#Malware
Malvertising via brand impersonation is back again
https://www.malwarebytes.com/blog/threat-intelligence/2023/05/malvertising-its-a-jungle-out-there
The #CosmicEnergy #malware targets industrial systems
https://onetechnews.site/malware-ul-cosmicenergy-vizeaza-sistemele-industriale/
[Quote Repost]
⛔️ #phishing ALERT 🎣
🔗 https://miladyverse[.]xyz/
🔎 https://urlscan.io/result/e1de7c07-50ea-40e1-b0f1-2d863bd9d8c1/
#fake #cybersec #malware
@phishunt_io @namecheap @CloudflareHelp https://twitter.com/WSJ/status/1663238802452643847
📬 Bandit Stealer: neue Bedrohung für Krypto-Wallets und Browser
#Malware #BanditStealer #KryptoWallet #MSWordAnhang #PaulJohnBardon #Phishing #SarahPearlCamiling #TrendMicro https://tarnkappe.info/artikel/it-sicherheit/malware/bandit-stealer-neue-bedrohung-fuer-krypto-wallets-und-browser-275661.html
[Quote Repost]
⛔️ #phishing ALERT 🎣
🔗 https://czbin[.]events/news[.]php
🔎 https://urlscan.io/result/34c3e9fb-a17c-4b3a-a0b2-d91c71878bc4/
#cybersec #hacking #malware
@JAMESWT_MHT @namecheap @namecheap https://twitter.com/BBCWorld/status/1663197937575378945
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #21/2023 is out! It includes, but not only:
‣ 🇬🇧 🇺🇸 #NHS data breach: trusts shared patient details with #Facebook without consent
‣ ☁️ Severe Flaw in #Google Cloud's Cloud #SQL Service Exposed Confidential Data
‣ 🇨🇭 💰 US govt contractor #ABB confirms #ransomware attack, data theft
‣ 🦠 🤖 #Predator: Looking under the hood of Intellexa’s #Android spyware
‣ 🇦🇿 🇦🇲 Hacking in a war zone: #Pegasus #spyware in the Azerbaijan-Armenia conflict
‣ 🦠 🎮 Dark Frost #Botnet Launches Devastating #DDoS Attacks on Gaming Industry
‣ 🇷🇺 🦠 Mysterious #malware designed to cripple industrial systems linked to #Russia
‣ 🇧🇷 🇵🇹 ‘Operation Magalenha’ targets credentials of 30 Portuguese #banks
‣ 🩹 #GitLab 'strongly recommends' patching max severity flaw ASAP
‣ 🇮🇷 🇮🇱 Iranian hackers use new #Moneybird ransomware to attack Israeli orgs
‣ 🇺🇦 Cyber Attacks Strike #Ukraine's State Bodies in Espionage Operation
‣ 🇨🇳 🇺🇸 Chinese state hackers infect critical infrastructure throughout the US and Guam
‣ 🐍 👨🏻⚖️ #PyPI was subpoenaed
‣ 🇰🇵 🦠 N. Korean #Lazarus Group Targets #Microsoft IIS Servers to Deploy Espionage Malware
‣ 🦠 🤖 Data Stealing Malware Discovered in Popular Android Screen Recorder App
‣ 🇩🇪 Arms maker Rheinmetall confirms #BlackBasta ransomware attack
‣ 🦠 New ‘GoldenJackal’ APT Targets Middle East, South Asia Governments
‣ 🇺🇸 🇰🇵 Treasury Department sanctions entities tied to North Korean IT scams, hacking
‣ 🇺🇸 📰 Cuba ransomware claims #cyberattack on Philadelphia Inquirer
‣ 🇺🇸 🏥 After ransomware attack, state’s second-largest health insurer says patient data stolen
‣ 🇯🇵 🇮🇳 🏍️ #Suzuki motorcycle plant shut down by cyber attack
‣ 🇺🇸 🪖 #Pentagon explosion hoax goes viral after verified #Twitter accounts push
‣ 🇺🇸 🇪🇺 #Meta Fined Record $1.3 Billion and Ordered to Stop Sending European User Data to US
‣ 🦠 🎬 Cloned #CapCut websites push information stealing malware
‣ 🇰🇷 🇺🇸 Warning: #Samsung Devices Under Attack! New Security Flaw Exposed
‣ 🍏 #Apple fixes three new zero-days exploited to hack iPhones, Macs
#hacking #cyber #cyberdefense #security #health #cloud #infrastructure #OT #ICS
📚 This week's recommended reading is: "Cyber Defense Matrix: The Essential Guide to Navigating the Cybersecurity Landscape" by Sounil Yu
Subscribe to the #newsletter to have it piping hot in your inbox every Sunday ⬇️
Paketmanager PyPI verschärft 2FA-Pflicht und setzt Frist
Noch dieses Jahr müssen alle Projekte und Maintainer auf PyPI bei der Anmeldung auf 2FA umstellen.
Le malware Qbot s’appuie sur l’exécutable de WordPad pour infecter les machines Windows https://www.it-connect.fr/le-malware-qbot-sappuie-sur-lexecutable-de-wordpad-pour-infecter-les-machines-windows/ #Logiciel-OS #Sécurité #Malware #Windows
PyPI vai obrigar contas a ativarem autenticação em duas etapas
👉 https://tugatech.com.pt/t53826-pypi-vai-obrigar-contas-a-ativarem-autenticacao-em-duas-etapas
...
#malware #online #programação #segurança #noticias #tech #tugatech
Alterações de temperatura e voltagem no CPU podem ser usadas para recolha de dados
👉 https://tugatech.com.pt/t53825-alteracoes-de-temperatura-e-voltagem-no-cpu-podem-ser-usadas-para-recolha-de-dados
...
#amd #apple #ataque #chrome #google #hardware #intel #malware #nvidia #processadores #qualcomm #sistema #snapdragon #software #web #noticias #tech #tugatech
Clever ‘File Archiver In The Browser’ #phishing trick uses #ZIP #domains https://www.bleepingcomputer.com/news/security/clever-file-archiver-in-the-browser-phishing-trick-uses-zip-domains/ "While some experts believe the fears are overblown, the main concern is that some sites will automatically turn a string that ends with '.zip,' like setup.zip, into a clickable link that could be used for #malware delivery or phishing attacks." It's not overblown: the proof of concept is in the article. I already preemptively block .zip and .mov domains in the content blocker.
A new info-stealing malware called #BanditStealer is capable of evading detection and stealing personal and financial banking data stored in #cryptocurrency wallets and web browsers.
https://hackread.com/stealing-wallets-browsers-bandit-stealer-windows/
New Stealthy Bandit Stealer Targeting Web Browsers and Cryptocurrency Wallets
#cybersecurity #malware
https://thehackernews.com/2023/05/new-stealthy-bandit-stealer-targeting.html
Inner workings revealed for “Predator”, the Android #malware that exploits five 0-days:
PSA.
Nice, #googleplay . You sell yourself as the safe way to download apps, and then you don't even notify users they have #spying #malware on their phones?
Die #Malware #QBot installiert sich über eine #Sicherheitslücke in #WordPad. https://winfuture.de/news,136472.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia
Xplain von #Ransomware-Angriff getroffen | inside-it.ch https://www.inside-it.ch/xplain-von-ransomware-angriff-getroffen-20230523 #Malware #CyberCrime #Hacking
5 Zero-Day-Exploits: Einblicke ins Innenleben des Staatstrojaners #Predator | heise online https://www.heise.de/news/5-Zero-Day-Exploits-Einblicke-ins-Innenleben-des-Staatstrojaners-Predator-9067994.html #Android #Tracking #spyware #Malware #surveillance #Überwachung #Datenschutz #privacy
Alarm bells continue to ring in the cybersecurity world around the potential threats from AI in the hands of threat actors. In particular, malware being created through ChatGPT appears to be a reality.
#AI #chatgpt #malware #threat #cybersecurity
https://www.infosecurity-magazine.com/news/ai-create-malware-withsecure/
Catch up on the top 10 #articles from this week that resonated with our #readers. #ChatGPT being used to create #malware, #battery issues from #iOS165, and a new #Gmail app for #macOS captivated our readers the most. https://www.techhelpkb.com/weekly-tech-wrap-up-5-27-2023/?utm_source=mastodon&utm_medium=toot&utm_campaign=wrapup
This recent update demonstrates a widening of scope, with new capabilities such the ability to compromise #SSH servers and retrieve additional AWS-specific #credentials from Laravel web applications," Cado Labs researcher Matt Muir said in a report shared with The #Hacker #News.
#cybersecurity #hacking #malware
https://thehackernews.com/2023/05/legion-malware-upgraded-to-target-ssh.html
⛔️ #phishing ALERT 🎣
🔗 https://vintagehiwatt[.]com/
🔎 https://urlscan.io/result/8bae0873-63ae-4cc9-b40b-0ea299fdab61/
QBot #malware abuses #Windows WordPad EXE to infect devices #cybersecurity https://www.bleepingcomputer.com/news/security/qbot-malware-abuses-windows-wordpad-exe-to-infect-devices/ @BleepingComputer @lawrenceabrams
You're welcome. I was chatting with a TA shortly after I read your article, and I asked them if their group used infostealer logs, and they answered, "Yes, sure. We have recently been provided with such magazines. A lot of schools, hospitals and government agencies."
There's probably a lesson to be learned but nobody seems to be learning it yet.
Some of us have been sounding alarms for quite a while but what are hospitals, schools, and government agencies actually doing in response?
@douglevin @funnymonkey @mkeierleber
#databreach #infostealer #passwordmanager #redline #browser #access #creds #login #password #browser #malware
#Android-#Spyware: Legitime App nach einem Jahr verwanzt | Security https://www.heise.de/news/Android-Malware-Vom-nuetzlichen-Tool-zu-Spyware-in-einem-Jahr-9066385.html #Malware #GooglePlay #GooglePlayStore #PlayStore #CyberCrime
Lately I've been using Disroot SearX (or is it called #SearXNG?) https://apps.disroot.org/search as my #SearchEngine of choice and regardless of what I'm looking for, this picture shows up as one of the top results above the fold. Every. Damn. Time.
The name of the photo is “Little Blue Heron”. Any clues? II know it's possible to hide #malicious data in images, could that be it? #LittleBlueHeron #DisrootSearX #malware
⚡ Unearthed: CosmicEnergy, malware for causing Kremlin-style power disruptions
➥ @arstechnica
"Researchers have uncovered malware designed to disrupt electric power transmission and may have been used by the Russian government in training exercises for creating or responding to cyberattacks on electric grids."
#CosmicEnergy #Malware #Infosec
https://arstechnica.com/information-technology/2023/05/unearthed-cosmicenergy-malware-for-causing-kremlin-style-power-disruptions/
Android-Malware: Vom nützlichen Tool zu Spyware in einem Jahr
Die IT-Forscher von Eset haben eine Android-App entdeckt, die als nützliches Tool startete, rund ein Jahr später jedoch Spionagefunktionen nachgerüstet bekam.
#Android #Cybercrime #GooglePlay #GooglePlayStore #Malware #Security #Spyware #news
In an article about Richmond University Medical Center's progress in recovering from a ransomware attack three weeks ago, we read:
"Asked about whether patient information had been compromised in the attack, the hospital said, '[w]e are continuing our investigation into this incident alongside third-party cybersecurity experts.' "
Have I mentioned #transparency recently?
C'mon, #RMUC -- just tell people what you know already. Your lack of transparency is disappointing, to say the best.
@brett @douglevin @funnymonkey
#databreach #ransomware #disclosure #incidentresponse #HealthSec #infosec #HIPAA #PHI #cybersecurity #malware #transparency
They just made it up.
The #VPN industry is a scourge.
Not content with tricking people into paying for security talismans by misrepresenting what VPNs do..., they are SEO-optimizing fake #cybersecurity advice to drive signups.
The perverse thing is that the high risk people like dissidents & journalists that need to get safer from Predator not only won't be.helped, but real advice is getting drowned out.
Glad to see @maldr0id call it out. #hacking #spyware #Predator #malware #security
Block the entire dot-zip top-level domain
https://youtu.be/V82lHNsSPww
[ThioJoe] discovers that Zip filenames in old posts are being converted to links to malware websites retroactively
#Malware from #China hits telecommunication systems on #Guam. https://www.nytimes.com/2023/05/24/us/politics/china-guam-malware-cyber-microsoft.html
#CISA #FBI #malware #ransomware #cybersecurity #BestPractices
'The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) today published the #StopRansomware Guide—an updated version of the 2020 guide containing additional recommended actions, resources, and tools.'
https://www.cisa.gov/news-events/news/cisa-fbi-nsa-ms-isac-publish-updated-stopransomware-guide
A new cyber threat, "#GoldenJackal," is targeting government and diplomatic entities in the Middle East and South Asia. This stealthy and capable adversary employs tailored #malware to steal data and conduct surveillance.
https://thehackernews.com/2023/05/goldenjackal-new-threat-group-targeting.html
Hacker character design in isometric pixel art style for an IT security company.
#PixelArt #VoxelArt #hacker #security #IT #safety #malware #character #CharacterDesign #design #GraphicDesign #illustration #3D #3DArt #MastoArt #FediArt
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #20/2023 is out! It includes, but not only:
‣ 🔓 PoC Tool Exploits Unpatched #KeePass Vulnerability to Retrieve Master Passwords
‣ 📱 Millions of Smartphones Distributed Worldwide With Preinstalled ‘Guerrilla’ #Malware
‣ 📨 #MalasLocker ransomware targets #Zimbra servers, demands charity donation
‣ 🇯🇵 🇺🇦 🇮🇪 🇮🇸 4 Countries Join #NATO Cyber Defense Center
‣ 🤐 New #ZIP domains spark debate among #cybersecurity experts
‣ 🍏 Open-source #CobaltStrike port 'Geacon' used in #macOS attacks
‣ 🇺🇸 #IBM Snaps up DSPM Startup Polar Security
‣ 🇷🇺 🇺🇸 Russian Hacker “Wazawaka” Indicted for #Ransomware
‣ 🇺🇸 🇦🇺 #StopRansomware: BianLian Ransomware Group
‣ 🇨🇳 Malware turns home routers into proxies for Chinese state-sponsored hackers
‣ 🏠 🔌 ‘FriendlyName’ Buffer Overflow Vulnerability in #Wemo Smart Plug V2
‣ 🔙 🚪 Stealthy MerDoor malware uncovered after five years of attacks
‣ 🇱🇻 ✈️ Airline exposes passenger info to others due to a 'technical error'
‣ New 'MichaelKors' Ransomware-as-a-Service Targeting #Linux and #VMware ESXi Systems
‣ 🇺🇸 🇰🇷 Ransomware group claims 2.5 terabytes of stolen data less than a month after emerging online
‣ 🇰🇵 North Korea funding half its missile program with #cryptocurrency theft and cyberattacks
‣ 🇺🇸 Former #Ubiquiti Employee Gets 6 Years in Jail for $2 Million Crypto Extortion Case
‣ 🇬🇧 #Capita warns customers they should assume data was stolen
#cyberdefense #security #automation #airline #data
📚 This week's recommended reading is: "PowerShell Automation and Scripting for CyberSecurity: Hacking and Defense for Red and Blue Teamers" by Miriam C. Wiesner
Subscribe to the #newsletter to have it piping hot in your inbox every Sunday ⬇️
Potentially millions of Android TVs and phones come with malware preinstalled: https://arstechnica.com/information-technology/2023/05/potentially-millions-of-android-tvs-and-phones-come-with-malware-preinstalled/
#hardware #malware
This weekend PyPi, the python software repository, suspended new accounts: the level of malicious activity has become unmanageable.
But this story is not just about Python: the level of risk from software dependencies has risen unimaginably: not a little, not a lot, this is big enough that it is hard to communicate and comprehend.
Python (pypi), Javascript (npm), Java (maven), Ruby, and even VS Code extensions are all under constant unrelenting attack. When a single package is trojanized, that threat is inherited by every application that include the compromised package.
The number of methods being used for these attacks is growing, and developers are now a "target of choice" for many criminal groups.
For example, in 2022 there was a sudden increase in the number of an effectiveness of "Phishing as a Service" (PhaaS) offerings in criminal markets. These services are effective at bypassing MFA. However, you may not know that these services are being used to target developer accounts, including repositories of private and open-source software. They want to trojanize the code and create the next big software-supply-chain compromise.
PhaaS is just one method. This weekend's announcement from PyPi was the result of criminals creating a large number of developer accounts so that they can publish malicious clones of existing packages. Typosquatting of packages is not a new phenomena, the constant stream of attacks is new.
You might assume that the repository hosts or managers must have a solution. They do not. The problems are diverse and many: from the management of repository hosting, to the security/trust verification features of packaging systems, to the security of repositories and the developers themselves.
There is no one solution, but solutions are needed.
My action item for you is this. Do not read cybesecurity about software repository compromises in isolation. Look at the forest and not the trees. Big risks are harder to understand that little ones but need the most urgent action.
Below are a small selection of stories in the comments to get you started. This is just a tiny fraction of the stories I have read and analyzed in the past year. The "hits just keep on coming".
#SoftwareDeveloper #GitHub #PyPi #NPM #Java #Python #CyberSecurity #PhishingAsAService #ThreatIntelligence #CTI #PhaaS #TypoSquatting #VSCode #Malware #SoftwareSupplyChain
https://www.bleepingcomputer.com/news/security/pypi-temporarily-pauses-new-users-projects-amid-high-volume-of-malware/
https://www.zdnet.com/article/security-warning-for-software-developers-you-are-now-prime-targets-for-phishing-attacks/
https://blog.checkpoint.com/securing-the-cloud/malicious-vscode-extensions-with-more-than-45k-downloads-steal-pii-and-enable-backdoors/
https://therecord.media/malware-found-in-npm-package-with-millions-of-weekly-downloads
https://blog.phylum.io/a-pypi-typosquatting-campaign-post-mortem/
https://www.zdnet.com/article/android-warning-these-malicious-apps-had-over-a-million-downloads-from-google-play/
https://www.bleepingcomputer.com/news/security/malicious-microsoft-vscode-extensions-steal-passwords-open-remote-shells/
https://www.bleepingcomputer.com/news/microsoft/vscode-marketplace-can-be-abused-to-host-malicious-extensions/
PyPI suspende novos registos de utilizadores após envio de malware em massa
"Neun Millionen #Android-#Handys sind mit neuer #Malware infiziert
"#Guerrilla" speist Werbung selbst in unverdächtige Apps. Dahinter steht ein mysteriöser #Datenhändler namens #LemonGroup"
#Security #Datenschutz #PersonenbezogeneDaten #Privacy #DSGVO #OnlineWerbung
https://www.derstandard.at/story/3000000021174/malware-auf-9-millionen-android-devices
"PyPI new user and new project registrations temporarily suspended" due to high levels of malicious package uploads.
Absolutely the right decision by the PyPI administrators, take all the time you need 🤗
https://status.python.org/incidents/qy2t9mjjcc7g
Dumpulator - An Easy-To-Use Library For Emulating Memory Dumps. Useful For Malware Analysis (Config Extraction, Unpacking) And Dynamic Analysis In General (Sandboxing) https://www.kitploit.com/2023/05/dumpulator-easy-to-use-library-for.html #reverseengineering #malware
Microsoft untersucht auch passwortgeschützte .zip-Dateien auf Malware
Fluch oder Segen: Microsofts Dienste untersuchen sogar passwortgeschützte ZIP-Archive auf Malware. Das fiel jetzt IT-Sicherheitsforschern auf.
#Archivierung #CloudComputing #Malware #Microsoft #OneDrive #Passwörter #Scan #Security #SharePoint #passwortgeschützt
🔥 Lazarus Hackers’ Linux Malware Linked to 3CX Supply-Chain Attack
via Linux Insider
「 We will probably see more of these. We are seeing threat actors expanding their variants to affect more systems, such as BlackCat using the Rust language so that their ransomware can infect Linux systems and be more undetectable,” he said, referencing this case of employing Linux malware 」
#Rust #Linux #Malware #Cybersecurity
https://www.linuxinsider.com/story/lazarus-hackers-linux-malware-linked-to-3cx-supply-chain-attack-177020.html
📬 Super Mario Bros: Raubkopien bergen Browser-Hijacker
#Malware #AdwCleaner #BrowserHijacker #Malwarebytes #ReasonLabs #TheSuperMarioBrosMovie #Trojaner #Twitter https://tarnkappe.info/artikel/it-sicherheit/malware/super-mario-bros-raubkopien-bergen-browser-hijacker-275094.html
Cybercrime gang pre-infects millions of #Android devices with #malware
TrendMicro holding details close (as of this post).
These pre-infected Android devices have the "Guerilla" malware installed, which can load additional malware. It pretty much compromises the entire device.
Our April Threat stats show cloud malware downloads remaining high (62%), malicious DMG files are on the rise, and the CrossLock ransomware was among the top new malware downloads. https://www.netskope.com/blog/netskope-threat-labs-stats-for-april-2023 #malware #ransomware #infosec
Wie kann man auf die dumme Idee kommen, #.zip #Toplevel #Domains anzubieten? 🤷♂️🤦♂️. https://medium.com/@bobbyrsec/the-dangers-of-googles-zip-tld-5e1e675e59a5. #datenschutz #itsicherheit #it-sicherheit #phishing #malware
@tarnkappeinfo Würde das als #Sabotage bzw. #Malware und #Sachbeschädigung durch #hp anzeigen, wenn ich betroffen wäre.
https://www.youtube.com/watch?v=d36CPxh6H3I
#NotLegalAdvice sondern nur #IMHO!
@WellsiteGeo @kevbob @dangillmor interestingly, #Malware runs better in #Wine than a #VM since popular tools like #imvirt don't seem to be able.to reliably detect if they run on Wine or #BareMetal #Windows.
Which is actually good.
So no, you can still get Malware in Wine and in theory IF you get some malware there, it can be WORSE depending on the kind and how hard you sandboxed your Wine install...
#Development #Launches
IP Lookup · Find out if an IP address is a threat https://ilo.im/12v34x
_____
#Security #Attacks #Threats #Cloaking #Proxy #Bots #Malware #Business #WebDevelopment #WebDev #WebOperations #WebOps #SEO #WebAnalytics #Logfiles #Server #IpAddress
Late to the party here, but the chance that new .zip and .mov domains mostly get used for #malware attacks is 100%
Not sure who asked for this, but this is a bad move.
Block it all.
This sort of thing undermines our collective #cybersecurity & is fundamentally unhelpful.
@ReginaMuehlich Mit Glück ist's nur #Premiumdienst - #Malware die tonnenweise gebührenpflichtige SMS-Payments veranlassen oder Wenigerwert-Nummern anrufen...
Gern ist's auch mal #Malware im #Baseband wie die von #Qualcomm...
Soweit ich weiß sind @nitrokey und @GrapheneOS voneinander unabhängig an der Sache dran...
@ReginaMuehlich Das ist nichts neues.
Jede*r der mal nen #Smartphone aus #China direkt importiert hat weiß dass diese mit #Malware vollgestopft werden und das allererste was mensch tun muss ist ne tote #SIM einlegen oder noch besser direkt ne #Aftermarket - #Firmware draufpacken...
Das gilt auch für die in der "V.R." exklusiv angebotenen, echten #DualSIM-#iPhone|s weil deren #Firmware von #Apple im Werk mit #Govware backdoored wird!
Atomic malware steals Mac passwords, crypto wallets, and more.
https://grahamcluley.com/atomic-malware-steals-mac-passwords-crypto-wallets-and-more/
#cybersecurity #malware #password #macos #apple #cryptocurrency #metamask
More on the #Russia FSB 'Snake' #malware from #CISA: https://www.cisa.gov/sites/default/files/2023-05/aa23-129a_snake_malware.pdf
#5yrsago Nova Scotia abandons its attempt to destroy a teenager who stumbled on a wide-open directory of sensitive information https://www.cbc.ca/news/canada/nova-scotia/police-drop-charges-in-nova-scotia-government-breach-1.4651543
#5yrsago Revenge of the #LaughableBumblefucks: Rob Ford’s brother admits that actors were hired to pretend to be his supporters at rally https://www.thestar.com/news/gta/2018/05/08/doug-ford-campaign-confirms-actors-were-hired-to-play-the-part-of-pc-supporters-at-mondays-debate-rally.html
#5yrsago A new strain of #IoT #malware can survive a reboot https://www.bleepingcomputer.com/news/security/hide-and-seek-becomes-first-iot-botnet-capable-of-surviving-device-reboots/
8/
On the trail of the Dark Avenger: the most dangerous virus writer in the world
(Some familiar names from the early days of anti-virus mentioned in this article)
QR codes used in fake parking tickets, surveys to steal your money
Careful what QR codes you are scanning... never a good idea to scan random QR codes.
Be extra warry of QR codes that lead you to install a third-party app - could be #malware or #spyware designed to give threat actors access to your phone.
Dienstag: Geschäftsgeheimnisse in Gefahr, Chatkontrolle vor dem Scheitern
Warnung deutscher Konzerne + Chatkontrolle vor dem Aus + Abo-Trojaner massenhaft heruntergeladen + "Homeoffice war ein Fehler" + Solar-Strategie vorgelegt
#Datenschutz #EU #GooglePlayStore #HomeOffice #Kubernetes #Malware #SAP #Siemens #Solarenergie #Trojaner #news
@stux consider using an on-demand scanner like #Stinger then...
And yes, #3rdParty #Antivirus on #Windows is just #DigitalSnakeoil at best if not outright #malware most of the time.
Militärgeheimdienst GRU: Von "Fancy Bear" zum Architekten für Schadsoftware
In Dokumenten des russischen Militärgeheimdiensts GRU sowie einer US-Anklageschrift von 2018 ist die gesamte Karriere eines Oberleutnants des GRU abgebildet.
NotPetya: US-Gericht sieht keinen Cyberkrieg, Versicherer sollen an Merck zahlen
Die Versicherer des US-Pharmariesen Merck müssen Teile des milliardenschweren Schadens decken, der auf das Konto des Verschlüsselungstrojaners NotPetya geht.
Happy #WorldPasswordDay!
I've cracked billions of #passwords from tens of thousands of #data #breaches in the past 12+ years, and because of this, I likely know at least one #password for 90% of people on the Internet. And I'm not alone! While I primarily crack breached passwords for research purposes and the thrill of the sport, others are selling your breached passwords to criminals who leverage them in #AccountTakeover and #CredentialStuffing attacks.
How can you keep your accounts safe?
- Use a #PasswordManager! I recommend @bitwarden and @1password
- Use a #Diceware style #passphrase - four or more words selected at random - for passwords you have to commit to memory, like your master password!
- Enable MFA for important online accounts, including cloud-based password managers!
- Harden your master password by tweaking your password manager's KDF settings! For #Bitwarden, use Argon2id with 64MB memory, 3 iterations, 4 parallelism. For #1Password and other PBKDF2 based password managers, set the iteration count to at least 600,000.
- Use unique, randomly generated passwords for all your accounts! Use your password manager to generate random 14-16 character passwords for everything. Modern password cracking is heavily optimized for human-generated passwords, because humans are highly predictable. Randomness defeats this and forces attackers to resort to incremental brute force! There's no trick you can do to make a secure, uncrackable password on your own - your meat glob will only betray you.
- Use an ad blocker like #uBlock Origin to keep you safe from password-stealing #malware and other browser based threats!
- Don't fall for #phishing attacks and other social engineering attacks! Browser-based password managers help defend against phishing attacks because they'll never autofill your passwords on fake login pages. Think before you click, and never give your passwords to anyone, not even if they offer you chocolate or weed.
- #Enterprises: require ad blockers, invest in an enterprise password management solution, audit password manager logs to ensure employes aren't sharing passwords outside the org, implement a Fine Grained Password Policy that requires a minimum of 20 characters to encourage the use of long passphrases, implement a password filter to block commonly used password patterns and compromised passwords, disable #NTLM authentication and disable RC4 for #Kerberos, disable legacy broadcast protocols like LLMNR and NBT-NS, require mandatory #SMB signing, use Group Managed Service Accounts instead of shared passwords, monitor public data breaches for employee credentials, and crack your own passwords to audit the effectiveness of your password policy and user training!
Stoked to publish this absolute gem of an episode featuring Pim Trouerbach and Joe Wise discussing the evolution of IcedID! This is one interesting malware, and IcedID infections have been linked to follow on ransomware infections. But while it got its start as a banking trojan, new updates in the code suggest it’s, well, forked! Bye bye banker. Tune in wherever you get your podcasts!
Apple: https://podcasts.apple.com/us/podcast/beyond-banking-icedid-gets-forked/id1612506550?i=1000611441260
Spotify: https://open.spotify.com/episode/4MKUamWzUxKw65fBjQ7CH5?si=370826df22634f8d
#malware #ThreatDetection #cybersecurity
Malware illustration 💀
#malware #hacker #piracy #virus #security #illustration #illustrator #artwork #3d #magicacsg #mastoart #fediart
Merck entitled to $1.4B in cyberattack case after appeals court rejects insurers' 'warlike action' claim.
Direct link to opinion: https://www.njcourts.gov/system/files/court-opinions/2023/a1879-21a1882-21.pdf
#NotPetya #malware #cyberattack #cyberinsurance #warlike #exclusion #AllRisks
#15yrsago #Malware gets a #EULA https://arstechnica.com/information-technology/2008/04/malware-authors-turn-to-eulas-to-protect-their-work/
#15yrsago Shelby County, TN Sheriff: watch out for photographers and radical greens, they might be terrorists https://web.archive.org/web/20080501121845/http://www.memphisflyer.com/memphis/Content?oid=oid%3A41348
#10yrsago #MPAA executive admits to tampering with key evidence in Finnish topsite trial https://torrentfreak.com/mpaa-executive-tampered-with-ifpi-evidence-in-internet-piracy-case-130427/
5/
What these blackmail artists really should be ashamed of is imposing yet more unnecessary stress and resource waste on democracies already struggling to cope with multiple environmental and social issues, not to mention the global rise of belligerent authoritarians.
What makes them different from the hostile state actors trying to sow chaos in their Free World enemies? "Just doing it dor fun and profit" certainly isn't more noble...
"Ashamed" LockBit ransomware gang apologises to hacked school, offers free decryption tool.
Read more in my article on the Bitdefender blog: https://www.bitdefender.com/blog/hotforsecurity/ashamed-lockbit-ransomware-gang-apologises-to-hacked-school-offers-free-decryption-tool/
Charming Kitten targets critical infrastructure in US and elsewhere with BellaCiao malware.
Read more in my article on the Tripwire blog: