Author: Admin
January 22, 2025Ravi LakshmananDark Web / Cryptocurrency US President Donald Trump on Tuesday announced a “full and unconditional pardon” for Ross Ulbricht, the creator of the notorious Silk Road drug market, after he spent 11 years behind bars. “I just called the mother of Ross William Ulbricht to let her know that in honor of her and the Libertarian Movement that has so strongly supported me, I have just been pleased to sign a full and unconditional pardon for her son Ross,” Trump said in a message shared on Truth Social. “The scum who tried to convict him were some…
January 22, 2025Hacker newsRisk Assessment / Browser Security As GenAI tools and SaaS platforms become a staple in the employee toolbox, the risks associated with data exposure, identity vulnerabilities, and uncontrolled browsing have skyrocketed. Forward-thinking security teams are looking for security controls and strategies to address these risks, but they don’t always know which risks to prioritize. In some cases, they may have blind spots in the existence of risks. A new one to help additional risk assessment now available. The assessment will be customized for each organization’s viewing environment, assessing their risks and providing actionable information. Security and IT…
A previously undocumented Advanced Persistent Threat Group (APT) with China has been named PlushDaemon was linked to a supply chain attack targeting a South Korean virtual private network (VPN) provider in 2023, according to new ESET findings. “The attackers replaced the legitimate installer with one that also deployed the group’s proprietary implant, which we called SlowStepper, a multi-functional backdoor with a toolkit of over 30 components,” said ESET researcher Facunda Muñoz. said in a technical report shared with The Hacker News. PlushDaemon is believed to be a China-related group that has been active since at least 2019 and targets individuals…
January 22, 2025Ravi LakshmananVulnerability / Enterprise Security Oracle encourages customers to apply it Critical January 2025 patch update (CPU) to address 318 new security vulnerabilities covering its products and services. The most serious of the flaws is a flaw in the Oracle Agile Product Lifecycle Management (PLM) Framework (CVE-2025-21556, CVSS Score: 9.9) that could allow an attacker to seize control of sensitive instances. “Easily exploitable vulnerability allows low-privileged attackers with network access via HTTP to compromise the Oracle Agile PLM Framework,” it said description security holes in the NIST National Vulnerability Database (NVD). It should be noted that Oracle warned…
January 22, 2025Ravi LakshmananBotnet / network security Web infrastructure and security company Cloudflare said on Tuesday that it has detected and blocked a 5.6 terabits per second (Tbps) distributed denial of service (DDoS) attack, the largest attack reported to date. The UDP-based attack occurred on October 29, 2024. and was directed at one of the customers, an unnamed Internet Service Provider (ISP) in East Asia. The activity began with a Mirai- botnet option. “The attack lasted just 80 seconds and occurred from more than 13,000 IoT devices,” Cloudflare’s Omer Joachimik and Jorge Pacheco. said in the report. However, the average…
January 21, 2025Ravi LakshmananBotnet / Vulnerability Cyber security researchers have warned of a new large-scale campaign exploiting security flaws in AVTECH IP cameras and Huawei HG532 routers to connect devices to a Mirai botnet variant called Murdoc_Botnet. The ongoing activity “demonstrates advanced capabilities by exploiting vulnerabilities to compromise devices and create extensive botnet networks,” Qualys security researcher Shilpesh Trivedi said in an analysis. It is known that the company has been active since at least July 2024, p more than 1370 systems infected to date. Most of the cases of infection were located in Malaysia, Mexico, Thailand, Indonesia and Vietnam.…
January 21, 2025Ravi LakshmananEmail Security / Botnet A global network of around 13,000 compromised Mikrotik routers has been used as a botnet to spread malware through spam campaigns, latest addition to a list of botnets works on MikroTik devices. Infoblox Security Researcher David Brunsdon: The activity “takes advantage of misconfigured DNS records to communicate email protection techniques. said in a technical report published last week. “This botnet uses Mikrotik’s global network of routers to send malicious emails that appear to originate from legitimate domains.” The DNS security company that gave the company its code name Microprinting errorsaid his analysis was…
Former analyst working for the US Central Intelligence Agency (CIA) pleaded guilty to the transfer of top secret national defense information (NDI) to persons who did not have the necessary permission to receive it and tried to hide the activity. Asif William Rahman, 34, of Vienna, had been a CIA operative since 2016 and had a Top Secret clearance with access to classified classified information (SCI). He was is charged on two counts of illegal transfer of NDI in November 2024 after his arrest. He pleaded guilty to two counts of willful possession and transmission of classified information related to…
Imagine receiving a penetration test report that has more questions than answers. Questions like: “Have all the functionalities of the web application been tested?” or “Were there any security issues that could have been discovered during testing?” often remain unresolved, raising concerns about the thoroughness of security testing. This frustration is common among many security teams. Pentest reports, while critical, often lack the depth and detail needed to truly evaluate a project’s success. Even with years of experience working with cybersecurity teams and managing ethical hacking projects, we’ve often encountered the same challenges. Whether partnering with external pentest providers or…
January 21, 2025Ravi LakshmananCyber Attack / Windows Security Cybersecurity researchers are drawing attention to a series of cyberattacks targeting Chinese-speaking regions such as Hong Kong, Taiwan and mainland China using a known malware called ValleyRAT. The attacks use a multi-stage loader called PNGPlug to deliver the ValleyRAT payload, Intezer said in a technical report published last week. The chain of infection begins with a phishing page designed to encourage victims to download a malicious Microsoft Installer (MSI) package disguised as legitimate software. Once executed, the installer deploys a benign application to avoid suspicion and also stealthily extracts an encrypted archive…