In today's interconnected world, social media has become an integral part of our daily lives. From sharing updates with friends to networking with professionals, these platforms offer a myriad of opportunities. However, with great convenience comes great risk, as hackers continually evolve their tactics to compromise user...
On a side note, have you noticed how many “training” sites there are now? It’s almost like people are making more money teaching hacking than actually doing it."
I agree, but it's worth noting the education market has been saturated with non-material, often designed as a ploy to encourage spending for a very long time now.
A cogwheel grift to get people spending.
Training resources (and the industry) suffer from the following issues:
Why do banks have the absolute worst account security? Even after getting hacked and giving away all their customers sensitive info Mr Cooper doesn't even have 2fa for account access. And because they hold my mortgage I don't have the choice to take my business elsewhere. I guess I answered my own question...
We really need some government intervention here.
The cybersecurity landscape is continuously evolving, with threat actors often changing tactics and branding to evade detection and expand their operations. A recent development in this arena involves the Royal ransomware gang. According to a joint advisory from the CISA and the FBI, this group has rebranded itself to BlackSuit....
A report by Sekoia.io has shed light on a targeted campaign against the gaming community that leverages Discord channels and fake download sites to distribute information-stealing malware. The incident came to light after the cloud gaming company Shadow warned its users that their data was compromised....
The attackers behind 8Base ransomware have updated their arsenal with a new variant of the Phobos ransomware and other publicly available tools to conduct financially motivated attacks. The new finding comes from Cisco Talos researchers after a spike in 8Base ransomware activity was observed between May and June....
I just discovered a #mastodon#hack: post something about Terry Pratchett, then follow everyone who faves or boosts it. Instant group of the awesomest people in your feed.
Organizations across the globe have been warned against a new campaign leveraging Androxgh0st malware that steals credentials from various high-profile applications such as AWS, Microsoft 365, Twilio, and SendGrid....
The AhnLab Security Intelligence Center (ASEC) discovered that the Remcos RAT malware is being distributed disguised as adult games through webhards in South Korea. The RAT, originally marketed as a legitimate remote administration tool, has evolved into a powerful weapon used by threat actors for unauthorized remote control,...
Trend Micro discovered a new attack campaign exploiting the now-patched security bypass bug (CVE-2023-36035) in Windows SmartScreen to spread a new strain of the Phemedrone Stealer. The malware targets cryptocurrency wallets and messaging apps, including Telegram, Steam, and Discord....
FortiGuard Labs researchers recently encountered a new Lumma Stealer campaign that leverages YouTube channels for propagation. The attackers are strategically compromising YouTube accounts and uploading videos that pretend to offer cracked software for legitimate video editing tools such as Vegas Pro....
The North Korea-linked threat group Lazarus has been attributed to a new global campaign that exploits the infamous Log4j flaw to deploy three previously undocumented DLang-based malware - NineRAT, DLRAT, and BottomLoader....
Security experts have unmasked a new trick adopted by the GULOADER malware to evade detection by antivirus software. The highly evasive shellcode downloader malware, which typically spreads through emails bearing ZIP archives or links containing a VBScript file, has been found leveraging Vectored Exception Handler (VEH)...
A new variant of DJvu ransomware called Xaro has been observed leveraging malware loader delivered via cracked software for propagation. According to researchers at Cybereason, the new variant is being deployed alongside various commodity loaders and infostealers to infect systems....
The NCSC and Korea's National Intelligence Service (NIS) have issued a joint report to warn organizations about new supply chain attacks that exploit a zero-day flaw in MagicLine4NX software. Codenamed Operation Dream Magic, these attacks are attributed to the North Korea-based Lazarus threat group....
Just read @pluralistic 's blog post about the difficulty that @2600 is having, both with its publication and producing the #HOPE con. This is tragic - I've never attended HOPE, but I've seen many videos and read so many recaps and articles inspired by it. Support 2600 today!
@LinuxAzur On vide le local de la salle informatique du village, suite à 'réaffections des locaux' par la mairie du Bar-Sur-Loup sans proposition d'autre lieu... RIP les RAL-du-BSL https://ral-bsl.linux-azur.org/
On aura tenu de nombreuses sessions ateliers #logiciel_libre et #linux pendant pas mal d'années...
Du matos à récupérer, faîtes passer le message!
@LinuxAzur
Cet après-midi, nous avons été accueilli dans les locaux du #SHL (Sophia #hack Lab - prononcez "Shell") pour l'Assemblée Générale de #LinuxAzur
Chouettes locaux, des morceaux de vie dans tous les coins!
Et l'énergie de Paul fait du bien dans la morosité ambiante!!
J'y ai également déposé tout ce qui restait de la #RAL-BSL...
J'ai bon espoir qu'ils serviront encore!
Merci à ceux qui ont partagé, la salle est vide maintenant, plus qu'à archiver le blog... RIP!
How to hack a social media account (Phishing method)
In today's interconnected world, social media has become an integral part of our daily lives. From sharing updates with friends to networking with professionals, these platforms offer a myriad of opportunities. However, with great convenience comes great risk, as hackers continually evolve their tactics to compromise user...
Royal Ransomware Rebrands as BlackSuit - Warn FBI and CISA
The cybersecurity landscape is continuously evolving, with threat actors often changing tactics and branding to evade detection and expand their operations. A recent development in this arena involves the Royal ransomware gang. According to a joint advisory from the CISA and the FBI, this group has rebranded itself to BlackSuit....
Researchers Uncover Info-Stealing Campaign Targeting Gaming Community
A report by Sekoia.io has shed light on a targeted campaign against the gaming community that leverages Discord channels and fake download sites to distribute information-stealing malware. The incident came to light after the cloud gaming company Shadow warned its users that their data was compromised....
Greater Paris wastewater agency dealing with cyberattack
The organization that manages wastewater for nine million people in and around Paris was hit with a cyberattack on Friday....
8Base Group Found Deploying a New Phobos Ransomware Variant
The attackers behind 8Base ransomware have updated their arsenal with a new variant of the Phobos ransomware and other publicly available tools to conduct financially motivated attacks. The new finding comes from Cisco Talos researchers after a spike in 8Base ransomware activity was observed between May and June....
CISA Warns Against New Androxgh0st Malware Attacks
Organizations across the globe have been warned against a new campaign leveraging Androxgh0st malware that steals credentials from various high-profile applications such as AWS, Microsoft 365, Twilio, and SendGrid....
Remcos Rat Propagates via Webhards
The AhnLab Security Intelligence Center (ASEC) discovered that the Remcos RAT malware is being distributed disguised as adult games through webhards in South Korea. The RAT, originally marketed as a legitimate remote administration tool, has evolved into a powerful weapon used by threat actors for unauthorized remote control,...
Windows SmartScreen Bug Abused to Deploy Phemedrone Stealer
Trend Micro discovered a new attack campaign exploiting the now-patched security bypass bug (CVE-2023-36035) in Windows SmartScreen to spread a new strain of the Phemedrone Stealer. The malware targets cryptocurrency wallets and messaging apps, including Telegram, Steam, and Discord....
Researchers Disclose New Lumma Stealer Campaign Distributed via YouTube
FortiGuard Labs researchers recently encountered a new Lumma Stealer campaign that leverages YouTube channels for propagation. The attackers are strategically compromising YouTube accounts and uploading videos that pretend to offer cracked software for legitimate video editing tools such as Vegas Pro....
Operation Blacksmith: Lazarus Group Exploits Log4j Flaws to Deploy RATs
The North Korea-linked threat group Lazarus has been attributed to a new global campaign that exploits the infamous Log4j flaw to deploy three previously undocumented DLang-based malware - NineRAT, DLRAT, and BottomLoader....
GULOADER Adds New Anti-Analysis Tactic to Arsenal
Security experts have unmasked a new trick adopted by the GULOADER malware to evade detection by antivirus software. The highly evasive shellcode downloader malware, which typically spreads through emails bearing ZIP archives or links containing a VBScript file, has been found leveraging Vectored Exception Handler (VEH)...
DJvu ransomware Latest Variant Xaro Emerges in the Threat Landscape
A new variant of DJvu ransomware called Xaro has been observed leveraging malware loader delivered via cracked software for propagation. According to researchers at Cybereason, the new variant is being deployed alongside various commodity loaders and infostealers to infect systems....
Lazarus Group Exploit MagicLine4NX Flaw to Launch Supply Chain Attacks
The NCSC and Korea's National Intelligence Service (NIS) have issued a joint report to warn organizations about new supply chain attacks that exploit a zero-day flaw in MagicLine4NX software. Codenamed Operation Dream Magic, these attacks are attributed to the North Korea-based Lazarus threat group....