menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Info. Security News News

Info. Security News News

source image

Securityaffairs

14h

read

87

img
dot

Image Credit: Securityaffairs

Attackers exploited SonicWall SMA appliances since January 2025

  • Threat actors have been exploiting a remote code execution flaw in SonicWall SMA appliances since January 2025.
  • The vulnerability, CVE-2021-20035, allows remote authenticated attackers to inject arbitrary commands and potentially execute code.
  • The flaw affects SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v devices, and the vendor patched it in September 2021.
  • SonicWall SMA 100 series appliances have been targeted in an active campaign to steal VPN credentials using default or weak passwords.

Read Full Article

like

5 Likes

source image

Hackingblogs

1d

read

10.4k

img
dot

Image Credit: Hackingblogs

Samsung Phones Exposed to Major Security Vulnerabilities!

  • Millions of Samsung phones are saving passwords in plain text in the clipboard, posing a serious security vulnerability.
  • The clipboard in Samsung phones saves all copied content, including passwords, indefinitely and without auto-delete settings.
  • Samsung is aware of the issue but has not yet addressed it.
  • The lack of urgency in resolving the vulnerability exposes users to potential theft or leakage of passwords.

Read Full Article

like

17 Likes

source image

Sentinelone

1d

read

274

img
dot

Image Credit: Sentinelone

The Good, the Bad and the Ugly in Cybersecurity – Week 16

  • The Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs received funding from CISA to continue operation, ensuring cybersecurity efforts and response to threats globally.
  • CVE plays a vital role as a common language in the cybersecurity landscape, assigning standardized identifiers to vulnerabilities for coordinated responses.
  • The launch of the CVE Foundation aims to transition CVE into a more independent and sustainable model for the future.
  • On the downside, cybercriminals are exploiting AI-based tools like Gamma for phishing campaigns, deceiving victims with PDF attachments and spoofed login pages.
  • Abuse of trusted platforms like Gamma and Cloudflare enables attackers to evade email security checks and harvest credentials through sophisticated phishing tactics.
  • AI tools like AkiraBot are also being used to flood websites with spam, showcasing the growing trend of AI-driven cyber threats.
  • Mustang Panda, a China-linked APT group, has been identified launching cyberattacks with updated malware tools targeting organizations in Myanmar.
  • Security researchers discovered new variants of Mustang Panda's TONESHELL backdoor and tools like StarProxy for lateral movement and keyloggers PAKLOG and CorKLOG for data collection.
  • The use of SplatCloak, an EDR evasion driver, by Mustang Panda highlights their focus on evading detection and enhancing their cyber capabilities.
  • Mustang Panda's long history of targeting governments and organizations in East Asia showcases their persistent evolution in cyber operations and tactics.
  • The group's techniques, including DLL sideloading and customized malware, emphasize operational efficiency and stealth in their cyber campaigns.

Read Full Article

like

16 Likes

source image

Securityaffairs

1d

read

120

img
dot

Image Credit: Securityaffairs

U.S. CISA adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog

  • U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog.
  • CISA added Apple products and Microsoft Windows NTLM vulnerabilities to its Known Exploited Vulnerabilities catalog.
  • Apple released security updates to address two vulnerabilities impacting iOS, iPadOS & macOS, which have been exploited in sophisticated attacks.
  • Microsoft fixed a Windows NTLM hash disclosure spoofing vulnerability, which has been actively exploited since March.

Read Full Article

like

7 Likes

source image

Socprime

1d

read

100

img
dot

Image Credit: Socprime

Accelerating Threat Detection with Uncoder AI’s “Short AI-generated Summary”

  • SOC Prime's Uncoder AI offers the Short AI-generated Summary feature for faster and clearer security operations.
  • Uncoder AI's Short AI-generated Summary transforms complex detection queries into human-readable insights in seconds.
  • The feature enabled a SOC analyst to parse a complicated Google SecOps detection rule related to Windows Defender Application Control (WDAC) policy file creation.
  • The AI summary provided a concise explanation of the detection logic, helping in rapid triage and confident validation of its intent.

Read Full Article

like

6 Likes

source image

Hackersking

2d

read

253

img
dot

Image Credit: Hackersking

How To Install Kali NetHunter Lite On Any Android Device

  • This blog provides a guide on how to install Nethunter Lite on any rooted Android device.
  • Prerequisites include having a rooted device with Magisk and installing BusyBox.
  • Download the suitable version of Kali NetHunter Lite based on your device's hardware details.
  • Use Magisk module to flash the downloaded file and reboot the device to access Nethunter applications.

Read Full Article

like

15 Likes

source image

Amazon

2d

read

184

img
dot

Image Credit: Amazon

Announcing AWS Security Reference Architecture Code Examples for Generative AI

  • AWS has released new Security Reference Architecture (SRA) code examples for securing generative AI workloads.
  • The code examples include comprehensive capabilities for secure model inference and RAG implementations.
  • Ready-to-deploy CloudFormation templates are provided for implementing detective security controls like network segmentation, identity management, encryption, prompt injection detection, and logging and monitoring.
  • The examples align with the AWS SRA Design Guidance and aim to help customers secure their generative AI implementations.

Read Full Article

like

11 Likes

source image

Amazon

2d

read

173

img
dot

Image Credit: Amazon

How to help prevent hotlinking using referer checking, AWS WAF, and Amazon CloudFront

  • AWS WAF Classic has been deprecated, and the post describes how to use the latest version of AWS WAF (WAFv2) to prevent hotlinking.
  • Hotlinking can lead to slow loading times, lost revenue, and potential legal issues for the original site.
  • AWS WAF integrated with Amazon CloudFront can help protect web applications against common web exploits.
  • The article explains using header inspection in AWS WAF to prevent hotlinking while using a CDN like CloudFront.
  • Two approaches are detailed: one with a separate subdomain and the other with content under the same domain.
  • The first approach involves validating the Referer header, while the second approach adds filtering by path.
  • AWS WAF configurations include web access control lists, rules, match conditions, and filters.
  • The prerequisites include setting up a CloudFront distribution before configuring an AWS WAF web ACL.
  • Testing the rules involves using cURL commands to verify proper protection against hotlinking.
  • Further enhancements like rate-limiting, bot mitigation, and DDoS protections can be implemented with AWS WAF.

Read Full Article

like

10 Likes

source image

Hackersking

2h

read

85

img
dot

Image Credit: Hackersking

Robots Dot to Dot Nattapong: The Creative Future of EdTech & Robotics

  • Innovative idea 'Robots Dot to Dot Nattapong' merges robotics, artistry, and education to introduce STEM concepts creatively.
  • This approach combines robotic designs and dot-to-dot drawings to facilitate early-age learning of robotics and logic.
  • The method enhances skills like critical thinking, hand-eye coordination, and pattern recognition crucial for coding and engineering.
  • Dot to Dot Nattapong teaches children to envision robots in a mechatronic way, integrating mechanical structure and design.
  • The approach blends art, engineering, coding, and robotics, offering a holistic learning experience for young learners.
  • Educationally, this technique bridges EdTech and STEAM, engaging students through a medium they resonate with.
  • It aids in teaching visual learning, logic in sequence, enticement, STEM subjects, and the amalgamation of technical and creative aspects.
  • The creator behind 'Robots Dot to Dot Nattapong' likely focuses on developing educational content supporting creative learning in robotics.
  • This innovation envisions equal learning opportunities in robotics, potentially evolving into interactive applications and global learning communities.
  • Such creative learning approaches reshape traditional education molds, fostering creativity and technical skills in learners of all ages.

Read Full Article

like

5 Likes

source image

Securityaffairs

1d

read

241

img
dot

Image Credit: Securityaffairs

ASUS routers with AiCloud vulnerable to auth bypass exploit

  • ASUS warns of an authentication bypass vulnerability in routers with AiCloud enabled.
  • The vulnerability, tracked as CVE-2025-2492, allows unauthorized execution of functions on the device.
  • The vulnerability can be exploited by sending a specially crafted request.
  • ASUS recommends updating firmware and using strong, unique passwords to mitigate the risk.

Read Full Article

like

14 Likes

source image

Sentinelone

1d

read

3

img
dot

Image Credit: Sentinelone

Security Gotchas for AWS Architects

  • Teri Radichel discusses common security pitfalls in AWS environments, emphasizing the importance of addressing security issues at an architectural level to reduce risks effectively.
  • She highlights the significance of avoiding faulty logic in security policies that may create gaps for attackers to exploit.
  • An example provided is the ineffective use of boolifexists in IAM policies, which could bypass MFA enforcement.
  • The article stresses the need to address security problems comprehensively by considering the overall attack surface.
  • Various solutions are suggested, such as network restrictions, external IDs, limiting access, encryption, separation of duties, and monitoring for misuse of credentials.
  • The discussion extends to the risks associated with getting rid of AWS access keys and implementing alternative authentication methods like OIDC and browser-based MFA.
  • Concerns about vulnerabilities in browser-based MFA methods, phishing attacks, and securing MFA tokens are addressed in the context of overall security.
  • The importance of understanding the evolving attack surface, considering security solutions in broader architectural contexts, and monitoring systems for threats is highlighted.
  • SentinelOne emphasizes the significance of evidence-based risk prioritization, proactive and autonomous cloud security measures, and rapid threat detection and response.
  • Through Singularity Cloud, SentinelOne offers solutions to verify exploitable risks, correlate activities across environments, and respond autonomously to threats.

Read Full Article

like

Like

source image

Hackingblogs

1d

read

9.4k

img
dot

Image Credit: Hackingblogs

Fake WhatsApp & Telegram Preinstalled on Chinese Android Phones: Millions Lost to Crypto-Stealing Malware

  • Fake WhatsApp & Telegram pre-installed on Chinese Android phones are infected with spyware that steals cryptocurrency.
  • Trojanized programs can scan photos for wallet seed phrases, spoof update links, and steal clipboard data.
  • The malware campaign is impacting low-cost Chinese phones, with more than 40 pre-installed apps compromised.
  • Users are advised to be cautious when interacting with unknown phone manufacturers and to use reliable programs and antivirus apps to protect their devices.

Read Full Article

like

24 Likes

source image

Securityaffairs

2d

read

46

img
dot

Image Credit: Securityaffairs

Entertainment venue management firm Legends International disclosed a data breach

  • Legends International disclosed a data breach from November 2024 that affected employees and visitors to its managed venues.
  • Legends International is a global leader in sports and entertainment venue management, specializing in delivering comprehensive solutions for stadiums, arenas, and attractions.
  • On November 9, 2024, Legends International detected unauthorized activity on its IT systems, took action to stop it, and launched an investigation with the help of external cybersecurity experts.
  • The company confirmed that a review is underway to determine if personal data was involved and is offering 24 months of free Experian IdentityWorks as a precaution.

Read Full Article

like

2 Likes

source image

Dev

2d

read

35

img
dot

Image Credit: Dev

Automating Compliance Reporting in GRC

  • Automating compliance reporting in GRC can save time, improve data accuracy, and support smarter decision-making.
  • Manual compliance processes can lead to human errors, time-consuming documentation reviews, difficulty scaling, and delayed insights.
  • High-impact areas to automate in compliance reporting include control monitoring, evidence collection, incident tracking and categorization, and policy compliance dashboards.
  • Platforms like ServiceNow GRC, AuditBoard or LogicGate, Power BI/Tableau, or custom scripts with Confluence/Jira can be helpful in automating GRC processes.

Read Full Article

like

2 Likes

source image

Securityaffairs

2d

read

263

img
dot

Image Credit: Securityaffairs

China-linked APT Mustang Panda upgrades tools in its arsenal

  • China-linked APT group Mustang Panda deployed a new custom backdoor, MQsTTang, in recent attacks targeting Europe, Asia, and Australia.
  • The APT group has been active since at least 2012, targeting American and European entities as well as Asian countries.
  • Recent campaigns of APT Mustang Panda utilized European Union reports on the conflict in Ukraine as lures to deploy malware.
  • The group has introduced new tools such as MQsTTang backdoor, StarProxy lateral movement tool, and several keyloggers for enhanced stealth and functionality.

Read Full Article

like

15 Likes

For uninterrupted reading, download the app