Author: Admin

02 May 2025Red LakshmananPassword safety / window A year after Microsoft announced Passkeys support for consumer accounts, the technological giant has announced a big shift that pushes people who are signed on new credentials to use the phishing authentication method by default. “Absolutely new Microsoft accounts will now” default “,” Microsoft Joy Chik and Vasu Jakkal – Note. “New users will have several options without a password for signing them in their account, and they will never need to enroll your password. Existing users may visit their account settings to delete their password.” The Windows manufacturer said he also simplified…

01 May 2025Red LakshmananMalicious software / network Cybersecurity researchers spilled light on a new company aimed at WordPress that mask malicious software as a safety plugin. The plugin, which goes under the name “wp-tsymalwary-bot.php” comes with different features to maintain access, hide from the administrator’s dashboard and the remote code. “Also included is the functionality of the jacket that can report the command and control (C&C) server, as well as the code that helps distribute malicious software into other catalogs and introduces malicious JavaScript, which is responsible for advertising service,” Marco Wotchka Wordfence, Marco Wotchka WordFence ” – Note In…

Russian companies were sent as part of a large -scale phishing Darkwatchman. The targets include organizations in the media, tourism, financing and insurance, production, retail, energy, telecommunications, transport and biotechnology sectors, Russian cybersecurity company F6 – Note. Activities are evaluated as a financially motivated group called Hive0117, which has been attributed to IBM X-Force for attacks Aimed at users of Lithuania, Estonia and Russia, which cover telecommunications, electronic and industrial sectors. Then in September 2023, Darkwatchman’s malicious software was again used In the field of phishing campaign aimed at energy, finance, transport and safety software based in Russia, Kazakhstan, Latvia…

01 May 2025Red LakshmananArtificial intelligence / misinformation Artificial Intelligence Company (AI) Anthropic has disclosed that unknown threatening subjects used their Claude Chatbot for “influence as a service” on interaction with valid accounts on Facebook and X. It is said that the complex activity, called financially motivated, used its AI tool for the orchestration of 100 different persons on two social media platforms, creating a network “politically aligned accounts”, which was engaged in “10 thousand” authentic accounts. Anthropic researchers who have now been destroyed, noted that prioritizing persistence and longevity over vital force and sought to strengthen the moderate political perspectives…

Safety Operations Teams (SOC) face a fundamentally new problem-trading tools of cybersecurity cannot detect advanced opponents who have become experts to evade the defense based on the final points and signature detection systems. The reality of these “invisible attackers” is a significant need for a multilayer approach to detecting threats, including decisions for network detection and response (NDR). The invisible problem of the attacker Imagine that your network was compromised – not today or yesterday, but months ago. Despite your significant investment in the safety tools running 24/7, the advanced opponent moves quietly on your systems, gently avoiding detection. They…

For over ten years, the security group has been faced with rigid irony: the more advanced the steel detection tools, the less useful their results have turned out. As the alerts from the static analysis tools, scanners and cve databases grew, the best security promise became more far away. In its place, the new reality became interested – one definitely by fatigue and overloaded teams. According to security eye 2025 Application Safety Reportstaggering 95-98% Appsec notice do not require action – And in fact it can harm organizations more than help. Our research, which covers more than 101 million security…

01 May 2025Red LakshmananZero day / threat of intelligence The Enterprise Data Commvault data platform showed that an unknown actor on the threat of a nation-state violated its Microsoft Azure Wednesday using CVE-2025-3928, but stressed that there is no evidence of unauthorized access to the data. “This activity has affected the small number of customers we have in common with Microsoft and we work with these customers to assist,” the company – Note In updates. “It is important to note that there has been no unauthorized access to customer backup data that Commvault retain and protect, and a significant impact…

01 May 2025Red LakshmananVulnerability / safety vpn Sonicwall showed that two security deficiencies were used in the wild that affect its safe mobile access (SMA). The vulnerabilities in question are below – Cve-2023-44221 (CVSS Assessment: 7.2) – Incorrect neutralization of special elements in the SMA100 SSL -VPN management interface allows for remote authenticated attackers with the administrative privilege for the introduction of arbitrary commands as a “no one” that potentially leads to vulnerability Cve-2024-38475 (CVSS assessment: 9.8) – Invalid escape from exit to MOD_REWRITE to Apache HTTP Server 2.4.59 and earlier allow the attacker to display the URL to submit…

April 30, 2025Red LakshmananArtificial Intelligence / Email Security As the artificial intelligence field (AI) continues to develop at a rapid pace, new studies have revealed as methods that make a model context (Mcp) sensitive to Surgical attacks of injections can be used to develop safety tools or detect malicious tools according to New Report from Tenable. MCP launched by anthropic in November 2024 is the basis designed to connect large language models (LLM) with external data sources and services, and use model tools to interact with these systems to enhance accuracy, relevance and usefulness of AI applications. Follows from the…

April 30, 2025Red LakshmananIntelligence threats / malicious software Cybersecurity researchers shed light on a Russian-speaking cyber-spanning group called Nebulate Mantis, which since mid-2012 has launched a remote access trojed called Romcom Rat Rat. Romcom “uses additional evading methods, including tactics (Lotl) and encrypted command and control (C2), while constantly developing its infrastructure-Using bullet-permeable hosting to maintain persistence and detecting the detection Prodaft Prodaft Prodaft Prodaft Prodaft Prodaft Company Prodaft Prodaft Company Prodaft Prodaft Company Prostaft Company Prostaft Company Prostaft Company Prostaft – Note In a report that shared with Hacker News. Nubulous Mantis, also tracked by the cybersecurity community under…