Author: Admin
09 April 2025Red LakshmananVulnerability / ransom Microsoft has found that now a turning lack of security that affects the usual Windows file file (CLFS) was used as a zero day in ransom attacks aimed at a small number of goals. “Objectives include organizations in information technology (IT) and US real estate sector, financial sector in Venezuela, Spanish software and retail in Saudi Arabia,” technological giant – Note. The vulnerability in question is the CVE-2025-29824, the privilege of the escalation in CLF, which can be used to achieve the privileges of the system. It was Redmond’s fixed As part of the…
09 April 2025Red LakshmananSecurity / vulnerability of the final points Microsoft has released security fixes to solve a massive set 126 deficiencies The impact on its software, including one vulnerability, which, he said, is actively exploited in the wild. Of the 126 vulnerabilities, 11 are evaluated critical, 112 are important and two are low in severity. Forty-nine of these vulnerabilities are classified as an escalation of privileges, 34 as removed code, 16 as disclosure of information, and 14-like bug refusal (DOS). Updates other than 22 Disadvantages The company fixed in its browser based on Chromium from the last month’s exit…
09 April 2025Red LakshmananSoftware / vulnerability Adobe is liberated Security updates to correct fresh sets of security flaws, including several critical errors in Coldfusion 2025, 2023 and 2021, which could lead to arbitrary file reading and code execution. Of 30 deficiency in product 11 are evaluated by critical in seriousness – Cve-2025-2446 (CVSS assessment: 9.1) – Incorrect vulnerability of entry check that may result in the read arbitrary file system Cve-2025-2447 (CVSS assessment: 9.1) – Deaserization of the unreliable vulnerability of the data that may lead to an arbitrary code Cve-2025-30281 (CVSS assessment: 9.1) – Incorrect vulnerability of access control…
Threatening actors were observed for the distribution of harmful loads such as miner cryptocurrencies and malware for Clipper via SpringA popular hosting service under the guise of shocked versions of legitimate applications such as Microsoft Office. “One of these projects, Officepackage, on the main site sourceforge.net, looks harmless enough, containing Microsoft Office supplements, copied from the legitimate GITHUB project, Caspersorski – Note In a report published today. “The description and content of the OfficePackage below were also taken from GitHub.” While each project created on sourceforge.net appointed A “.SourceForge.io “Domain Name, Russian Cybersecurity Company revealed that the OfficePackage” OfficePackage.Sourceforge (.)…
April 8, 2025Red LakshmananNetwork security / vulnerability Fortinet has released security updates to address a critical security lack that affects Fortiswitch, which can allow an attacker to make unauthorized password changes. Vulnerability tracked as Cve-2024-4887It carries the CVSS 9.3 with a maximum of 10.0. “Unverified vulnerability Password change (CWE-620) in Gui Fortiswitch can allow distant unauthorized attackers to change administrator’s passwords using a specially designed request,” Fortineet – Note In the Advisory, released today. Lack of the following versions – Fortiswitch 7.6.0 (update up to 7.6.1 and above) Fortiswitch 7.4.0 to 7.4.4 (update up to 7.4.5 and above) Fortiswitch 7.2.0…
April 8, 2025Red LakshmananCloud security / vulnerability Cybersecurity researchers have revealed details of the lack of security at Amazon EC2 Simple Systems Manager (SSM), which, if used successfully, can allow the attacker to reach the escalation and the code. Vulnerability can allow the attacker to create catalogs in unintentional places in the file system, perform arbitrary scenarios with root privileges and probably – Note In a report that shared with Hacker News. Amazon SSM Agent is a component of Amazon Web Services (AWS), which allows administrators to manage, customize and perform commands on EC2 instances and local servers. The software…
The emergency response team in Ukraine (CERT-UA) has disclosed A new set of cyberating attacks aimed at Ukrainian institutions with malicious programs involved in the information program. Activities are aimed at military entities, law enforcement agencies and local self -government bodies, especially those located near the eastern border of Ukraine, the agency reported. The attacks include the distribution of phishing sheets containing Macrosoft Excel Macrosoft (XLSM), which, when opening two parts of malicious programs, the PowerShell scenario taken from the party scenario Pssw100avb (“” PowerShell scenarios with 100% Bypas Avips “) repository GITHUB, which opens the return shell, and previously…
Safety Operations Centers (SOC) today face unprecedented alert volumes and more complex threats. Triating and investigations of these announcements are expensive, bulky and increase fatigue, burnout and decrease in analysts. While artificial intelligence has arisen as a decision, the term “AI” often blurs important differences. Not all AI built equal, especially in SoC. Many existing solutions are based on the assistant that requires a permanent person’s contribution, while the new wave of autonomous, agency II can potentially convert safety operations. This article is considered by Agentic AI (sometimes known as Agenens Security(We will also study practical considerations for security leaders…
April 8, 2025Red LakshmananCyber -aataka / vulnerability A recently disclosed The critical lack of security affecting Crushftp was added US Agency for Cybersecurity and Infrastructure (CISA) to known exploited vulnerabilities (Ship) Catalog after reporting active exploitation in the wild. A vulnerability This is the incident of Byipas authentication that can allow an unauthorized attacker to take sensitive instances. It was fixed In versions 10.8.4 and 11.3.1. “Crushftp contains authentication vulnerability in the HTTP authorization header, which allows a remotely unauthorized attacker to undergo any known or mentioned user account (eg, Crushadmin), which potentially leads to a complete compromise,” Cisa said…
April 8, 2025Red LakshmananMobile security / vulnerability Google has Starting patches For 62 vulnerabilities, two of which said they were used in the wild. Two vulnerabilities with high speed are below – Cve-2024-53150 . Cve-2024-53197 (CVSS assessment: 7.8) – lack of escalation of privileges in USB core core component “The most difficult of these issues is the critical safety vulnerability in the systemic components, which can lead to a distant escalation of privileges without additional privileges,” Google said in his monthly security newsletter in April 2025. “User interaction is not needed for operation.” The technical giant also acknowledged that both…