Premiering now! Had a great conversation with Shannon Morse about my issues reviewing some mini PCs that came pre-loaded with malware. https://www.youtube.com/watch?v=oH2R3o-EbTA
She offers some GREAT tips and tricks for folks interested in keeping their home networks secure and their data safe!
A new malware named 'Cuttlefish' has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information.
Oh, great. Computer security researchers have developed a proof-of-concept for a type of ransomware that would act when you try to upload a file. It would be able to encrypt any files in the folder you uploaded from, and any subfolders of it.
This is a proof-of-concept; the researchers have not seen any such attacks in the wild. But stay careful out there, okay?
Affects Chrome and Edge, but not Firefox or Safari!
"Instead of generating the URL after a comment is posted, GitHub automatically generates the download link after you add the file to an unsaved comment, [...]. This allows threat actors to attach their malware to any repository without them knowing."
I always wondered if these attachments would stay around and if so for how long. Seems to be permanent, though (at least until this is going to be fixed)...
I remember folks in the web community shunning me when I first started speaking out against Big Tech – because I was criticising their friends who worked at Google, Facebook, etc. – saying I was exaggerating things.
I wonder what the same folks think now given what we know about these very same corporations; given a number of them are actively enabling a genocide.
Am I still an alarmist?
(I understand if some of you are too busy working at one or debating the minutiae of CSS syntax to reply.)
WTF? Is #Tenacity on the #Flatpak store #MALWARE? Apparently it was running in the bg AS IF it was an invincible #Gnome extension so SystemMonitor/htop would NOT see it as a process. But #MissionCenter (also from flatpak store) saw it as it is: an app running on startup! Killing it killed Gnome session! It was also spiking wifi, and was leaking the Gnome gjs service from 4MB RAM to 120MB. Uninstalling fixed the prob
#CyberSecurity#GitHub#Microsoft#Malware: "A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy.
While most of the malware activity has been based around the Microsoft GitHub URLs, this "flaw" could be abused with any public repository on GitHub, allowing threat actors to create very convincing lures.
Yesterday, McAfee released a report on a new LUA malware loader distributed through what appeared to be a legitimate Microsoft GitHub repository for the "C++ Library Manager for Windows, Linux, and MacOS," known as vcpkg.
Angebliches Word-Add-in: Russische #Malware für Windows entdeckt
Russland rüstet immer weiter für Cyberangriffe gegen den Westen auf. Nun haben finnische Experten eine neue gefährliche Hintertür für Windows-Systeme entdeckt, die offenbar vom russischen Geheimdienst gesteuert wird.
Mit der Aufdeckung fehlt dem russischen Geheimdienst nun eine wichtige Hintertür, denn die jetzt eingerichteten Schlupflöcher werden nun in kurzer Zeit gefunden und geschlossen.
#TikTok est il sûr? Dans un #blog effarant, la réponse de la société @protonprivacy est sans appel! La seule possibilité que TikTok soit sûr est de désinstaller l’#application et de supprimer son compte!
#CyberSecurity#OpenSource#Malware#SSH#XZUtils: "So what was the malware discovered by Freund designed to do? Basically to break the authentication process that makes SSH secure and thereby create a backdoor that would enable an intruder remotely to gain unauthorised access to the entire system. Since SSH is a vital tool for the safe operation of a networked world, anything that undermines it is really bad news – which is why the cybersecurity world has been on high alert in the past week. Those running the different flavours of Linux that are in use across the world have been alerted to the dangers posed by the two rogue updates.
In some ways, the story of how the malware got into the updates is even more instructive. XZ Utils is open-source software, ie software with source code that anyone can inspect, modify and enhance. Much open source is written and maintained by small teams of programmers, and in many case by a single individual. In XZ Utils, that individual for years has been Lasse Collin, who has been with the project since its inception. Until recently he was the person who had been assembling and distributing the updates of the software." https://www.theguardian.com/commentisfree/2024/apr/06/xz-utils-linux-malware-open-source-software-cyber-attack-andres-freund
DinodasRAT Malware targets Linux Servers in Espionage Campaign.
Ubuntu systems being attacked by a Linux version of the DinodasRAT (also known as XDealer) that may have been operating since 2022. DinodasRAT creates a hidden file in the directory where its binary resides, which acts as a mutex to prevent multiple instances from running on the infected device.