liberated Its monthly Android security newsletter in March 2025, a total of 44 vulnerability, including two, which, he said, were actively exploited in the wild. Two vulnerabilities with high speed are below – Cve-2024-43093 – Lack of escalation of privileges in the components of Framework, which can lead to unauthorized access to the directory “Android/Data”, “Android/OBB” and “Android/Sandbox” and their corresponding liners. Cve-2024-5022 – Lack of escalation of privileges in the Linux Hid USB components, which can lead to non -nationalized core memory leaks to a local attacker through specially designed…

03 March 2025Red LakshmananCloud security / email security Actors threats focus on Amazon’s web service (O) The environment for displacement of phishing companies to non -suspicious targets, according to the Block 42 networks Palo Alto Networks. Cybersecurity Company Track Activities called TGR-UNK-0011 (Short for Group threats with unknown motivation), about which, in her words, they intersect with a group known as Javaghost. As you know, TGR-NUNK-0011 has been working since 2019. “The Group Historically focused on the cancellation of sites,” Margaret Kelly’s security researcher – noted. “In 2022, they sent to send phishing sheets for financial benefits.” It should be…

03 March 2025Red LakshmananRedemption / vulnerability Threatening actors operate security vulnerability in the Biontdrv.Sys driver in Paragon Partition Manager Manager in ransomware attacks to escalate privileges and execute an arbitrary code. The zero day deficiency (CVE-2025-0289) is part of a set of five vulnerabilities that have been detected by Microsoft, Certination Center (Cert/CC) reports. “This includes an arbitrary reflection of the kernel memory and writing vulnerabilities, a derefert Null, dangerous access to kernel resources and arbitrary memory vulnerability,” Cert/CC – noted. In a hypothetical attack scenario, an opponent with local access to the Windows machine can use these deficiencies to…

03 March 2025Red LakshmananPrivacy / Save data The UK Information Commissioner (ICO) has opened an investigation into Tiktok, Reddit and IMGUR internet platforms to assess the steps they take to protect children between the ages of 13 and 17. To this end, the guard stated that conducting a check on how a byte -owned video exchange service uses personal data in the age range for superficial recommendations and provides the proposed content on their channels. “This is in light of growing concern about social media and video sharing platforms using data obtained by children’s online performance in their recommendations -…

03 March 2025Red LakshmananCybercrime / malicious software Cybersecurity researchers pay attention to new phishing Havoc. “The actor threats hides each scene malicious programs behind the SharePoint site and uses a modified Havoc Demon version combined with API Microsoft Graph to obscure C2 communications, known – noted In a technical report that is shared with Hacker News. The starting point of the attack is phishing -electronic mail containing HTML attachment (“documents.html”), which when opening reflects the error that uses the error that uses Technique Clickfix To trick users to copy and execute the malicious PowerShell team to their terminal or PowerShell,…

In 2024, the world’s ransomers hit 5,414, which increased by 11% compared to 2023. After slow launch, the attacks were made to the quarter and grew in Q4 quarter, from 1827 incidents (33% of the total year). Law enforcement agencies against major groups such as Lockbit caused fragmentation, leading to greater competition and growth of smaller gangs. The amount of active Ransom The groups jumped 40%, from 68 in 2023 to 95 in 2024. New Ransomware groups to view In 2023 there were only 27 new groups. In 2024, there was a sharp growth of 46 new groups. As the…

03 March 2025Red LakshmananMobile Security / Botnet Brazil, South Africa, Indonesia, Argentina and Thailand became target Water. The improved VO1D version has been found to cover 800,000 daily active IP, and Botnet is scalable 1590 on January 19, which covers 226 countries. As of February 25, 2025, India survived a significant increase in infection, increasing from less than 1% (3.901) to 18.17% (217 771). “VO1D has developed to increase its resistance, stability and anti-visites,” Qianxin Xlab – Note. “RSA encryption provides networking, preventing (teams and control) absorption, even if (domain generation algorithm) is registered by researchers. Each useful load uses…

01 March 2025Red LakshmananPrivacy / Data Protection Firefox Mozilla browser manufacturer on Friday updated its use terms for the second time during the week subsequent censure Shipment language, which seemed to give the company the right to all the information downloaded by users. A revised Use Conditions now state – You give Mozilla the right to operate Firefox. Here comes the processing of your data as we describe in Firefox Post of Privacy. It also includes a non -exclusive, free world license for the purpose of doing as you request with the content you enter in Firefox. It gives no…

February 28, 2025Red LakshmananMobile Security / Zero Day The 23-year-old Serbian youth activist had his Android phone, aimed at zero day, developed Cellebrite to unlock the device, according to Amnesty International report. “Phone Android One Student Seceter has been used and unlocked by a sophisticated zero day operation oriented – NoteThe addition of traces of operation was found in a separate case in mid -2014. Vulnerability in question Cve-2024-53104 (CVSS assessment: 7.8), the case of escalation of privileges in the kernel component known as the USB Video Class (UVC) driver. The lack of the lack was considered in the Linux…

Cybersecurity researchers have discovered a wide phishing campaign that uses fake CAPTCHA images that are divided through PDF -documents located on the Webflow content delivery (CDN) to deliver malicious Lumma software. Netskope laboratory threatened that it had revealed 260 unique domains that conduct 5000 PDF phishing files that redirect victims to malicious sites. “The attacker uses SEO to trick the victims to visit pages by clicking on the results of the malicious search engine,” security researcher Jan Michael Alcantar – Note In a report that shared with Hacker News. “While most phishing pages focus on the theft of credit card…