A naukri.com initiative
Info. Security News News
Securityaffairs
14h
87
Image Credit: Securityaffairs
Attackers exploited SonicWall SMA appliances since January 2025
- Threat actors have been exploiting a remote code execution flaw in SonicWall SMA appliances since January 2025.
- The vulnerability, CVE-2021-20035, allows remote authenticated attackers to inject arbitrary commands and potentially execute code.
- The flaw affects SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v devices, and the vendor patched it in September 2021.
- SonicWall SMA 100 series appliances have been targeted in an active campaign to steal VPN credentials using default or weak passwords.
Read Full Article
5 Likes
Hackingblogs
1d
10.4k
Image Credit: Hackingblogs
Samsung Phones Exposed to Major Security Vulnerabilities!
- Millions of Samsung phones are saving passwords in plain text in the clipboard, posing a serious security vulnerability.
- The clipboard in Samsung phones saves all copied content, including passwords, indefinitely and without auto-delete settings.
- Samsung is aware of the issue but has not yet addressed it.
- The lack of urgency in resolving the vulnerability exposes users to potential theft or leakage of passwords.
Read Full Article
17 Likes
Sentinelone
1d
274
Image Credit: Sentinelone
The Good, the Bad and the Ugly in Cybersecurity – Week 16
- The Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs received funding from CISA to continue operation, ensuring cybersecurity efforts and response to threats globally.
- CVE plays a vital role as a common language in the cybersecurity landscape, assigning standardized identifiers to vulnerabilities for coordinated responses.
- The launch of the CVE Foundation aims to transition CVE into a more independent and sustainable model for the future.
- On the downside, cybercriminals are exploiting AI-based tools like Gamma for phishing campaigns, deceiving victims with PDF attachments and spoofed login pages.
- Abuse of trusted platforms like Gamma and Cloudflare enables attackers to evade email security checks and harvest credentials through sophisticated phishing tactics.
- AI tools like AkiraBot are also being used to flood websites with spam, showcasing the growing trend of AI-driven cyber threats.
- Mustang Panda, a China-linked APT group, has been identified launching cyberattacks with updated malware tools targeting organizations in Myanmar.
- Security researchers discovered new variants of Mustang Panda's TONESHELL backdoor and tools like StarProxy for lateral movement and keyloggers PAKLOG and CorKLOG for data collection.
- The use of SplatCloak, an EDR evasion driver, by Mustang Panda highlights their focus on evading detection and enhancing their cyber capabilities.
- Mustang Panda's long history of targeting governments and organizations in East Asia showcases their persistent evolution in cyber operations and tactics.
- The group's techniques, including DLL sideloading and customized malware, emphasize operational efficiency and stealth in their cyber campaigns.
Read Full Article
16 Likes
Securityaffairs
1d
120
Image Credit: Securityaffairs
U.S. CISA adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog
- U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog.
- CISA added Apple products and Microsoft Windows NTLM vulnerabilities to its Known Exploited Vulnerabilities catalog.
- Apple released security updates to address two vulnerabilities impacting iOS, iPadOS & macOS, which have been exploited in sophisticated attacks.
- Microsoft fixed a Windows NTLM hash disclosure spoofing vulnerability, which has been actively exploited since March.
Read Full Article
7 Likes
Socprime
1d
100
Image Credit: Socprime
Accelerating Threat Detection with Uncoder AI’s “Short AI-generated Summary”
- SOC Prime's Uncoder AI offers the Short AI-generated Summary feature for faster and clearer security operations.
- Uncoder AI's Short AI-generated Summary transforms complex detection queries into human-readable insights in seconds.
- The feature enabled a SOC analyst to parse a complicated Google SecOps detection rule related to Windows Defender Application Control (WDAC) policy file creation.
- The AI summary provided a concise explanation of the detection logic, helping in rapid triage and confident validation of its intent.
Read Full Article
6 Likes
Hackersking
2d
253
Image Credit: Hackersking
How To Install Kali NetHunter Lite On Any Android Device
- This blog provides a guide on how to install Nethunter Lite on any rooted Android device.
- Prerequisites include having a rooted device with Magisk and installing BusyBox.
- Download the suitable version of Kali NetHunter Lite based on your device's hardware details.
- Use Magisk module to flash the downloaded file and reboot the device to access Nethunter applications.
Read Full Article
15 Likes
Amazon
2d
184
Image Credit: Amazon
Announcing AWS Security Reference Architecture Code Examples for Generative AI
- AWS has released new Security Reference Architecture (SRA) code examples for securing generative AI workloads.
- The code examples include comprehensive capabilities for secure model inference and RAG implementations.
- Ready-to-deploy CloudFormation templates are provided for implementing detective security controls like network segmentation, identity management, encryption, prompt injection detection, and logging and monitoring.
- The examples align with the AWS SRA Design Guidance and aim to help customers secure their generative AI implementations.
Read Full Article
11 Likes
Amazon
2d
173
Image Credit: Amazon
How to help prevent hotlinking using referer checking, AWS WAF, and Amazon CloudFront
- AWS WAF Classic has been deprecated, and the post describes how to use the latest version of AWS WAF (WAFv2) to prevent hotlinking.
- Hotlinking can lead to slow loading times, lost revenue, and potential legal issues for the original site.
- AWS WAF integrated with Amazon CloudFront can help protect web applications against common web exploits.
- The article explains using header inspection in AWS WAF to prevent hotlinking while using a CDN like CloudFront.
- Two approaches are detailed: one with a separate subdomain and the other with content under the same domain.
- The first approach involves validating the Referer header, while the second approach adds filtering by path.
- AWS WAF configurations include web access control lists, rules, match conditions, and filters.
- The prerequisites include setting up a CloudFront distribution before configuring an AWS WAF web ACL.
- Testing the rules involves using cURL commands to verify proper protection against hotlinking.
- Further enhancements like rate-limiting, bot mitigation, and DDoS protections can be implemented with AWS WAF.
Read Full Article
10 Likes
Hackersking
2h
85
Image Credit: Hackersking
Robots Dot to Dot Nattapong: The Creative Future of EdTech & Robotics
- Innovative idea 'Robots Dot to Dot Nattapong' merges robotics, artistry, and education to introduce STEM concepts creatively.
- This approach combines robotic designs and dot-to-dot drawings to facilitate early-age learning of robotics and logic.
- The method enhances skills like critical thinking, hand-eye coordination, and pattern recognition crucial for coding and engineering.
- Dot to Dot Nattapong teaches children to envision robots in a mechatronic way, integrating mechanical structure and design.
- The approach blends art, engineering, coding, and robotics, offering a holistic learning experience for young learners.
- Educationally, this technique bridges EdTech and STEAM, engaging students through a medium they resonate with.
- It aids in teaching visual learning, logic in sequence, enticement, STEM subjects, and the amalgamation of technical and creative aspects.
- The creator behind 'Robots Dot to Dot Nattapong' likely focuses on developing educational content supporting creative learning in robotics.
- This innovation envisions equal learning opportunities in robotics, potentially evolving into interactive applications and global learning communities.
- Such creative learning approaches reshape traditional education molds, fostering creativity and technical skills in learners of all ages.
Read Full Article
5 Likes
Securityaffairs
1d
241
Image Credit: Securityaffairs
ASUS routers with AiCloud vulnerable to auth bypass exploit
- ASUS warns of an authentication bypass vulnerability in routers with AiCloud enabled.
- The vulnerability, tracked as CVE-2025-2492, allows unauthorized execution of functions on the device.
- The vulnerability can be exploited by sending a specially crafted request.
- ASUS recommends updating firmware and using strong, unique passwords to mitigate the risk.
Read Full Article
14 Likes
Sentinelone
1d
3
Image Credit: Sentinelone
Security Gotchas for AWS Architects
- Teri Radichel discusses common security pitfalls in AWS environments, emphasizing the importance of addressing security issues at an architectural level to reduce risks effectively.
- She highlights the significance of avoiding faulty logic in security policies that may create gaps for attackers to exploit.
- An example provided is the ineffective use of boolifexists in IAM policies, which could bypass MFA enforcement.
- The article stresses the need to address security problems comprehensively by considering the overall attack surface.
- Various solutions are suggested, such as network restrictions, external IDs, limiting access, encryption, separation of duties, and monitoring for misuse of credentials.
- The discussion extends to the risks associated with getting rid of AWS access keys and implementing alternative authentication methods like OIDC and browser-based MFA.
- Concerns about vulnerabilities in browser-based MFA methods, phishing attacks, and securing MFA tokens are addressed in the context of overall security.
- The importance of understanding the evolving attack surface, considering security solutions in broader architectural contexts, and monitoring systems for threats is highlighted.
- SentinelOne emphasizes the significance of evidence-based risk prioritization, proactive and autonomous cloud security measures, and rapid threat detection and response.
- Through Singularity Cloud, SentinelOne offers solutions to verify exploitable risks, correlate activities across environments, and respond autonomously to threats.
Read Full Article
Like
Hackingblogs
1d
9.4k
Image Credit: Hackingblogs
Fake WhatsApp & Telegram Preinstalled on Chinese Android Phones: Millions Lost to Crypto-Stealing Malware
- Fake WhatsApp & Telegram pre-installed on Chinese Android phones are infected with spyware that steals cryptocurrency.
- Trojanized programs can scan photos for wallet seed phrases, spoof update links, and steal clipboard data.
- The malware campaign is impacting low-cost Chinese phones, with more than 40 pre-installed apps compromised.
- Users are advised to be cautious when interacting with unknown phone manufacturers and to use reliable programs and antivirus apps to protect their devices.
Read Full Article
24 Likes
Securityaffairs
2d
46
Image Credit: Securityaffairs
Entertainment venue management firm Legends International disclosed a data breach
- Legends International disclosed a data breach from November 2024 that affected employees and visitors to its managed venues.
- Legends International is a global leader in sports and entertainment venue management, specializing in delivering comprehensive solutions for stadiums, arenas, and attractions.
- On November 9, 2024, Legends International detected unauthorized activity on its IT systems, took action to stop it, and launched an investigation with the help of external cybersecurity experts.
- The company confirmed that a review is underway to determine if personal data was involved and is offering 24 months of free Experian IdentityWorks as a precaution.
Read Full Article
2 Likes
Dev
2d
35
Image Credit: Dev
Automating Compliance Reporting in GRC
- Automating compliance reporting in GRC can save time, improve data accuracy, and support smarter decision-making.
- Manual compliance processes can lead to human errors, time-consuming documentation reviews, difficulty scaling, and delayed insights.
- High-impact areas to automate in compliance reporting include control monitoring, evidence collection, incident tracking and categorization, and policy compliance dashboards.
- Platforms like ServiceNow GRC, AuditBoard or LogicGate, Power BI/Tableau, or custom scripts with Confluence/Jira can be helpful in automating GRC processes.
Read Full Article
2 Likes
Securityaffairs
2d
263
Image Credit: Securityaffairs
China-linked APT Mustang Panda upgrades tools in its arsenal
- China-linked APT group Mustang Panda deployed a new custom backdoor, MQsTTang, in recent attacks targeting Europe, Asia, and Australia.
- The APT group has been active since at least 2012, targeting American and European entities as well as Asian countries.
- Recent campaigns of APT Mustang Panda utilized European Union reports on the conflict in Ukraine as lures to deploy malware.
- The group has introduced new tools such as MQsTTang backdoor, StarProxy lateral movement tool, and several keyloggers for enhanced stealth and functionality.
Read Full Article
15 Likes
For uninterrupted reading, download the app