Author: Admin
March 18, 2025Red LakshmananFraud with Advertising / Mobile Security Cybersecurity researchers have warned of a large-scale ad falsification campaign that used hundreds of malicious applications published in Google Play store to serve full-screen advertising and conduct phishing over. “In the app – Note In a report that shared with Hacker News. The details of the activity were For the first time disclosed At the beginning of this month (IAS) (IAS), documented the opening of more than 180 applications that were designed to deploy endless and intrusive full-screen interstitial video advertising. The Advertising Fraud Scheme was a couple. These applications, which…
March 18, 2025Red LakshmananCyber -bue / malicious software Hated hunters shed more light on Previously discovered The campaign of malicious programs conducted by the Chinese, leveled by the Chinese mirror threat that directed a diplomatic organization in the European Union with the back of Anel. The attack found by ESET at the end of August 2024, nominated the Central -European diplomatic institute with baits related to Word exhibitionThe planned to start in Japan in Osaki next month. Activities was named code name Operation Akairyū (Japanese for Reddragon). Active with at least 2019, Mirrorface is also called the ground porridge. This…
March 18, 2025Hacker NewsAuthentication / Identity Security While OKTA provides reliable security features, configuration drift, identity distribution and misuse can enable the attackers to find their way. This article covers four key ways to actively support OKTA as part of your personnel security efforts. Okta serves as a cornerstone of identity and security control for organizations around the world. However, this fame has made it the main goal for cybercriminals seeking access to valuable corporate identities, applications and sensitive data. While OKTA provides reliable security features and recommended best practices, maintaining proper security control requires constant vigilance. Drift configuration, identity…
Microsoft draws attention to the new remote access of Trajan (Rat) named Motionless This states that they use advanced methods of detection of the parties and are stored in the target conditions for the ultimate purpose of stealing sensitive data. Malicious software contains “steal information in the target system, such as the credentials stored in the browser, digital wallet, data stored in the clipboard, and system information”, the Microsoft response team team – Note In the analysis. The technical giant stated that he had discovered Stilachirat in November 2024, and his features of the rats are present in the dll…
March 17, 2025Red LakshmananVulnerability / safety online The recently disclosed lack of security, which affects Apache Tomcat, was actively exploited in the wild after publishing public evidence (POC) only 30 hours after public disclosure. Vulnerability tracked as Cve-2025-24813affects the above versions – Apache Tomcat 11.0-M1 to 11.0.2 Apache Tomcat 10.0-M1 to 10.1.34 Apache Tomcat 9.0-M1 to 9.0.98 This concerns the case Record the Enable for the default serulet (disabled by default) Partial Class Support (Enabled by default) Target URL for sensitive safety is loaded, which is the submarine target URL for public downloads Knowledge of the attacker about the names…
March 17, 2025Red LakshmananWeb -Security / Cyber -Ugrosis The malicious actors operate cascading sheets (CSS) used for the style and formatting of the web page layout, to bypass spam -filters and tracking users. This is according to the new Cisco Talos findings, which states that such harmful actions may endanger the safety and privacy of the victim. “The features available in CSS allow attackers and spammers to track users’ actions and preferences, though several dynamic content features (such as JavaScript) are limited in e -mail compared to webbrazers,” Talos omid Mirzaei researcher – Note In a report published last week.…
March 17, 2025Red LakshmananBotnet / vulnerability UNLOOned Security Lack of Safety, which affects the Edimax IC-7100 network camera Options for malicious Mirat Botnet programs Since at least May 2024. Vulnerability in question Cve-2015-1316 (CVSS V4 Evaluation: 9.3), a critical operating system of a team injection that the attacker can use to achieve a remote code on sensitive devices with a specially designed request. Akamai Web Infrastructure and Security Company said the earliest attempt to operate for the shortage of May 2024, although there was an exploitation proof of the concept (POC) Publicly available Since June 2023. “The expluent is directed…
March 17, 2025Hacker NewsCloud security / intelligence threats The latest Palo Alto Networks UNIT 42 report has shown that sensitive data is in a 66% cloud storage bucket. This data is vulnerable to the ransomware attacks. Institute of Sans Recently reported What these attacks can be carried out by abuse of cloud suppliers’ security and default settings. “Only in the last few months, I have witnessed two different methods for the ransom attack, using nothing but legitimate cloud security functions,” Brandon Evans warns, security consultant and certified SANS instructor. Halcyon has opened an attack company that used one of Amazon…
March 17, 2025Red LakshmananVulnerability / cloud security Cybersecurity researchers pay attention to the incident in which the popular GitHub TJ-Actions/Change-Files were compromised to leak secrets from storage, using the workflow of continuous integration and permanent delivery (CI/CD). A incident related TJ-action/Changed movies GitHub action used in more than 23,000 repositories. It is used to track and search all modified files and directors. The compromise of the supply chain has been assigned an ID CVE Cve-2025-30066 (CVSS assessment: 8.6). The incident is said to have happened somewhere until March 14, 2025. “In this attack, the attackers changed the action code and…
March 15, 2025Red Lakshmanan Safety malicious programs / chains of supply Cybersecurity researchers have warned of a malicious campaign aimed at Python Package (Pypi) repository users disguised as “time”, but the withdrawal of hidden functionality to steal sensitive data such as cloud access tokens. Software Price Chain Safety Firm Reversinglabs – Note He discovered two sets of packages totaling 20 of them. The packages were cumulatively loaded more than 14 100 times – Snapshot-Photo (2448 boot) Check time (316 boot) Check time-server (178 boot) Analysis of time-server (144 boot) Temporary server analyzer (74 boot) Time-server test (155 boot) Check time…