Aggregator

A major telecommunications company located in Asia was allegedly breached by Chinese state-sponsored hackers who spent over four years inside its systems, according to a new report from incident response firm Sygnia. The cybersecurity company is tracking the activity under the name Weaver Ant, describing the threat actor as stealthy and highly persistent. The name of the telecom provider was not

Researchers from Reversing Labs have identified two malicious Visual Studio Code (VS Code) extensions that are distributing ransomware to unsuspecting developers. The extensions, named “ahban.shiba” and “ahban.cychelloworld,” are currently under development and pose a significant threat to users who install them, as per a report shared in X. VS Code, one of the most popular […]

The post Malicious VS Code Extensions Target Developers with ShibaCoin Ransomware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated phishing campaign has been uncovered by Silent Push threat analysts, employing the browser-in-the-browser (BitB) technique to target gamers, particularly those playing Counter-Strike 2 on the Steam platform. This campaign involves creating fake but realistic browser pop-up windows that mimic legitimate login pages, aiming to deceive users into divulging their Steam account credentials. The […]

The post New Phishing Attack Uses Browser-in-the-Browser Technique to Target Gamers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

根据世界气象组织发布的《2024 年全球气候状况》报告，多项气候指标创下记录。报告确认，2024 年可能是第一个比前工业时代高出 1.5°C 的日历年，全球平均近地表温度比 1850-1900 年的平均值高出了 1.55 ± 0.13 °C。2024 年是 175 年观测记录中最暖的一年。报告显示：大气中二氧化碳浓度达到了过去80万年来的最高水平。在全球范围内，过去十年中的每一年都位列有记录以来最暖的十年。在过去的八年中，每一年都创下了海洋热含量的新纪录。北极海冰面积最小的 18 个记录都出现在过去 18 年中。南极冰盖三次最小面积均出现在过去三年中。有记录以来最大的三年冰川质量损失均发生在过去三年。自有卫星测量以来，海平面上升的速率已翻了一番。

Неожиданные открытия в глубинах Земли меняют представления о внеземной жизни.

SDN offers a flexible, intelligent solution to address these challenges, empowering platforms to optimize performance, allocate resources effectively, enhance security and deliver seamless user experiences. 

The post Addressing Security Challenges in Cloud-Based Social Networks appeared first on Security Boulevard.

Citizen Lab has a new report on Paragon’s spyware:

Key Findings:

• Introducing Paragon Solutions. Paragon Solutions was founded in Israel in 2019 and sells spyware called Graphite. The company differentiates itself by claiming it has safeguards to prevent the kinds of spyware abuses that NSO Group and other vendors are notorious for.
• Infrastructure Analysis of Paragon Spyware. Based on a tip from a collaborator, we mapped out server infrastructure that we attribute to Paragon’s Graphite spyware tool. We identified a subset of suspected Paragon deployments, including in Australia, Canada, Cyprus, Denmark, Israel, and Singapore.
  ...

The post Report on Paragon Spyware appeared first on Security Boulevard.

关键词Windows微软近日宣布，其Remote Desktop（远程桌面）应用将于2025年5月27日正式结

关键词信息安全当地时间3月24日，美国《大西洋月刊》主编杰弗里·戈德伯格发文披露，自己被意外拉入美国政府高层讨

关键词网络安全近日，美国休斯顿的一名55岁程序员戴维斯·卢因在其前雇主公司的系统中植入恶意代码，导致公司系统崩

Name: Bloom Clues CTF (an Bloom Clues CTF event.)
Date: Feb. 28, 2025, 9:30 a.m. — 01 March 2025, 00:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Location: Bloomsburg, PA
Offical URL: https://bloomclues-ctf.ctfd.io/home
Rating weight: 0.00
Event organizers: Bloomsburg Broskies

Organizations now use an average of 112 SaaS applications—a number that keeps growing. In a 2024 study, 49% of 644 respondents who frequently used Microsoft 365 believed that they had less than 10 apps connected to the platform, despite the fact that aggregated data indicated over 1,000+ Microsoft 365 SaaS-to-SaaS connections on average per deployment. And that’s just one major SaaS provider.

安卓恶意软件活动正在利用 .NET MAUI 框架逃避检测。这些威胁伪装成合法服务，窃取用户的敏感信息。

A vulnerability, which was classified as problematic, was found in Enea Overclokk Stellissimo Text Box Plugin up to 1.1.4 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-35752. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Sensei Pro WC Paid Courses Plugin up to 4.23.1.1.23.1 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-34765. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Yannick Lefebvre Link Library Plugin up to 7.6.3 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-35687. It is possible to launch the attack remotely. There is no exploit available.