Author: Admin
Caspersorsky refers to Mare’s head up to twelve, focusing on Russian structures through common C2 servers
March 21, 2025Red LakshmananMalicious software / cyber -ataka Two well -known clusters by threats called cadence -headed goals, and twelve, probably united their strength to target Russian formations, new results are revealed. “The main mare has greatly relied on the twelve -related tools. In addition – Note. “This suggests that potential cooperation and joint companies between two groups.” Both Head of mare and Twelve Previously, Caspersorski was recorded in September 2024, and the former vulnerability was used in Winrar (CVE-2023-3831) to obtain the initial access and delivery of malicious programs, and in some cases, even families of ransom, such as…
Uat-5918 is aimed at an important Taiwan infrastructure using web shells and open source tools
March 21, 2025Red LakshmananHunting the threat / vulnerability The threatening scaffolds have discovered a new threatening actor called UAT-5918, which attacks Taiwan in Taiwan’s critical infrastructure since at least 2023. “Uat-5918, actor threats that are believed – Note. In addition to critical infrastructure, some other targeted verticals include information technology, telecommunications, academies and health care. Say uat-5918 is said Volts typhoon. Flax typhoon. Tropical landing. Land estriaand Dalbit. The attack networks organized by the group provides for its initial access, using the N-day security deficiencies in unprocessed Internet servers and applications that are exposed to the Internet. The fixing is…
March 21, 2025Red LakshmananRansomware / Byovd The threats of the actors standing for Jellyfish Operation Ransomware-How Service (RAAS) was observed with the help of a malicious driver called Abrasion Bring your own vulnerable driver (Byovd) An attack intended for disconnecting anti-sanatorium tools. Elastic security laboratories said she observed an attack on Medusa’s ransom, which delivered a slate with a loader packaged using a Packer-A-A-Service (PAAS) called Heartcrypt. “This loader was deployed together with a recalled driver signed by a Chinese provider we called Abyssworker, which he sets by the victim’s car and then uses the purpose and silence of various…
March 21, 2025Red LakshmananCybercrime / Cyber -Spy Chinese Group advanced permanent threat (APT). known as Water panda It was associated with a “global spy company”, which took place in 2022, aimed at seven organizations. These organizations include governments, Catholic charities, non -governmental organizations (NGOs), as well as analytical centers across Taiwan, Hungary, Turkey, Thailand, France and the USA. The activity, which took place within 10 months between January to October 2022, was named Eset Fishmedley. “Operators used implants-back, Shadowpad, Sodamaster and Spyder-which are common or exclusive – Note In the analysis. Water pandaIt is also called a bronze university, charcoal,…
March 21, 2025Red LakshmananCyber -aataka / vulnerability According to the two deficiencies affecting Sans Internet Storm Center. A Two vulnerabilities of a critical evaluation over the question given below – Cve-2024-20439 (CVSS assessment: 9.8) – Having undocumented static account users for an administrative account that the attacker could use to enter the affected system Cve-2024-20440 (CVSS assessment: 9.8) – a vulnerability that arises from -wit the excessively long -word debug log that can apply to access such files by means of a http request and get credentials that can be used to access API Successful exploitation of disadvantages can allow…
March 20, 2025Red LakshmananAnalysis of malicious programs / threats Video on YouTube that promote cheats games Concea Probably focusing on Russian users. “What is intriguing in this malicious program is how much it collects,” Caspersorsky – Note In the analysis. “It seizes information about VPN and gaming customers, as well as all kinds of network utilities such as NGROK, Playit, CyberDuck, Filezilla and Dyndns.” The attack networks provide for the sharing of the links to the archive, protected by the password on the YouTube video, which at the opening unpack the bath.bat package, which is responsible for obtaining another archive…
March 20, 2025Red LakshmananCybersecurity / vulnerability Agency for cybersecurity and US infrastructure (CISA) has added Lack of safety at high speed affectingShip) Catalog, citing evidence of active exploitation. The vulnerability in question is the CVE-2024-48248 (CVSS: 8.6), an absolute traverse mistake that can allow you to read files on the target host, including sensitives, such as “/etc/shadow” through the endpoint “/c/rm.”. This affects all versions of the software to version 10.11.3.86570. “Backup and replication Nakivo contains the absolute path of vulnerability that allows the attackers to read arbitrary files,” Cisa said in the advisory. Successful lack of lack can allow…
March 20, 2025Red LakshmananUpdate vulnerability / software Veeam has released security updates to address a critical security deficiency that affects its backup software and replication, which can lead to the remote code. Vulnerability tracked as Cve-2025-23120Carries CVSS 9.9 out of 10.0. This affects 12.3.0.310 and all previous versions 12. “The vulnerability that allows you – Note in a consultation released on Wednesday. Petr Basidlo Safety Researcher with Watchtowr was credited and the shortage report, which was resolved in version 12.3.1 (collection 12.3.1139). According to Bazydlo and Researcher Sina Hirha, CVE-2025-23120 stems from the inconspicuous management of the VEEAM desserization mechanism,…
Compliance with the regulatory requirements no longer raises concern about large enterprises. Small and medium-sized enterprises (SMB) are increasingly undergoing stiff protection and safety rules such as HIPAA, PCI-DSS, CMMC, GDPR and FTC protection rules. However, many SMB are struggling to comply with the requirements with limited IT resources that develop normative requirements and complex security problems. Recent data show that in the US approximately 33.3 million SMB, and 60% and no longer meet at least one regulatory standard. This means that almost 20 million SMB can be at risk of fines, security violations and reputation damage. For managed service…
Cybersecurity is not just another box in your business business. This is a fundamental pillar of survival. As the organizations are increasingly migrating their activities in the cloud, understanding how to protect their digital assets, it becomes decisive. A Model General LiabilityAttached with the Microsoft 365 approach, it offers the basis for understanding and implementing effective cybersecurity measures. The essence of general liability Think about cloud security as a well -kept building: Property Head processes structural integrity and common areas, while tenants provide their individual units. Similarly, the general responsibility model creates a clear division of security duties between Cloud…