Author: Admin
In November 2024, in November 2024, focused on the unnamed Asian software program and services, it provided for the use of a malicious tool used exclusively cyber spying used in China. “During the attack at the end of 2024, the attacker opened a clear set of tools previously used by a Chinese actor in classical espionage attacks,” the hunting team on Symantec, part Broadcom, – Note In a report that shared with Hacker News. “In all previous invasions related to the instruments, the attacker seemed to be engaged in classical espionage seemingly interested solely in maintaining permanent presence in the…
February 13, 2025Red LakshmananNetwork security / vulnerability Palo Alto Networks turned to high-speed security lack in its Pan-OS software, which could lead to bypass authentication. Vulnerability tracked as Cve-2025-0108Carries CVSS 7.8 out of 10.0. However estimate is reduced to 5.1 if access to management interface is limited jump. “Authentication software on Palo Alto Setworks Pan-OS networks allows unauthorized attackers with network access to the management web interface to get around authentication, otherwise requires Pan-OS web interface and causes certain scenarios”, “Palo Alto Networks” – Note In advisory. “When referring to these PHP scenarios, the removed code does not allow, it…
February 13, 2025Red LakshmananMalicious software / cyber -beno Senior hunting shed light on a new company aimed at the Ministry of Foreign Affairs of the unnamed South American nation with ordered malicious software capable of providing remote access to infected hosts. The activity revealed in November 2024 was referred to as an elastic security laboratory with the cluster threats he monitored as Ref7707. Some other goals include telecommunications connections and university located in Southeast Asia. “While Ref7707 is characterized by a well-engine, highly capable, new penetration set, companies have shown poor management companies and inconsistent evading practices,” Andrew PiS and…
Subgroup in a shameful Russian state group known as Pepperner was associated with a long -standing initial access operation called Badpilot, which stretched around the world. “This subgroup conducted a globally diverse compromise of the infrastructure that stands on the Internet to allow SEASHELL snowstorms to be stored on high values and maintain individual network operations,” Microsoft intelligence team is threatened. – Note In a new report that shared with Hacker News on the eve of the publication. The geographical distribution of the initial access goals includes all North America, several European countries, as well as others, including Angola, Argentina,…
February 12, 2025Red LakshmananThe safety of the container / vulnerability Cybersecurity researchers have found a bypass for the NVIDIA container’s safety vulnerability, which can be used to escape the container and gain full access to the main host. New vulnerability is tracked as Cve-2025-2359 (CVSS assessment: 8.3). This affects the following versions – Nvidia Container Toolkit (all versions up to 1.17.3) – recorded in version 1.17.4 GPU Nvidia operator (all versions up to 24.9.1) – recorded in version 24.9.2 ‘NVIDIA container’s tools for Linux contains time of use (Bakery) Vulnerability when used with the default configuration where a container image…
February 12, 2025Hacker NewsAI safety / data protection Ciso relies themselves more involved in AI team, often leading interfunctional efforts and AI strategy. But not much resources that will guide them on how their role should look like and how they should bring to these meetings. We have assembled the basis for security leaders to help push AI Committees and Committees further in accepting II – providing them with the necessary visibility and fences to succeed. Get acquainted with a clear basis. If security groups want to play a key role in traveling on the II organization, they must take…
February 12, 2025Red LakshmananPatch on Tuesday / vulnerability Microsoft on Tuesday released fixes for 63 security deficiencies The impact on its software products, including two vulnerabilities, which, he said, came into active exploitation in the wild. Of the 63 vulnerabilities, three are evaluated critical, 57 – important, one is estimated moderately and two are low. It is besides 23 flaws Microsoft appealed to her browser based on Chromium from last month’s exit Update on Tuesday patch. The update is characteristic of correction of two actively exploited disadvantages – Cve-2025-21391 (CVSS assessment: 7.1) – Exaltation of storage Windows vulnerability Cve-2025-21418 (CVSS…
February 12, 2025Red LakshmananIT -Security / Cybercrime Actor threats associated with North Korea known as Kimas It was noted using the new tactic that provides for the deception of the PowerShell launch as an administrator, and then instruct them to install and run the malicious code provided by them. “To perform this tactic, the actor threats is masked as an official of the South Korean government and over time creates a connection with the purpose before sending an email spear with pdf (SIC),”-intelligence group by Microsoft – Note In a series of messages divided into X. To read the intended…
February 12, 2025Red LakshmananNetwork security / vulnerability Iuti is liberated Security updates to solve multiple security disadvantages that affect Secure (ICS), Secure (IPS) and Cloud Services (CSA) app that can be used to achieve arbitrary code. List of vulnerabilities below – Cve-2024-38657 (CVSS Assessment: 9.1) – External Management File Title in Ivnti Connect Secure To version 22.7r2.4 and Ivanti Policy Secure to version 22.7r1.3 Allows remote authenticated attacker with administrator’s privileges to write arbitrary files Cve-2025-22467 (CVSS assessment: 9.9) – Stack -based buffer overflow to Ivanti Connect Secure to version 22.7r2.6 Allows Remote Authentic Attacks to Remove Remote Code Cve-2014-10644…
February 11, 2025Red LakshmananMobile Security / Machine Learning Google has entered to clarify that the recently submitted Android Safetycore app is not performing any Scan on the client’s side content. “Android provides a lot of conspiracy protection that protects users from threats such as malicious software, spam and abuse protection, as well as protection against scam while maintaining users’ privacy and supporting users control over their data,” the company spoke Hacker News News If you refer to the comments. “Safetycore is a new Google System System System for Android 9+ devices that provides infrastructure on your device for reliable and…