The New Oil<p>Popular <a href="https://mastodon.thenewoil.org/tags/Chrome" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Chrome</span></a> extensions, including ad blockers, got hijacked. Learn how to protect yourself</p><p><a href="https://adguard.com/en/blog/popular-chrome-extensions-including-ad-blockers-hijacked.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">adguard.com/en/blog/popular-ch</span><span class="invisible">rome-extensions-including-ad-blockers-hijacked.html</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/guide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>guide</span></a> <a href="https://mastodon.thenewoil.org/tags/AdBlocker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AdBlocker</span></a> <a href="https://mastodon.thenewoil.org/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
pawb.fun is one of the many independent Mastodon servers you can use to participate in the fediverse.
This instance aimed at any and all within the furry fandom, though anyone is welcome! We're friendly towards members of the LGBTQ+ community and aiming to offer a safe space for our users.
Administered by:
Server stats:
297active users
pawb.fun: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.6+glitch
#malware
16 posts · 12 participants · 0 posts today
The New Oil<p><a href="https://mastodon.thenewoil.org/tags/Steam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Steam</span></a> pulls game demo infecting <a href="https://mastodon.thenewoil.org/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windows</span></a> with info-stealing <a href="https://mastodon.thenewoil.org/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a></p><p><a href="https://www.bleepingcomputer.com/news/security/steam-pulls-game-demo-infecting-windows-with-info-stealing-malware/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/steam-pulls-game-demo-infecting-windows-with-info-stealing-malware/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p>
The New Oil<p><a href="https://mastodon.thenewoil.org/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> campaign '<a href="https://mastodon.thenewoil.org/tags/DollyWay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DollyWay</span></a>' breached 20,000 <a href="https://mastodon.thenewoil.org/tags/WordPress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WordPress</span></a> sites</p><p><a href="https://www.bleepingcomputer.com/news/security/malware-campaign-dollyway-breached-20-000-wordpress-sites/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/malware-campaign-dollyway-breached-20-000-wordpress-sites/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p>
OTX Bot<p>Operation FishMedley targeting governments, NGOs, and think tanks</p><p>ESET researchers have uncovered a global espionage operation called Operation FishMedley, conducted by the FishMonger APT group, which is operated by the Chinese contractor I-SOON. The campaign targeted governments, NGOs, and think tanks across Asia, Europe, and the United States during 2022. The attackers used implants like ShadowPad, SodaMaster, and Spyder, which are common or exclusive to China-aligned threat actors. The operation involved sophisticated tactics including lateral movement, credential theft, and custom malware deployment. Seven victims were identified across various countries and sectors. The analysis provides technical details on the malware used, initial access methods, and command and control infrastructure.</p><p>Pulse ID: 67dd406f6ba9eecd280aa95e<br>Pulse Link: <a href="https://otx.alienvault.com/pulse/67dd406f6ba9eecd280aa95e" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">otx.alienvault.com/pulse/67dd4</span><span class="invisible">06f6ba9eecd280aa95e</span></a> <br>Pulse Author: AlienVault<br>Created: 2025-03-21 10:33:19</p><p>Be advised, this data is unverified and should be considered preliminary. Always do further verification.</p><p><a href="https://social.raytec.co/tags/Asia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Asia</span></a> <a href="https://social.raytec.co/tags/China" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>China</span></a> <a href="https://social.raytec.co/tags/Chinese" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Chinese</span></a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.raytec.co/tags/ESET" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ESET</span></a> <a href="https://social.raytec.co/tags/Espionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Espionage</span></a> <a href="https://social.raytec.co/tags/Europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Europe</span></a> <a href="https://social.raytec.co/tags/Government" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Government</span></a> <a href="https://social.raytec.co/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ICS</span></a> <a href="https://social.raytec.co/tags/ISoon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ISoon</span></a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OTX</span></a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenThreatExchange</span></a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RAT</span></a> <a href="https://social.raytec.co/tags/ShadowPad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ShadowPad</span></a> <a href="https://social.raytec.co/tags/UnitedStates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UnitedStates</span></a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bot</span></a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AlienVault</span></a></p>
The New Oil<p>New <a href="https://mastodon.thenewoil.org/tags/Arcane" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Arcane</span></a> infostealer infects <a href="https://mastodon.thenewoil.org/tags/YouTube" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>YouTube</span></a>, <a href="https://mastodon.thenewoil.org/tags/Discord" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Discord</span></a> users via game cheats</p><p><a href="https://www.bleepingcomputer.com/news/security/new-arcane-infostealer-infects-youtube-discord-users-via-game-cheats/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/new-arcane-infostealer-infects-youtube-discord-users-via-game-cheats/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a></p>
The New Oil<p>How a researcher with no <a href="https://mastodon.thenewoil.org/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a>-coding skills tricked <a href="https://mastodon.thenewoil.org/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AI</span></a> into creating <a href="https://mastodon.thenewoil.org/tags/Chrome" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Chrome</span></a> infostealers</p><p><a href="https://www.zdnet.com/article/how-a-researcher-with-no-malware-coding-skills-tricked-ai-into-creating-chrome-infostealers/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">zdnet.com/article/how-a-resear</span><span class="invisible">cher-with-no-malware-coding-skills-tricked-ai-into-creating-chrome-infostealers/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p>
WinFuture.de<p>Sicherheitsforscher decken massive <a href="https://mastodon.social/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a>-Kampagne im Google Play Store auf. Schädliche Apps umgehen Android-13-Schutzfunktionen und stehlen sensible Daten. Kampagne seit Q3 2024 aktiv. <a href="https://winfuture.de/news,149724.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">winfuture.de/news,149724.html?</span><span class="invisible">utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia</span></a></p>
Bill<p>Well, no matter what you think about CISA there was indeed a malicious bug compiled into tj-actions that is scary considered alone but terrifying as part of a very real trend.</p><p><a href="https://github.com/tj-actions/changed-files/issues/2463" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/tj-actions/changed-</span><span class="invisible">files/issues/2463</span></a></p><p>I'm going to look at that project to detect undocumented code I boosted earlier today.</p><p><a href="https://infosec.exchange/tags/github" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>github</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a></p>
The New Oil<p>Malicious <a href="https://mastodon.thenewoil.org/tags/Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Android</span></a> #'Vapor' apps on <a href="https://mastodon.thenewoil.org/tags/GooglePlay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GooglePlay</span></a> installed 60 million times</p><p><a href="https://www.bleepingcomputer.com/news/security/malicious-android-vapor-apps-on-google-play-installed-60-million-times/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/malicious-android-vapor-apps-on-google-play-installed-60-million-times/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://mastodon.thenewoil.org/tags/Google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Google</span></a></p>
The New Oil<p><a href="https://mastodon.thenewoil.org/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Microsoft</span></a>: New RAT <a href="https://mastodon.thenewoil.org/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> used for <a href="https://mastodon.thenewoil.org/tags/crypto" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>crypto</span></a> theft, reconnaissance</p><p><a href="https://www.bleepingcomputer.com/news/security/microsoft-new-rat-malware-used-for-crypto-theft-reconnaissance/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/microsoft-new-rat-malware-used-for-crypto-theft-reconnaissance/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/StilachiRAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>StilachiRAT</span></a></p>
Alexandre Borges<p>To date, I have published 15 articles (1045 pages) with the strict goal of helping the cybersecurity community.</p><p>ERS (439 pages, so far): </p><p>[+] ERS 05: <a href="https://exploitreversing.com/2025/03/12/exploiting-reversing-er-series-article-05/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">exploitreversing.com/2025/03/1</span><span class="invisible">2/exploiting-reversing-er-series-article-05/</span></a><br>[+] ERS 04: <a href="https://exploitreversing.com/2025/02/04/exploiting-reversing-er-series-article-04/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">exploitreversing.com/2025/02/0</span><span class="invisible">4/exploiting-reversing-er-series-article-04/</span></a><br>[+] ERS 03: <a href="https://exploitreversing.com/2025/01/22/exploiting-reversing-er-series-article-03/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">exploitreversing.com/2025/01/2</span><span class="invisible">2/exploiting-reversing-er-series-article-03/</span></a><br>[+] ERS 02: <a href="https://exploitreversing.com/2024/01/03/exploiting-reversing-er-series-article-02/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">exploitreversing.com/2024/01/0</span><span class="invisible">3/exploiting-reversing-er-series-article-02/</span></a><br>[+] ERS 01: <a href="https://exploitreversing.com/2023/04/11/exploiting-reversing-er-series/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">exploitreversing.com/2023/04/1</span><span class="invisible">1/exploiting-reversing-er-series/</span></a></p><p>MAS (606 pages -- finished): </p><p>[+] MAS 10: <a href="https://exploitreversing.com/2025/01/15/malware-analysis-series-mas-article-10/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">exploitreversing.com/2025/01/1</span><span class="invisible">5/malware-analysis-series-mas-article-10/</span></a><br>[+] MAS 09: <a href="https://exploitreversing.com/2025/01/08/malware-analysis-series-mas-article-09/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">exploitreversing.com/2025/01/0</span><span class="invisible">8/malware-analysis-series-mas-article-09/</span></a><br>[+] MAS 09: <a href="https://exploitreversing.com/2024/08/07/malware-analysis-series-mas-article-08/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">exploitreversing.com/2024/08/0</span><span class="invisible">7/malware-analysis-series-mas-article-08/</span></a><br>[+] MAS 07: <a href="https://exploitreversing.com/2023/01/05/malware-analysis-series-mas-article-7/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">exploitreversing.com/2023/01/0</span><span class="invisible">5/malware-analysis-series-mas-article-7/</span></a><br>[+] MAS 06: <a href="https://exploitreversing.com/2022/11/24/malware-analysis-series-mas-article-6/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">exploitreversing.com/2022/11/2</span><span class="invisible">4/malware-analysis-series-mas-article-6/</span></a><br>[+] MAS 05: <a href="https://exploitreversing.com/2022/09/14/malware-analysis-series-mas-article-5/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">exploitreversing.com/2022/09/1</span><span class="invisible">4/malware-analysis-series-mas-article-5/</span></a><br>[+] MAS 04: <a href="https://exploitreversing.com/2022/05/12/malware-analysis-series-mas-article-4/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">exploitreversing.com/2022/05/1</span><span class="invisible">2/malware-analysis-series-mas-article-4/</span></a><br>[+] MAS 03: <a href="https://exploitreversing.com/2022/05/05/malware-analysis-series-mas-article-3/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">exploitreversing.com/2022/05/0</span><span class="invisible">5/malware-analysis-series-mas-article-3/</span></a><br>[+] MAS 02: <a href="https://exploitreversing.com/2022/02/03/malware-analysis-series-mas-article-2/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">exploitreversing.com/2022/02/0</span><span class="invisible">3/malware-analysis-series-mas-article-2/</span></a><br>[+] MAS 01: <a href="https://exploitreversing.com/2021/12/03/malware-analysis-series-mas-article-1/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">exploitreversing.com/2021/12/0</span><span class="invisible">3/malware-analysis-series-mas-article-1/</span></a></p><p>The blog home page is: <a href="https://exploitreversing.com/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">exploitreversing.com/</span><span class="invisible"></span></a></p><p>I will be back in a few months with the next articles in the Exploiting Reversing series, which will focus on vulnerability and exploitation, once I have laid all the necessary groundwork. I'm currently taking a break from writing to focus on research.</p><p>Enjoy reading and have an excellent day.</p><p><a href="https://infosec.exchange/tags/windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>windows</span></a> <a href="https://infosec.exchange/tags/iOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iOS</span></a> <a href="https://infosec.exchange/tags/macOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>macOS</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/chrome" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>chrome</span></a> <a href="https://infosec.exchange/tags/kernel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kernel</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://infosec.exchange/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>reverseengineering</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/research" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>research</span></a> <a href="https://infosec.exchange/tags/hypervisor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hypervisor</span></a></p>
WinFuture.de<p>FBI warnt: Vorsicht bei kostenlosen Online-Dateikonvertern! Viele dieser scheinbar harmlosen Tools dienen als Einfallstor für <a href="https://mastodon.social/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a>. Besser auf vertrauenswürdige Software setzen. <a href="https://mastodon.social/tags/Cybersicherheit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersicherheit</span></a> <a href="https://winfuture.de/news,149661.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">winfuture.de/news,149661.html?</span><span class="invisible">utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia</span></a></p>
heise Security<p>Malwareverteiler: FBI warnt vor betrügerischen Online-Dateikonvertern</p><p>Wer kostenlose Onlinedienste zum Umwandeln von etwa Textdateien nutzt, kann sich Malware einfangen. Darauf weist das FBI hin.</p><p><a href="https://www.heise.de/news/Malwareverteiler-FBI-warnt-vor-betruegerischen-Online-Dateikonvertern-10319049.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/Malwareverteiler</span><span class="invisible">-FBI-warnt-vor-betruegerischen-Online-Dateikonvertern-10319049.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</span></a></p><p><a href="https://social.heise.de/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://social.heise.de/tags/Trojaner" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Trojaner</span></a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a></p>
benzogaga33 :verified:<p>Des apps OAuth malveillantes se font passer pour Adobe et DocuSign pour cibler Microsoft 365 <a href="https://www.it-connect.fr/des-apps-oauth-malveillantes-se-font-passer-pour-adobe-et-docusign-pour-cibler-microsoft-365/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">it-connect.fr/des-apps-oauth-m</span><span class="invisible">alveillantes-se-font-passer-pour-adobe-et-docusign-pour-cibler-microsoft-365/</span></a> <a href="https://mamot.fr/tags/ActuCybers%C3%A9curit%C3%A9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ActuCybersécurité</span></a> <a href="https://mamot.fr/tags/Cybers%C3%A9curit%C3%A9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersécurité</span></a> <a href="https://mamot.fr/tags/Microsoft365" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Microsoft365</span></a> <a href="https://mamot.fr/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phishing</span></a> <a href="https://mamot.fr/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a></p>
OTX Bot<p>Off the Beaten Path: Recent Unusual Malware</p><p>The article examines three unusual malware samples: a C++/CLI IIS backdoor enabling stealthy remote command execution, a bootkit leveraging the GRUB 2 bootloader to gain early system control and persistence, and a cross-platform post-exploitation framework developed in C++. These cases highlight evolving attacker techniques that prioritize stealth, persistence, and unconventional execution methods to evade detection.</p><p>Pulse ID: 67d7ee24c094f5f32b058b48<br>Pulse Link: <a href="https://otx.alienvault.com/pulse/67d7ee24c094f5f32b058b48" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">otx.alienvault.com/pulse/67d7e</span><span class="invisible">e24c094f5f32b058b48</span></a> <br>Pulse Author: AlienVault<br>Created: 2025-03-17 09:40:52</p><p>Be advised, this data is unverified and should be considered preliminary. Always do further verification.</p><p><a href="https://social.raytec.co/tags/BackDoor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BackDoor</span></a> <a href="https://social.raytec.co/tags/Bootkit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bootkit</span></a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OTX</span></a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenThreatExchange</span></a> <a href="https://social.raytec.co/tags/RemoteCommandExecution" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RemoteCommandExecution</span></a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bot</span></a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AlienVault</span></a></p>
OTX Bot<p>Credit Card Skimmer and Backdoor on WordPress E-commerce Site</p><p>A sophisticated malware attack targeting WordPress WooCommerce sites was discovered, involving multiple components: a credit card skimmer, a hidden backdoor file manager, and a reconnaissance script. The attack focused on financial gain and long-term control. The skimmer, injected into the checkout page, collected payment and billing information, sending it to a malicious server. A PHP backdoor allowed remote system command execution, while a reconnaissance script gathered server information. The attack demonstrates the evolving complexity of e-commerce platform threats, emphasizing the need for strict security measures, regular scans, proper access controls, and timely updates to prevent such exploits.</p><p>Pulse ID: 67d52aad906732f7bad24dfa<br>Pulse Link: <a href="https://otx.alienvault.com/pulse/67d52aad906732f7bad24dfa" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">otx.alienvault.com/pulse/67d52</span><span class="invisible">aad906732f7bad24dfa</span></a> <br>Pulse Author: AlienVault<br>Created: 2025-03-15 07:22:21</p><p>Be advised, this data is unverified and should be considered preliminary. Always do further verification.</p><p><a href="https://social.raytec.co/tags/BackDoor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BackDoor</span></a> <a href="https://social.raytec.co/tags/CreditCard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CreditCard</span></a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OTX</span></a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenThreatExchange</span></a> <a href="https://social.raytec.co/tags/PHP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PHP</span></a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RAT</span></a> <a href="https://social.raytec.co/tags/RCE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RCE</span></a> <a href="https://social.raytec.co/tags/RDP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RDP</span></a> <a href="https://social.raytec.co/tags/Word" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Word</span></a> <a href="https://social.raytec.co/tags/Wordpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Wordpress</span></a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bot</span></a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AlienVault</span></a></p>
AskUbuntu<p>Hahm Invitation Code : zybcyhbmqa (Earn $7 at sign up) #1404 <a href="https://ubuntu.social/tags/server" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>server</span></a> <a href="https://ubuntu.social/tags/mouse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mouse</span></a> <a href="https://ubuntu.social/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://ubuntu.social/tags/username" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>username</span></a></p><p><a href="https://askubuntu.com/q/1543829/612" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">askubuntu.com/q/1543829/612</span><span class="invisible"></span></a></p>
Xavier «X» Santolaria :verified_paw: :donor:<p>📨 Latest issue of my curated <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> and <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> list of resources for week #11/2025 is out!</p><p>It includes the following and much more:</p><p>➝ Alleged Co-Founder of <a href="https://infosec.exchange/tags/Garantex" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Garantex</span></a> Arrested in India;</p><p>➝ X Suffered a <a href="https://infosec.exchange/tags/DDoS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DDoS</span></a> Attack;</p><p>➝ Microsoft <a href="https://infosec.exchange/tags/PatchTuesday" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PatchTuesday</span></a> Fixes 7 Zero-days;</p><p>➝ UK Hospital Discovered 5,000 to 10,000 Unknown Devices Connected to its Network;</p><p>➝ <a href="https://infosec.exchange/tags/NVIDIA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NVIDIA</span></a> Chips Smugglers Granted Bail in Singapore;</p><p>➝ <a href="https://infosec.exchange/tags/Tenable" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tenable</span></a> tested <a href="https://infosec.exchange/tags/DeepSeek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DeepSeek</span></a>'s Ability to Generate <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a>;</p><p>➝ <a href="https://infosec.exchange/tags/OpenAI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenAI</span></a> labelling DeepSeek as "state-controlled";</p><p>➝ New <a href="https://infosec.exchange/tags/Jailbreak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Jailbreak</span></a> Method called Context Compliance Attack (CCA) Works Against Most <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AI</span></a> Models</p><p>Subscribe to the <a href="https://infosec.exchange/tags/infosecMASHUP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosecMASHUP</span></a> newsletter to have it piping hot in your inbox every week-end ⬇️</p><p><a href="https://infosec-mashup.santolaria.net/p/template-infosec-mashup-xx-2025-7eb9e43f2aebd47f?utm_source=beehiiv&utm_medium=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec-mashup.santolaria.net/</span><span class="invisible">p/template-infosec-mashup-xx-2025-7eb9e43f2aebd47f?utm_source=beehiiv&utm_medium=mastodon</span></a></p>
The New Oil<p><a href="https://mastodon.thenewoil.org/tags/ClickFix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ClickFix</span></a>: How to Infect Your <a href="https://mastodon.thenewoil.org/tags/PC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PC</span></a> in Three Easy Steps</p><p><a href="https://krebsonsecurity.com/2025/03/clickfix-how-to-infect-your-pc-in-three-easy-steps/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">krebsonsecurity.com/2025/03/cl</span><span class="invisible">ickfix-how-to-infect-your-pc-in-three-easy-steps/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windows</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@briankrebs" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>briankrebs</span></a></span> why am I not surprised at this?</p><ul><li>I wounder if the <a href="https://infosec.space/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> is clever enough to filter by <a href="https://infosec.space/tags/UserAgent" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UserAgent</span></a> and not try to infect <a href="https://infosec.space/tags/macOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>macOS</span></a> & <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a> machines with keyboard combinations that don't work there...</li></ul><p>Needless to say, it was only a matter of time till we see auto-copying <a href="https://infosec.space/tags/JavaScript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>JavaScript</span></a> to be weaponized for that...</p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload