Author: Admin
04 February 2025Hacker NewsVulnerability / cloud security Microsoft has released patches to address two security deficiencies that affect the Azure AI Face and Microsoft account that can allow malicious actors to escalate their privileges under certain conditions. Disadvantages are below – Cve-2025-21396 (CVSS assessment: 7.5) – Exaltation of Microsoft account vulnerability Cve-2025-21415 (CVSS assessment: 9.9) – Azure AI Personal Exaltation Vulinity “Bypass authentication by fake Azure AI Face Service allows the authorized attackers to raise privileges over the network,” Microsoft in CV-2025-21415, counted an anonymous researcher for the shortage of the deficiency. The CVE-2025-21396, on the other hand, stems from…
04 February 2025Red LakshmananVulnerability / SharePoint Cybersecurity researchers have revealed details of the vulnerability affecting Microsoft affecting Microsoft Connector SharePoint upon Platform of Power This, if used successfully, can allow the threat to gather the user’s powers and subsequent next attacks. This may manifest as actions after operation that allows the attacker to send requests to API SharePoint on behalf of the withdrawal user, allowing unauthorized access to sensitive data, the said. “This vulnerability can be used via Power Automate, Power Apps, Copilot Studio and Copilot 365, which greatly expands the scale of potential damage,” said the senior security researcher…
Attack surfaces grow faster than they may keep up with security teams – you need to know what the attackers are most likely to struck. Given the adoption cloud, the ease of exposing new systems and services on the Internet dramatically increases, the priority threats and the control of the attack in terms of the attacker have never been more important. In this guide we consider why the attack surfaces grow and how to properly control and manage them properly Tools like an attacker. Let’s plunge. What is your surface surface? First, it is important to understand what we mean…
03 February 2025Red LakshmananFinancial security / malicious software Windows Brazilian users are the purpose of the company that provides a bank malicious software called Coyote. “After the deployment of Trojan Coyote Banking can carry out various malicious activities, including keys, screenshots and displaying the submitted phisching for theft of sensitive credentials,” – Researcher Fortinet Fortiguard Labs Cara Lin – Note in an analysis published last week. Cybersecurity company has stated that a few Windows (LNK) artifacts that contain PowerShell teams responsible for the delivery of malware have been identified over the last month. Coyote was First documented In early 2024,…
03 February 2025Red LakshmananOpen Source / Software The Python Python registry registry registry has announced a new feature that allows the packages to archive the project within the framework of efforts to improve the safety of the supply chain. “Now supporters can archive a project that informs users that the project will not receive more updates,” Facundo Tutca, Senior Engineer at Trail Of Bits, – Note. Doing this, the idea is to clearly inform the developers that Python libraries are no longer actively supported and no future security fixes should be expected. Given this, the projects marked as archival will…
03 February 2025Red LakshmananVulnerability / safety network Up to 768 vulnerabilities with the designated CVE ID has been reported as exploited in the wild in 2024, which compared to 639 CE in 2023, registering by 20% increased compared to last year. Describing 2024 as “another banner for threats aimed at operating vulnerabilities”, Vulncheck – Note It is known that 23.6% of the well -known exploited vulnerabilities (KEV) were armed either a day or before the day when CVE was publicly disclosed. This means a slight decrease from 26.8%2023, indicating that attempts can occur at any time in the vulnerability cycle.…
Russian gang on cybercrime, known as insane evil, has been associated with more than 10 scams in social media that use a wide range of individuals StealAtomic MacOS Theft (aka Amos), and An angel drain. “Specializing in fraud with identity, theft of cryptocurrency and malicious software involved in information, Crazy Eal – Note In the analysis. The use of a variety of Arsenal Cryptoscam group is a sign that the actor threatens on users of both Windows and MacOS systems, which creates a risk to a decentralized financing ecosystem. Crazy evil was rated active, at least since 2021, functioning in…
01 February 2025Red LakshmananPrevention of cybercrime / fraud The United States and Dutch law enforcement agencies have announced that 39 domains and related servers have been dismantled as part of the Internet market violations from Pakistan. The action, which took place on January 29, 2025, was named Blocker operation. A huge range of sites in question, pierced phishing sets and tools that contribute to fraud, and it managed a group known as Sim again, at least 2020, which is also known as the HeartSEnder. Then these proposals were used by transnational organized crimes to orientation on several victims in the…
01 February 2025Red LakshmananVulnerability / zero day Beyondtrust found that he had completed an investigation into a recent cybersecurity incident that sent some deleted SAAS support cases using the compromised API key. The company said the violation provided 17 remote support for SAAS customers, and that the API key was used to include unauthorized access by dropping local applications. The violation was first noted on December 5, 2024. “The investigation has determined that the vulnerability of the zero day of the third application was used to receive access to the Internet action on the account outside AWS,” the company -…
01 February 2025Red LakshmananPrivacy / Observation On Friday, Metawapp said on Friday that it had violated a campaign that provided for the use of spyware to orientation for journalists and civil society. The company aimed at about 90 members provided for the use of spyware from an Israeli company known as Paragon Solutions. The attackers were neutralized in December 2024. In A statement For The Guardian, the encrypted messaging application stated that she had appealed to the affected users, saying that he had “high confidence” that users were aimed and “possibly compromised.” It is now unknown who is behind the…