Author: Admin

03 April 2025Red LakshmananPrivacy / vulnerability of data Cybersecurity researchers disclosed Details of the new vulnerability that affects the short Google data utility for Windows, which can be used to achieve service (DOS) or send arbitrary files to the target device without approval. The downside, tracked as Cve-2014-10668 (CVSS assessment: 5.9), this is bypass for two of the 10 deficiencies that were originally revealed by Safebreach Labs in August 2024 Quickshell. It was considered in the fast share for the Windows version 1.0.2002.2 after a responsible disclosure in August 2024. The investigation of these 10 vulnerabilities, which are collectively monitored…

03 April 2025Red LakshmananIntelligence threats / mobile security It has been found that fake versions of popular smartphone models sold at reduced prices Triad. “More than 2,600 users in different countries have encountered a new version of Triada, most in Russia,” Kaspersky – Note In the report. The infections were recorded between March 13 and 27, 2025. Triada – This is the name given to the Android modular family that was that was For the first time discovered In the Russian cybersecurity campaign in March 2016. Trojan remote access (rat), it is equipped for theft of a wide range of…

In one of the largest coordinated law enforcement operations, the authorities dismantled Kidflix, a streaming platform that offered sexual abuse material (CSAM). “A total of 1.8 million users worldwide entered the platform between April 2022 and March 2025,” “European Parliament – Note In a statement. “On March 11, 2025, the server, which contained about 72,000 videos at the time was confiscated by German and Dutch authorities.” The European Law Enforcement has described it as the largest operation that has been combined by the sexual exploitation of children. It was a codonomed operating stream. A perennial zonewhich began in 2022 and…

03 April 2025Red LakshmananCybersecurity / Intelligence threats Hated hunters warn of the complex Company Web Skimmer This uses an outdated application programming interface (API) with a payment processor to check the stolen payment information before exclusion. “This tactic guarantees that the attackers are sent only valid card data, making the operation more efficient and potentially more difficult to detect,” – JSCrambler Pedro Fortuna, David Alves and Pedro Marrucho Researchers – Note In the report. 49 merchants estimate have been hit by the company today. Fifteen compromised sites have taken steps to remove malicious scenarios. Activity is estimated as at least…

02 April 2025Red LakshmananCloud security / vulnerability Cybersecurity researchers have revealed details of the vulnerability of the escalation of privileges in the Google Cloud Cloud Platform (GCP), which could allow malicious actors to access container images and even introduce a malicious code. ‘Vulnerability can allow such an identity to abuse his audit audit – Note In a report that shared with Hacker News. Cybersecurity campaign was called a lack of security. After the responsible disclosure of Google, he addressed the problem since January 28, 2025. Google Cloud Run is a fully managed service to perform container applications in a scalable,…

02 April 2025Red LakshmananCrypto -Hockey / malicious software Cybersecurity researchers spilled light on “automatic proposal” called Botnet for mining cryptocurrency Ban (AKA DOTA) is known to be focused on SSH server with weak powers. “Outlaw-it’s malicious Linux software that rests on the SSH Bruth, Cryptocurrency mining and the spread of worms to infect and maintain control over systems,” elastic safety laboratory – Note in a new analysis published on Tuesday. By law is also the name given to the actor threatening for malicious software. He is believed to be of Romanian origin. Other hacking groups prevail Cryptojingingingeking includes 8220, Keksec…

02 April 2025Hacker NewsMatching / data protection Introduction As the cybersecurity landscape develops, service providers play an increasingly important role in maintaining sensitive data and compliance with sectoral rules. The National Institute of Standards and Technology (NIST) offers a comprehensive set of frames that provide a clear path to reliable cybersecurity practice. For service providers follow Nist standards is a strategic business solution. The fulfillment not only protects customer data, but also increases the authority, ordering the incident and provides a competitive advantage. A Step -by -step guide Designed to help service providers understand and implement Nist compliance for their…

02 April 2025Hacker NewsSurface / attack on the Internet When evaluating the external surface of the organization’s attacks get problems with encryption Special attention. Why? Their widespread use, complexity of configuration and visibility of the attackers, and users make them more likely. This emphasizes how important your SSL configurations are to maintain the security of your web application and minimize your attack surface. However research shows that most (53.5%) sites have inadequate security and that Weak SSL/TLS configuration is one of the most common apps. Get the correct SSL configuration and you increase your cyber resistance and save your apps…

02 April 2025Red LakshmananRedemption / Email Security A funded actor of a threat known as Fin7 was associated with the back of the found Android Banking Trojan the name of the same name) that can give them remote access to the impaired Windows systems. “This malicious software allows the attackers to perform the teams of remote shells and other system operations, giving them full control over the infected machine,” Swiss Cybersecurity Company – Note In the technical report of malicious software. Fin7, also called carbon spider, elbus, golden niagari, sangria and wild cow Russian Cybercrime Group famous for its is…

02 April 2025Red LakshmananDetection of threat / malicious software Cybersecurity researchers have discovered the updated version of the forklifts called Hijack Loader, which implements new features to eliminate and establish persistence on impaired systems. “The bypassing forces released a new module that implements the fake stack caused to hide the origin of functional calls (eg – Note In the analysis. “The bypass loader added a new module to check VM to detect malware analysis and sandbox.” The forklift, which was first discovered in 2023, offers the opportunity to deliver useful load in the second stage, such as the information malicious…