Aggregator

三个世界

三个世界

Jscambler claims at least 17 sites have been infected with web skimmers, including Casio’s

Как система распознавания лиц разделила общество.

Hello, cybersecurity enthusiasts!  January may often feel like a slow month, but at ANY.RUN, we’ve been hard at work behind the scenes, focusing on system and threat coverage updates.  As the new year kicked off, our team dived straight into fine-tuning the platform, optimizing performance, and strengthening detection capabilities.  Now that February is here, let’s […]

The post Release Notes: System Updates, New YARA and Suricata Rules, Signatures, and More appeared first on ANY.RUN's Cybersecurity Blog.

База будет доступна для силовиков, банков и других регулирующих органов.

Taiwan has become the latest country to ban government agencies from using Chinese startup DeepSeek's Artificial Intelligence (AI) platform, citing security risks. "Government agencies and critical infrastructure should not use DeepSeek, because it endangers national information security," according to a statement released by Taiwan's Ministry of Digital Affairs, per Radio Free Asia. "DeepSeek

​Food delivery company GrubHub disclosed a data breach impacting the personal information of an undisclosed number of customers, merchants, and drivers after attackers breached its systems using a service provider account. [...]

A new macOS malware variant, dubbed “FlexibleFerret,” has been identified targeting developers and job seekers as part of an ongoing North Korean phishing campaign. Despite Apple’s recent signature updates to its XProtect malware detection tool, this latest variant demonstrates the ability to bypass protections, raising new concerns about macOS cybersecurity. FlexibleFerret belongs to a broader […]

The post FlexibleFerret Malware Attacking macOS Users, Evading XProtect Detections appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

С приходом нового президента США переписывают социальную реальность в федеральных базах данных.

A new cyberattack technique has emerged, enabling attackers to bypass Endpoint Detection and Response (EDR) systems while operating under a low-privileged standard user account.  Traditionally, EDR evasion requires elevated privileges, such as administrative or system-level access.  However, this innovative approach leverages masquerading and path obfuscation to disguise malicious payloads as legitimate processes, deceiving both automated […]

The post New Attack Technique to Bypassing EDR as Low Privileged Standard User appeared first on Cyber Security News.

A security vulnerability has been disclosed in AMD's Secure Encrypted Virtualization (SEV) that could permit an attacker to load a malicious CPU microcode under specific conditions. The flaw, tracked as CVE-2024-56161, carries a CVSS score of 7.2 out of 10.0, indicating high severity. "Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local

Игровые чаты Roblox превращаются в ловушку.

A vulnerability, which was classified as problematic, has been found in Samsung Email up to 6.1.94.2. This issue affects some unknown processing. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2025-20894. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Samsung Media Controller. This vulnerability affects unknown code. The manipulation leads to improper export of android application components. This vulnerability was named CVE-2025-20902. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Samsung EasySetup up to 11.1.17. It has been classified as problematic. Affected is an unknown function of the component Communication Handler. The manipulation leads to use of implicit intent for sensitive communication. This vulnerability is traded as CVE-2025-20896. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Samsung PushNotification and classified as critical. This vulnerability affects unknown code. The manipulation leads to improper access controls. This vulnerability was named CVE-2025-20899. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Samsung Media Controller. This vulnerability affects unknown code. The manipulation leads to improper export of android application components. This vulnerability was named CVE-2025-20902. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Samsung Secure Folder. This affects an unknown part. The manipulation leads to improper export of android application components. This vulnerability is uniquely identified as CVE-2025-20897. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Samsung Blockchain Keystore 1.3.12.1/1.3.13.5/1.3.16. This affects an unknown part. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2025-20901. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.