🐍 A nasty Python package continues a trend of targeting developers
➥ The Record
「 The target machine runs an application allowing the Discord bot “to secretly capture a photo using the webcam,” Checkmarx says. “The resulting image is then sent back to the Discord channel, without leaving any evidence of its presence after deleting the downloaded files.” 」
Malware: Mehr als 600 Millionen Downloads 2023 in Google Play
Kaspersky hat in diesem Jahr bereits mehr als 600 Millionen Malware-Downloads aus dem Google-Play-Store gezählt. Der bleibt aber sicherste Paketquelle.
Yesterday, The Guardian reported that UK’s most hazardous nuclear site, Sellafield, has been hacked into by cyber groups closely linked to Russia and China.
But the British govt says that's not the case:
“Our monitoring systems are robust and we have a high degree of confidence that no such malware exists on our system,” Reuters quoted the government as saying.
“This was confirmed to the Guardian well in advance of publication, along with rebuttals to a number of other inaccuracies in their reporting,” the government added.
🔍 Beginner-Friendly Reverse Engineering Training – Starts February 10th!
In the week of February 10-17, I'll give a remote, beginner-friendly reverse engineering course in cooperation with @ringzer0 This online class is a comprehensive journey into binary program analysis, starting from the absolute basics of reverse engineering, progressing through data type reconstruction, and extending to C++ reverse engineering, malware analysis, and automation techniques.
Key Learning Objectives:
🚀 From Basics to Advanced: Learn reversing from scratch and understand the layers between machine code and high-level languages.
🛠️ Tool Mastery: Become proficient in using IDA, Ghidra, and GDB.
🧩 Code/Data Reconstruction: Learn to reconstruct complex code and data structures from machine code, up to reconstructing C++ class hierarchies.
🕵️ Malware Analysis: Gain strategies for analyzing complex binaries, such as nation-state malware samples.
✋ Hands-On Experience: Practical sessions to strengthen your reverse engineering skills.
Who Should Attend?
Ideal for cybersecurity experts, malware analysts, and forensic specialists looking to delve into reverse engineering and low-level program analysis.
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #46/2023 is out! It includes the following and much more:
➝ 🔓 🇯🇵 #Toyota confirms breach after Medusa #ransomware threatens to leak data
➝ 🇺🇸 😂 Ransomware gang files #SEC complaint over victim’s undisclosed #breach
➝ 🔓 🪶 Attackers claim Plume Design, Inc data breach
➝ 🇺🇸 💰 #ICBC paid ransom after hack that disrupted markets, #cybercriminals say
➝ 🔓 #Dragos Says No Evidence of Breach After Ransomware Gang Claims Hack via Third Party
➝ 🔓 ✈️ Hackers swipe Booking.com, damage from attack is global
➝ 🇷🇺 🇺🇦 Russian #CyberEspionage Group Deploys #LitterDrifter USB #Worm in Targeted Attacks
➝ 🇮🇱 🇺🇸 Israeli Man Who Made $5M From Hacking Scheme Sentenced to Prison in US
➝ 🇫🇮 ⚖️ Alleged Extortioner of Psychotherapy Patients Faces Trial
➝ 🇺🇸 💸 #LockBit ransomware exploits #CitrixBleed in attacks, 10K servers exposed
➝ 🇺🇸 ⚖️ #IPStorm botnet with 23,000 proxies for malicious traffic dismantled
➝ 👶🏻 🧨 Teens with “digital bazookas” are winning the ransomware war, researcher laments
➝ 💸 #Ethereum feature abused to steal $60 million from 99K victims
➝ 🇩🇰 🇷🇺 #Denmark Hit With Largest #Cyberattack on Record
➝ 🇨🇳 🇰🇭 Chinese Hackers Launch Covert #Espionage Attacks on 24 Cambodian Organizations
➝ 🇲🇾 Major Phishing-as-a-Service Syndicate '#BulletProofLink' Dismantled by Malaysian Authorities
➝ 🇪🇺 🥳 EU Parliament committee rejects mass scanning of private and encrypted communications
➝ 🩹 #ICS Patch Tuesday: 90 Vulnerabilities Addressed by Siemens and Schneider Electric
➝ 🦠 🐍 27 Malicious #PyPI Packages with Thousands of Downloads Found Targeting IT Experts
🇻🇳 🇮🇳 Vietnamese Hackers Using New #Delphi-Powered #Malware to Target Indian Marketers
➝ 🔐 #Google Adds #Passkey Support to New Titan Security Key
➝ 🐛 Zero-Day Flaw in #Zimbra Email Software Exploited by Four Hacker Groups
➝ 🩹 #SAP Patches Critical Vulnerability in Business One Product
➝ 🐛 New #Reptar CPU flaw impacts Intel desktop and server systems
➝ 🐛 New #CacheWarp AMD #CPU attack lets hackers gain root in Linux VMs
📚 This week's recommended reading is: "Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World" by @marcusjcarey and Jennifer Jin
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
As malvertising continues to rise, increasingly delivering #malware and redirecting users to #phishing websites, more and more websites plead with visitors to disable their adblockers. Even Google has responded harshly to adblockers across its platforms...
Should you always disable your adblocker when asked? I don't think you should - targeted ads have shown to be quite the security risk on top of being invasive to your #privacy.
NEW: More cheap Android TV streaming devices with backdoors to China have been found. It's estimated 200 types of Android devices may have been impacted.
Human Security has unpicked the web of fraud attached to the devices. The boxes were running ad fraud, residential proxy services, creating fake Gmail and WhatsApp; and remote code installation. On top of this there was a linked ad fraud scheme impacting 39 apps on Android and iOS
Außergewöhnliche Malware nimmt westeuropäische Telkos ins Visier
Lua Dream ist ein mittels Lua modular aufgebauter Schädling, der es auf Telekommunikationsunternehmen abgesehen hat – und wahrscheinlich aus Asien stammt.
A couple weeks back we noticed an uptick of incidents from trojanized Advanced IP Installer's delivered due to #malvertising. We tied it back to a group who were formerly a #darkside#ransomware affiliate according to Mandiant.
You may remember articles circulating about Bing's AI providing malvertising links. This is from the same campaign.
🚨 New Threat Alert! BunnyLoader, the latest #malware-as-a-service, is up for sale in the dark web. It can steal your data, replace your #cryptocurrency addresses, and more.
If you’re new to The Spamhaus Project, check out our bio above 🔝
Ultimately, we’re here to build a community. A community of like-minded individuals, who want to make the internet a safer place. On Mastodon, we’ll be sharing latest threat intelligence from our researchers and threat hunters, and we’d like to invite you to do the same….
Earlier this month, we launched our Threat Intel Community, giving anyone the ability to submit malicious domains, IPs, email source codes, or URLs to Spamhaus through our user-friendly portal.
Vulnerable Arm GPU drivers under active exploitation. Patches may not be available
'Devices believed to use the affected chips include the Google Pixel 7, Samsung S20 and S21, Motorola Edge 40, OnePlus Nord 2, Asus ROG Phone 6, Redmi Note 11, 12, Honor 70 Pro, RealMe GT, Xiaomi 12 Pro, Oppo Find X5 Pro, and Reno 8 Pro and some phones from Mediatek'
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #38/2023 is out! It includes the following and much more:
➝ 🔓 ❌ TransUnion Denies #Breach After Hacker Publishes Allegedly Stolen Data
➝ 🔓 ⚖️ Hackers breached International Criminal Court’s systems last week
➝ 🔓 🤖 #Microsoft#AI researchers accidentally exposed terabytes of internal sensitive data
➝ 🦠 💸 #BlackCat#ransomware hits #Azure Storage with #Sphynx encryptor
➝ 🇮🇷 🇮🇱 Iranian Nation-State Actor OilRig Targets Israeli Organizations
➝ 🇮🇳 #India's biggest tech centers named as #cybercrime hotspots
➝ 🇫🇮 💊 Finnish Authorities Dismantle Notorious #PIILOPUOTI Dark Web Drug Marketplace
➝ 🇨🇦 🇷🇺 Canadian Government Targeted With #DDoS Attacks by Pro-#Russia Group
➝ 🇨🇳 🇺🇸 #China Accuses U.S. of Decade-Long #Cyberespionage Campaign Against #Huawei Servers
➝ 🇺🇸 🇨🇳 China's Malicious Cyber Activity Informing War Preparations, #Pentagon Says
➝ 🇨🇳 🦠 New #SprySOCKS Linux #malware used in cyber espionage attacks
➝ 🇬🇧 🔐 UK Minister Warns #Meta Over End-to-End Encryption
➝ 🇺🇸 🇷🇺 One of the #FBI’s most wanted hackers is trolling the U.S. government
➝ 🦠 🥸 Fake #WinRAR proof-of-concept exploit drops #VenomRAT malware
➝ 🦠 📈 #P2PInfect botnet activity surges 600x with stealthier malware variants
➝ 🦠 📡 Hackers backdoor #telecom providers with new HTTPSnoop malware
➝ 🦠 🐝 #Bumblebee malware returns in new attacks abusing #WebDAV folders
➝ 🔐 #GitHub launches #passkey support into general availability
➝ ☑️ 🐧 Free Download Manager releases script to check for #Linux malware
➝ 💬 🔐 #Signal adds quantum-resistant encryption to its #E2EE messaging protocol
➝ 🍏 🔐 #iOS 17 includes these new security and #privacy features
➝ 🩹 High-Severity Flaws Uncovered in #Atlassian Products and ISC BIND Server
➝ 🩹 😡 Incomplete disclosures by #Apple and #Google create “huge blindspot” for 0-day hunters
➝ 🍏 🩹 Apple emergency updates fix 3 new zero-days exploited in attacks
➝ 🩹 #TrendMicro fixes #endpoint protection zero-day used in attacks
➝ 🩹 #Fortinet Patches High-Severity #Vulnerabilities in FortiOS, FortiProxy, FortiWeb Products
➝ 🔓 Nearly 12,000 #Juniper#Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability
📚 This week's recommended reading is: "Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It" by Marc Goodman
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️