Author: Admin
As Saas and cloud work rework the enterprise, the web browser has become a new final point. However, unlike the final points, the browsers remain mostly without animated, despite the fact that it is responsible for more than 70% of modern attacks on malicious programs. To hold a recent A state security report report The main major problems facing security executives with employees using the web browser for most of their work. The reality is that Traditional security instruments are blind to what is happening in the browserAnd the attackers know it. Main conclusions: 70% of phishing companies stands for…
April 22, 2025Red LakshmananManagement Person / Security Cloud Microsoft on Monday announced that she had moved the Microsoft (MSA account) service service on Azure Convidential Virtual Machines (VMS) and that it is also in the process of migration of the Signing ID Entra. The disclosure of information occurs seven months after the technological giant – Note It has completed the Microsoft Entra ID and MS updates for both public and government clouds to create, storage and automatic turning key signing marker Accent using Azure Managed Amail (HSM) service. “Each of these improvements helps to mitigate the vectors we suspect that…
April 22, 2025Red LakshmananCyber -Spying / Intelligence threats The Chinese Cyber Spying Group was monitored when Lotus Panda was attributed to a campaign that violated numerous organizations in the unnamed Southeast Asian country between August 2024 and February 2025. “The targets included the Ministry of Government, the air traffic control, telecommunications operator and construction company,” “Hunter team for threatening Symantec – Note In a new report that shared with Hacker News. “The attacks included the use of multiple new custom tools, including forklifts, the thefts and the SSH return tool.” The invasion is also said to be aimed at an…
April 21, 2025Red LakshmananMalicious software / vulnerability Cybersecurity researchers have marked a new malicious campaign associated with the North Korean state actor known as Kimas This exploits now, which is a vulnerability that affects Microsoft’s desktop services to gain initial access. Activities has been named Larva-24005 In the center of the AHNLAB security intelligence (ASEC). “In some systems, the initial access was obtained from the operation of the RDP (Bluekeep, Cve-2019-0708), South Korean Cybersecurity Company – Note. “While the compromised system found the RDP vulnerability, no evidence of its actual use.” Cve-2019-0708 (CVSS’s assessment: 9.8) – this Critical worm error…
April 21, 2025Red LakshmananTechnology / Mobile Security Named new Android Marsware Platform (MAAS) (MAAS) Supercard X can promote communication close fields (Nfc) Attacks of the relay, which allows cybercriminals to conduct fake hammer. The active company focuses on banking institutions and card issuers in Italy in order to compromise payment card data, said the firm prevention firm. There are data that suggest that the service is moving on Telegram. Supercard X “uses a multi -stage approach that combines social engineering (via Sming and theheng call), malicious app installation and interception NFC data for highly efficient fraud”, Federico Valentini Safety Researchers,…
The problem is simple: all the violations begin with the initial access, and the initial access is reduced to two main vectors of the attack – accounts and devices. This is not news; Each report you can find in the threat landscape shows the same picture. The solution is more complicated. In this article, we will focus on the vector of the device. The risk they represent is significant, so devices such as mobile device control tools (MDM) and the detection and reaction of the endpoints (EDR) are the main components of the organization’s security infrastructure. However, based solely on…
April 21, 2025Red LakshmananVulnerability / intelligence threats Cybersecurity researchers revealed a splash in “mass scan, accounts and operating attempts” from the IP address Proton66. Activities, revealed from January 8, 2025, focused organizations worldwide, said in a double analysis published by Trustwave Spiderlabs last week. “Clean blocks 45.135.232.0/24 and 45.140.17.0/24 were particularly active – noted. “Earlier, several people who violate IP -Drace have not previously participated in harmful activity or were inactive for more than two years.” Russian Autonomous System Proton66 is evaluated be related to another autonomous system by the Prospero name. Last year, the French Protective Firm Intrinsec spoke…
APT29 deploys malicious Grapeloader programs focused on European diplomats through baits for wine tasting
The Russian state -owned threatening actor known as APT29 was associated with an advanced phishing company that focuses on diplomatic structures across Europe with a new Wineloader version and previously unregistered malicious programs called Grapeloader. “Although the improved Wineloader option is still a modular back used in the following stages, Grapeloader is a recently observed tool from the initial stage used for fingerprint, perseverance and delivery of useful load” – Note In a technical analysis published earlier this week. “Despite the different roles, both share similarities in the code structure, burdenship and transcript of the lines. The Grapeloader clarifies the…
April 19, 2025Red LakshmananLinux / malicious program Cybersecurity researchers have discovered three malicious packages in the NPM register, which is masked as a popular Telegram Bot Library, but Harbour SSH Backdoor and the data exports. Under consideration packages are given below – According to the safety of the supply chains, the packages are designed to simulate Node-Telegram-Bot-APIPopular API Node.js Telegram with more than 100,000 Weeking Downloads. Three libraries are still available for download. “Although this number may seem modest – Note. “The supply security incidents repeatedly indicate that even several institutions may have catastrophic consequences, especially if the attackers get…
Asus confirms a critical shortage of AICLoud routers; Users called up to update the firmware
April 19, 2025Red LakshmananNetwork security / vulnerability ASUS revealed a critical lack of security that affect the routers Aicloud Enabled, which can allow distant attackers to perform unauthorized performance on sensitive devices. Vulnerability tracked as Cve-2025-2492has a CVSS 9.2 mark with a maximum of 10.0. “Incorrect vulnerability by authentication management exists in a specific series of asus firmware”, Asus – Note In advisory. “This vulnerability can be caused by a developed request, which can lead to unauthorized functions.” The disadvantage was addressed with the firmware updates for the following branches – 3.0.0.4_382 3.0.0.4_386 3.0.0.4_388, and 3.0.0.6_102 For optimal protection it…