Author: Admin
Cybersecurity researchers have warned of a “wide and permanent” SMS phishing company, which aims at paid road roads in the US for financial thefts since mid -October 2024. “Numerous attacks on the road are carried out by numerous financially motivated threats by the subjects using the Smishing set, developed” Wang Duo Yu. evaluated with moderate confidence. A Phishing -CompanyAccording to the company, it stands for US electronic fence collection systems such as E-ZPASS, sending SMS messages and apple zessages to private persons by Washington, Florida, Pennsylvania, Virginia, Texas, Ohio, Illinois and Kansas about unpaid value. Worth noting some aspects of…
A new multi -stage attack has been noted, which provides malware such as Tesla options, Remcos Rat and Xloader. “The attackers are increasingly counting on such complex delivery mechanisms to avoid detection, bypassing traditional sandboxes and ensuring successful delivery and execution of useful load,” “Palo Alto Networks Unit 42 Researcher Sakib Hanzada” – Note In the company’s technical record. The starting point of the attack is a deceptive letter that presents the request for the malicious attachment of the 7-ZIP archive, which contains the JavaScript file coded (.jse). The e -mail, which was observed in December 2024, falsely claimed that…
April 18, 2025Hacker NewsSaas Security / Shadow It Your employees did not want to expose sensitive data. They just wanted to move faster. So they used the chat to summarize the deal. Uploaded the spreadsheet into the AI -enhanced AI tool. Built -in chat in salesforce. Nothing wrong – until it’s. If it sounds familiar, you are not alone. Most security teams are already lagging behind the detection of how AI’s tools calmly redo their Saas environments. And as long as the warning is caused – if it even exists – the damage can already be done. This is not…
April 18, 2025Red LakshmananIoT / malicious software safety Cybersecurity researchers warn of the constant risks provided by distributed malicious software refusal (DDOS) XorddosFrom 71.3 percent of the attacks between November 2023 and February 2025, sent to the US. “From 2020 to 2023, Trojan Xorddos has increased significantly in prevalence,” Cisco Talos Joey researcher – Note In the Thursday analysis. “This trend is not only due to the widespread global distribution of the Triana XordDOS, but also to the impact on the malicious DNS-related and control (C2). Almost 42 percent of compromised devices are located in the US, then Japan, Canada,…
April 18, 2025Red LakshmananSecurity / vulnerability Windows Cybersecurity and US Infrastructure Agency (CISA) on Thursday on Thursday added Lack of high school security that affects Microsoft Windows to known exploited vulnerabilities (Ship) Catalog, subsequent reports of active exploitation in the wild. Vulnerability assigned to CVE ID Cve-2025-24054 (CVSS assessment: 6.5), this is a new Windows Local Network Manager (Ntlm) The hash -spinning fake bug that Microsoft was secured last month as part of the patch upgrade on Tuesday. NTLM is a hereditary authentication protocol that Microsoft is officially outdated last year in favor of Kerberos. In recent years, the threats…
Chinese actor threats known as Mustang Panda He was linked to cyber -napad aimed at an uncertain organization in Myanmar with previously unrelated instruments, emphasizing the constant efforts from the subjects threat to enhanced and the effectiveness of his malware. These include updated versions of the famous rear Toneas well as a new side motion tool called Starproxy, two Keylogger cadencies Splatcloak. “Toneshell, the back of the Mustang Panda, was updated with changes in its FAKETLS Command and Control (C2) communications protocol, as well as in customer IDs creation and storage methods,” said the Zscaler OPHERLABZ SINGH IN A IN…
Several hacking groups funded by the state from Iran, North Korea and Russia have been found to use the increasingly popular CLICFIX social engineering tactics to deploy malware over three months from the end of 2024 to early 2025. Phisching companies taking strategy were attributed to clusters tracking Ta427 (Kimusuki), Ta450 (AKA MUDDYWATER, UNK_REMOTEROGE, and Ta422 (AKA APT28). Clickfix was the initial access methodology, primarily related to cybercrime groups, although the effectiveness of the approach also led to the adoption of nation -states. “Inclusion Clickfix does not revolutionize companies conducted by TA427, Ta450, Unk_remoterogue and Ta422, and instead replaces the…
April 17, 2025Red LakshmananCybersecurity / malicious software Microsoft draws attention to the permanent Malvertising company that uses Node.js to provide malicious loads capable of theft of information and data exports. Activity For the first time discovered In October 2024, lures related to cryptocurrency trading were used to trick users to install a robber from fraudulent sites that are masked as legal software, such as Binance or Tradingview. The downloaded installation comes in a dynamic reference library (“Customactions.dll”), which is responsible for harvesting basic system information using the Windows Management (WMI) instrument and sustainability settings through the planned task. In an…
April 17, 2025Hacker NewsPassword safety / Blockchain Blockchain is most famous for its use in cryptocurrencies such as Bitcoin, but also has significant applications for authentication online. Because businesses in different sectors are increasingly covered by blockchain safety tools, can technology once replace passwords? How does blockchain work Blockchain is a safe way to maintain, encrypt and exchange digital transactions. The benefits of its safety follow from its decentralized character: this Distributed books can refer to participants of different nodesAnd this is invariably. All users retain control as a group, that is, no person can change the book. How can…
April 17, 2025Red LakshmananVulnerability / safety network A critical security vulnerability was disclosed in Erlang/Open Telecom Platform (OTP) Introducing SSH, which can allow the attacker to perform an arbitrary code under certain conditions. Vulnerability tracked as Cve-2025-32433Received the maximum CVSS 10.0 score. “The vulnerability allows the attacker with the network access to the Erlang/OTP SSH server to perform arbitrary code without pre -authentication,” – researchers of the Ruhr Bochum Fabian Bäumer, Marcus Brinkmann, Marcel Maehren and Jörg Schwenk – Note. The problem follows from improper processing of SSH reports, which essentially allow the attacker to send reports of the connection…