Reported 5 malicious #Python packages to #PyPI: numberpy, tqmmd, pandans, openpyexl, reqwestss all by the same user leemay1782.
All with the same "functionality", getting commands via a socket from dzgi0h7on1jhzdg0vknw9pp9309rxjl8.oastify[.]com and executing it.
I don't think I saw the setup.py entry_points being used as a trigger mechanism before?
Mystery malware destroys 600,000 routers from a single ISP during 72-hour span:
An unknown threat actor with equally unknown motives forces ISP to replace routers.
One day last October, subscribers to an ISP known as Windstream began flooding message boards with reports their routers had suddenly stopped working and remained unresponsive to reboots and all other attempts to revive them.
Wow, someone deployed malware in October of 2023 which bricked 600,000 Internet routers -- owned by a SINGLE ISP.
"over 600,000 small office/home office (SOHO) routers were taken offline belonging to a single internet service provider (ISP). The incident took place over a 72-hour period between October 25-27, rendered the infected devices permanently inoperable, and required a hardware-based replacement."
A new threat actor known as #LilacSquid is using several different pieces of #malware to silently infiltrate networks and steal sensitive data. Read more about this group and the TTPs they share with some North Korean state-sponsored actors https://blog.talosintelligence.com/lilacsquid/
Fast 150.000 Android-Smartphones mit Banking-#Trojaner infiziert
In den vergangenen Monaten wurden einer neuen Untersuchung zufolge mehr als fünf Millionen Android-Smartphones mit #Malware infiziert. Darunter ist auch ein äußerst gefährlicher Banking-Trojaner.
TECHBOOK zeigt, welche betroffenen Apps Sie umgehend löschen sollten.
Attacco agli ATM riuscito! Un Tasso del 99% di Efficacia Spaventa tutte le Banche Europee
Nello spazio #digitale si sta diffondendo attivamente un nuovo tipo di #malware#ATM. Il suo tasso di successo, secondo i suoi autori, raggiunge il 99%.
Questo #software dannoso, chiamato “EU ATM Malware”, è in grado di #hackerare quasi tutti gli sportelli #bancomat in #Europa e circa il 60% degli sportelli bancomat in tutto il mondo, il che rappresenta una #minaccia significativa per la sicurezza bancaria globale..
Un logiciel malveillant distribué via le PlayStore
Les auteurs distribuent le logiciel malveillant Anatsa via le PlayStore en le déguisant en applications telles que des lecteurs de PDF et des scanners de QRcode. Une fois installé, Anatsa télécharge sa charge utile et vole des infos bancaires sensibles à l'aide de superpositions. Anatsa a ciblé des applications bancaires en Europe et s'est étendu aux US, à la Corée et à Singapour.
Hi #oss folks, I need #help with a possible #malware infection in #Firefox on #Linux. After accidentally visiting a spammy website I am getting suspicious and short-lived #popup windows with a grey border in the corner of the screen. Their text seems to always starts with (A). The first one was ostensibly about Norton, this one McAfee. Tough to verify any fix since they only appear once in a while; I did get a photo of one:
LockBit says they stole data in London Drugs ransomware attack
the LockBit ransomware gang claimed they were behind the April cyberattack on Canadian pharmacy chain London Drugs and is now threatening to publish stolen data online after allegedly failed negotiations
Heaven for domestic abuse: a new spywaretool just up for grabs. It's like having Pegasus at home. What could possibly go wrong? Microsoft knows most families share their accounts or at least can easily log into eachothers accounts. They just choose to ignore it.
Windows vulnerability reported by the NSA exploited to install Russian malware
Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years in attacks that targeted a vast array of organizations with a previously undocumented tool, the software maker disclosed
Low severity [#malware incident] A #minecraft mod called "Windows Borderless" on #Modrinth was taken down yesterday. It contained #spyware wich stole credentials from Chrome and Chromium-Based browsers. Only Windows users were affected. The mod was not found in any modpacks and was not uploaded to other platforms. A detection tool can be found in the official blog post. According to @modrinth, ~372 IPs downloaded the mod. https://blog.modrinth.com/p/windows-borderless-malware-disclosure
#Shaarli: WPCode keeps reappearing as a malware after deleting | WordPress.org - Options à insérer dans le fichier wp-config (racine d'une installation de WordPress) pour empêcher la modification des fichiers via l'éditeur interne et désactiver l'ajout d'extensions.
Permission-based systems are bad. See #XUL getting replaced by #WebExtensions for example. It didn't stop #malware from getting into the #browser or the extension store. On the contrary, the malware problem only got worse after the complete replacement of XUL extensions, which is often disparaged as "insecure" because it allowed users to pretty much change how their browser fundamentally works.
Who knew that distrusting your users and not giving them control leads to more malicious software and user #security being broken more often. :seija_coffee:
Premiering now! Had a great conversation with Shannon Morse about my issues reviewing some mini PCs that came pre-loaded with malware. https://www.youtube.com/watch?v=oH2R3o-EbTA
She offers some GREAT tips and tricks for folks interested in keeping their home networks secure and their data safe!
A new malware named 'Cuttlefish' has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information.
Oh, great. Computer security researchers have developed a proof-of-concept for a type of ransomware that would act when you try to upload a file. It would be able to encrypt any files in the folder you uploaded from, and any subfolders of it.
This is a proof-of-concept; the researchers have not seen any such attacks in the wild. But stay careful out there, okay?
Affects Chrome and Edge, but not Firefox or Safari!