Akira ransomware abuses CPU tuning tool to disable Microsoft Defender
Akira ransomware is abusing a legitimate Intel CPU tuning driver to turn off Microsoft Defender in attacks from security tools and EDRs running on target machines. [...]
Aggregator
Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams
1 month 2 weeks ago
The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google's official app storefronts under the guise of seemingly useful applications.
These apps masquerade as VPNs, device "monitoring" apps, RAM cleaners, dating services, and spam blockers, DNS threat intelligence firm Infoblox said in an exhaustive
The Hacker News
#BHUSA: Researchers Expose Infrastructure Behind Cybercrime Network VexTrio
1 month 2 weeks ago
According to Infoblox’s new report, the VexTrio cybercrime-enabling network originates from Italy and Eastern Europe
VexTrio Cybercrime Outfit Run by Legit Ad Tech Firms
1 month 2 weeks ago
New research reveals that a malicious traffic distribution system (TDS) is run not by "hackers in hoodies," but by a series of corporations operating in the commercial digital advertising industry.
Rob Wright
Думали — хлам, оказалось — революция. Забытая частица делает плетение анионов Изинга универсальным для квантовых компьютеров
1 month 2 weeks ago
Исследователи нашли применение тому, что раньше считалось «математическим мусором».
Threat Actors Exploit Smart Contracts to Drain Over $900K from Crypto Wallets
1 month 2 weeks ago
SentinelLABS has exposed a sophisticated series of cryptocurrency scams where threat actors distribute malicious smart contracts masquerading as automated trading bots, resulting in the drainage of user wallets exceeding $900,000 USD. These scams leverage obfuscated Solidity code deployed on platforms like the Remix Solidity Compiler, targeting Ethereum-based ecosystems. The campaigns, active since early 2024, employ […]
The post Threat Actors Exploit Smart Contracts to Drain Over $900K from Crypto Wallets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
Medusa Blog
1 month 2 weeks ago
You must login to view this content
cohenido
QilinSecuro
1 month 2 weeks ago
You must login to view this content
cohenido
Mustang Panda Targets Windows Users with ToneShell Malware Disguised as Google Chrome
1 month 2 weeks ago
The China-aligned threat actor Mustang Panda, also known as Earth Preta, HIVE0154, RedDelta, and Bronze President, has been deploying the ToneShell backdoor against Windows users, primarily targeting government and military entities in the Asia-Pacific and Europe. Active since at least 2012, the group leverages spear-phishing emails with military-themed lures to deliver malicious archives, such as […]
The post Mustang Panda Targets Windows Users with ToneShell Malware Disguised as Google Chrome appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
Akira and Lynx Ransomware Attacking Managed Service Providers With Stolen Login Credential and Vulnerabilities
1 month 2 weeks ago
Two sophisticated ransomware operations have emerged as significant threats to managed service providers (MSPs) and small businesses, with the Akira and Lynx groups deploying advanced attack techniques that combine stolen credentials with vulnerability exploitation. These ransomware-as-a-service (RaaS) operations have collectively compromised over 365 organizations, demonstrating their effectiveness in targeting high-value infrastructure providers that serve multiple […]
The post Akira and Lynx Ransomware Attacking Managed Service Providers With Stolen Login Credential and Vulnerabilities appeared first on Cyber Security News.
Tushar Subhra Dutta
Strong regulation can nudge automakers to improve customers’ privacy, research suggests
1 month 2 weeks ago
Fines from a state regulator pushed one car maker to improve the data privacy on its website and customer portal, and others seem to have taken notice, according to new ratings from the watchdog Privacy4Cars.
Tornado Cash cofounder dodges money laundering conviction, found guilty of lesser charge
1 month 2 weeks ago
Tornado Cash cofounder Roman Storm was found guilty of conspiring to operate an unlicensed money-transmitting business, while the jury failed to reach a ruling on more significant charges around money laundering and sanctions violations.
CVE-2025-8613 | Vacron Camera Ping Command command injection
1 month 2 weeks ago
A vulnerability has been found in Vacron Camera and classified as critical. Affected by this vulnerability is an unknown functionality of the component Ping Command Handler. The manipulation leads to command injection.
This vulnerability is known as CVE-2025-8613. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-8611 | AOMEI Cyber Backup missing authentication
1 month 2 weeks ago
A vulnerability, which was classified as critical, was found in AOMEI Cyber Backup. Affected is an unknown function. The manipulation leads to missing authentication.
This vulnerability is traded as CVE-2025-8611. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-8612 | AOMEI Backupper Workstation link following
1 month 2 weeks ago
A vulnerability, which was classified as critical, has been found in AOMEI Backupper Workstation. This issue affects some unknown processing. The manipulation leads to link following.
The identification of this vulnerability is CVE-2025-8612. It is possible to launch the attack on the local host. There is no exploit available.
vuldb.com
CVE-2025-8610 | AOMEI Cyber Backup missing authentication
1 month 2 weeks ago
A vulnerability classified as critical was found in AOMEI Cyber Backup. This vulnerability affects unknown code. The manipulation leads to missing authentication.
This vulnerability was named CVE-2025-8610. The attack can be initiated remotely. There is no exploit available.
vuldb.com
New National Cyber Director Cairncross faces challenges on policy, bureaucracy, threats
1 month 2 weeks ago
It’s a “pivotal” moment for Sean Cairncross, fresh off his Senate confirmation in a changing federal cyber landscape.
The post New National Cyber Director Cairncross faces challenges on policy, bureaucracy, threats appeared first on CyberScoop.
Tim Starks
BSidesSF 2025: Third-Party Risk Management: SOC 2s, Security Questionnaires, And Psychosis
1 month 2 weeks ago
Creator/Author/Presenter: Eleanor Mount
Our deep appreciation to Security BSides - San Francisco and the Creators/Authors/Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at the lauded CityView / AMC Metreon - certainly a venue like no other; and via the organization's YouTube channel.
Additionally, the organization is welcoming volunteers for the BSidesSF Volunteer Force, as well as their Program Team & Operations roles. See their succinct BSidesSF 'Work With Us' page, in which, the appropriate information is to be had!
The post BSidesSF 2025: Third-Party Risk Management: SOC 2s, Security Questionnaires, And Psychosis appeared first on Security Boulevard.
Marc Handelman
Google Gemini AI Bot Hijacks Smart Homes, Turns Off the Lights
1 month 2 weeks ago
Using invisible prompts, the attacks demonstrate a physical risk that could soon become reality as the world increasingly becomes more interconnected with artificial intelligence.
Kristina Beek
Ровер? Не нужен. 6 вертолётов-одиночек полетят на Марс в 2028
1 month 2 weeks ago
Skyfall превратит красную планету в полигон для автономных разведчиков