Author: Admin
Actor threats known as Room Since November 2024, he has been connected with a number of current companies aimed at Colombian institutions and state structures. “Monitoring companies are oriented – Note In a new analysis. “More than 1,600 victims were injured during one of these companies, which took place approximately December 19, 2024. This infection level is significant, given the purposeful approach to APT.” The room, active with at least 2018, is also monitored as Aguilaciega, Apt-C-36 and Apt-Q-98. It know For its hyper-specific targets for legal entities in South America, in particular Colombia and Ecuador. The attacks of the…
March 11, 2025Red LakshmananNetwork security / vulnerability According to the new results of the Cto Ctrl team, which were inflicted on non-professional TP-Link Larher routers, the new Botnet company, dubbed Ballista. “BotNet uses the Vulnerability of the Remote Code (RCE) in the TP-Link Archer routers (CVE-2013-1389) to automatically distribute on the Internet,” said the security researchers and Mattlman in technical technical technical report Share with Hacker News. Cve-2013-1389 This is a high-speed security disadvantage affecting the TP-Link Archer Ax-21 routers that can lead to team introduction, which can then pave the way for remote code. A the earliest evidence Active…
March 11, 2025Hacker NewsChecking Modeling / penetration Cybersecurity is a bilateral sword. Organizations often work under a false sense of securityAssuming that the vulnerabilities, modern tools, polished dashboards and luminous risk results guarantee safety. The reality is a slightly different story. In the real world, checking the right boxes is not equal. As the Sun Tsu, “Strategy without tactics is the slowest path to winning. Strategy tactics are noise before defeat.” Two and a half millennium concept is still preserved: Protecting cybersecurity of your organization must be strategically confirmed under real conditions To make sure your business is very survival.…
Inside the most innocent appearance, an exciting landscape or a ridiculous meme, can hide something dangerous, waiting for its moment to hit. No amazing file names. No antivirus warnings. Just a harmless picture, secretly hiding the useful load that can steal the data, perform malicious software and capture your system without traces. This is Steganography, a secret weapon weapon to conceal malicious code inside the harmless files. By built data into the images, the attackers eliminate the detection, relying on individual scenarios or processes for extracting and performing a hidden useful load. Let’s figure out how it works, why it’s…
March 11, 2025Red LakshmananICS / vulnerability security Moxa Taiwanese has released a security update to address a critical security deficiency that affects PT switches that can allow the attacker to bypass authentication guarantees. Vulnerability tracked as Cve-2014-12297The CVSS V4 9.2 was assigned with a maximum of 10.0. “Multiple Moxa PT switches are vulnerable to the bypass authentication due to deficiencies in the mechanism of their authorization,” the company – Note In a consultative issue released last week. “Despite the server check on the client and rear -level side, the attackers can use weaknesses in its implementation. This vulnerability can allow…
March 11, 2025Red LakshmananCyber -Spying / Marine Security Marine and logistics companies in South and Southeast Asia, the Middle East and Africa became the object of an advanced threat (APT), called Sidewinder. The attacks observed by the Caspersorski in 2024 spread to Bangladesh, Cambodia, Djibouti, Egypt, the United Arab Emirates and Vietnam. Other tasks of interest include nuclear power plants and infrastructure in South Asia and Africa, as well as telecommunications, consulting, IT companies, real estate and hotel agencies. In the form of wider expansion of its mark, Sidewinder also directed diplomatic structures in Afghanistan, Algeria, Bulgaria, China, India, Maldives,…
March 11, 2025Red LakshmananEnterprise safety / vulnerability Cybersecurity and US Infrastructure Agency (CISA) added Five Safety Disadvantages affecting Veracore and Ivanti Endpoint (EPM) to their famous exploited vulnerabilities (Ship) A catalog based on evidence of active exploitation in the wild. The list of vulnerabilities is the following – Cve-2024-57968 – Unlimited file upload vulnerability in Veracore’s commitment, which allows a remotely unauthorized attacker to upload files to unintentional folders using Upload.apsx Cve-2025-25181 – SQL injections in Veracore’s attachment, which allows remote attackers to perform arbitrary SQL commands Cve-2014-13159 – The absolute way of vulnerability of the path to Ivanti EPM,…
March 10, 2025Red LakshmananCybersecurity / malicious software Cybersecurity researchers have demonstrated a new technique that allows you to expand the malicious browser to bring themselves for any installed additions. “Polymorphic extensions create a pixel perfect copy of the target icon, HTML Popup, work processes and even temporarily disables the legitimate expansion, making it extremely convincing to the victims that they provide real expansion, Squarex – Note In a report published last week. The proclamated powers can then be abused by the threat of internet capture and gain unauthorized access to sensitive personal and financial information. The attack affects all chromium-based…
March 10, 2025Red LakshmananTheft of data / cryptocurrency The Middle East and North Africa have been the goal of a new company that provides a modified version of well -known malware called Assembly Since September 2024. “The company that uses social media to distribute malware is related to the current geopolitical climate of the region,” positive researchers – Note in an analysis published last week. “The attackers accept malicious software in legal accounts in online files or telegrams created specifically for this purpose.” The company estimates that since the fall of 2024 approximately 900 victims, the Russian cybersecurity company added,…
The need for single security Google Workspace is where the teams cooperate, share ideas and get a job. But although it makes it easier to work, it also creates new security problems. Cybercriminals are constantly developing, finding ways to use incorrect conditions, theft of sensitive data and user accounts. Many organizations try to secure their environment by combining different safety tools, hoping that several layers of protection will keep them safe. But in reality, this flap approach often creates blind spots, making it more difficult – no easier – to protect against threats. In order to truly ensure Google Workspace…