Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://cyberplace.social/@GossiTheDog" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GossiTheDog</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> it merely prevents <a href="https://infosec.space/tags/Screenshots" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Screenshots</span></a> by claiming it's <a href="https://infosec.space/tags/DRM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DRM</span></a>'d content.</p><ul><li><p>It's a mere <em>ask</em> and <a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> could specifically close that <a href="https://infosec.space/tags/API" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>API</span></a> and make it subject to contractual agreements (as they did with their <a href="https://infosec.space/tags/Antivirus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Antivirus</span></a> API calls to disable <a href="https://infosec.space/tags/WindowsDefender" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WindowsDefender</span></a>!) if they decide this is against their wishes.</p></li><li><p>It also doesn't prevent the <a href="https://infosec.space/tags/Keylogger" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Keylogger</span></a> nor works against the <a href="http://github.com/kkarhan/windows-ca-backdoor-fix" rel="nofollow noopener" target="_blank">known</a> <a href="https://infosec.space/tags/CryptoAPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CryptoAPI</span></a> <a href="https://infosec.space/tags/backdoor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backdoor</span></a> affecting all <a href="https://infosec.space/tags/Browsers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Browsers</span></a> (except <a href="https://infosec.space/tags/Firefox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Firefox</span></a> and <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/TorBrowser" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TorBrowser</span></a>) which can be triggered by a single <a href="https://infosec.space/tags/HTTPS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HTTPS</span></a> request.</p></li></ul><p>The correct solution for <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> would be to alert all their users and specifically block <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> in general or at least <a href="https://infosec.space/tags/Windows11" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows11</span></a> simply because it is a <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> and <em>empirically cannot be made private or secure</em>.</p><p>But that would require them to actually give a shit, which thed don't, cuz otherwise they would've stopped demanding <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> like a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumber</span></a> and moved out of juristiction of <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a>.</p><ul><li>I mean, what's gonna prevent the <a href="https://infosec.space/tags/Trump" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Trump</span></a>-Regime from threatening <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Mer__edith</span></a></span> et. al. with lifetime in jail for not kicking the <a href="https://infosec.space/tags/ICC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ICC</span></a> (or anyone else he and his fans dislike) from <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a>'s infrastructure?</li></ul><p>Since they are highly centralized.they certainly <em>are capable</em> to comply with <em>"<a href="https://infosec.space/tags/Sanctions" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sanctions</span></a>"</em> (or whatever bs he'll claim!)...</p>
shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.
Administered by:
Server stats:
267active users
shakedown.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#keylogger
0 posts · 0 participants · 0 posts today
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> Personally, I think warning people against using <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> - espechally <a href="https://infosec.space/tags/Windows11" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows11</span></a> - at all would be more effective.</p><p><a href="https://infosec.space/tags/Espechally" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Espechally</span></a> since that <a href="https://infosec.space/tags/DRM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DRM</span></a> <a href="https://infosec.space/tags/hack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hack</span></a> is an <em><a href="https://infosec.space/tags/ask" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ask</span></a></em> and doesn't undo the <a href="https://infosec.space/tags/Keylogger" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Keylogger</span></a> that <a href="https://infosec.space/tags/MicrosoftRecall" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MicrosoftRecall</span></a> includes! </p><p>But hey, feel free to shill <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliterates</span></a> a false sense of <a href="https://infosec.space/tags/PseudoSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PseudoSecurity</span></a> instead of making your <a href="https://infosec.space/tags/App" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>App</span></a> actually secure!</p>
not Evander Sinque<p>Es gibt nichts zu sehen, bitte gehen Sie weiter. <a href="https://mastodon.social/tags/microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>microsoft</span></a> <a href="https://mastodon.social/tags/keylogger" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keylogger</span></a> <a href="https://mastodon.social/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a></p>
Dissent Doe :cupofcoffee:<p>Today's reminder of the insider threat involves a pharmacist in Maryland who over a period of 8 years or more, used keyloggers and installed spyware on about 400 computers at the University of Maryland Medical System so he could spy on female co-workers in private moments at work (such as changing clothes, breastfeeding their babies), and in their homes. He was reportedly fired in October 2024, and was able to get another job in another healthcare facility in Maryland because there has been no criminal charges filed against him yet and UMMS apparently didn't alert his new employer. </p><p>If Maryland law is like my state's laws, the hospital may be barred legally from revealing what happened if asked for a recommendation by the new employer. And it seems the Maryland state pharmacy board can't just suspend a license unless there's been a conviction, so the failure to have criminal charges filed already seems to have put more potential victims at risk. </p><p>Unsurprisingly, a potential class action lawsuit has already been filed against UMMS with six plaintiffs so far. There are estimates that there are more than 80 victims of the now-former employee. </p><p>Some of the media coverage on the case: <a href="https://thedailyrecord.com/2025/04/04/six-women-sue-umms-claiming-staffer-spied-on-them-after-security-breach/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thedailyrecord.com/2025/04/04/</span><span class="invisible">six-women-sue-umms-claiming-staffer-spied-on-them-after-security-breach/</span></a></p><p><a href="https://infosec.exchange/tags/InsiderThreat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InsiderThreat</span></a> <a href="https://infosec.exchange/tags/keylogger" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keylogger</span></a> <a href="https://infosec.exchange/tags/workplace" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>workplace</span></a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
Brad<p>Social media post I authored for my employer at <a href="https://www.linkedin.com/posts/unit42_malspam-guloader-remcos-ugcPost-7234210583800135680-3F6J/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">linkedin.com/posts/unit42_mals</span><span class="invisible">pam-guloader-remcos-ugcPost-7234210583800135680-3F6J/</span></a> and <a href="https://x.com/Unit42_Intel/status/1828444963001995599" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">x.com/Unit42_Intel/status/1828</span><span class="invisible">444963001995599</span></a></p><p>2024-08-26 (Monday): <a href="https://infosec.exchange/tags/malspam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malspam</span></a> pushing <a href="https://infosec.exchange/tags/GuLoader" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GuLoader</span></a> for <a href="https://infosec.exchange/tags/Remcos" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Remcos</span></a> <a href="https://infosec.exchange/tags/RAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RAT</span></a> (<a href="https://infosec.exchange/tags/RemcosRAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RemcosRAT</span></a>). Steals login credentials and runs <a href="https://infosec.exchange/tags/keylogger" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keylogger</span></a>. Indicators available at <a href="https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2024-08-26-GuLoader-for-Remcos-RAT-IOCs.txt" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/PaloAltoNetworks/Un</span><span class="invisible">it42-timely-threat-intel/blob/main/2024-08-26-GuLoader-for-Remcos-RAT-IOCs.txt</span></a></p><p>A <a href="https://infosec.exchange/tags/pcap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pcap</span></a> of the GuLoader/Remcos RAT infection traffic and the associated <a href="https://infosec.exchange/tags/malspam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malspam</span></a>, <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> and artifacts are available at <a href="https://malware-traffic-analysis.net/2024/08/26/index.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">malware-traffic-analysis.net/2</span><span class="invisible">024/08/26/index.html</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://awscommunity.social/@Quinnypig" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Quinnypig</span></a></span> the sheer fact that <a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> and <a href="https://infosec.space/tags/Windows11" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows11</span></a> ain't banned across the <a href="https://infosec.space/tags/EU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EU</span></a> to this day is an indictment to the <a href="https://infosec.space/tags/TechIlliteracy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliteracy</span></a> of politicans in the <span class="h-card" translate="no"><a href="https://ec.social-network.europa.eu/@EUCommission" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>EUCommission</span></a></span> & <span class="h-card" translate="no"><a href="https://respublicae.eu/@europarl_en" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>europarl_en</span></a></span> despite</p><ul><li><a href="https://infosec.space/tags/PRISM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PRISM</span></a></li><li><a href="https://infosec.space/tags/GoldenKeyBoot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GoldenKeyBoot</span></a> (aka. <a href="https://infosec.space/tags/CensorBoot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CensorBoot</span></a> got owned!)</li><li><a href="https://infosec.space/tags/CryptoAPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CryptoAPI</span></a> <a href="https://infosec.space/tags/backdoors" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backdoors</span></a> <a href="https://github.com/kkarhan/windows-ca-backdoor-fix" rel="nofollow noopener" target="_blank">they refuse to acknowledge or fix at all</a>!</li><li><a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a></li><li>Unwillingness to comply with <a href="https://infosec.space/tags/GDPR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GDPR</span></a> out if the box</li></ul><p>and now</p><ul><li><a href="https://infosec.space/tags/Recall" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Recall</span></a> aka. the worst disguised <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> / <a href="https://infosec.space/tags/Spyware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Spyware</span></a> in existance that allows anyone to <a href="https://github.com/xaitax/TotalRecall" rel="nofollow noopener" target="_blank">simply extract credentials</a> without the need to install a <a href="https://infosec.space/tags/Keylogger" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Keylogger</span></a>, <a href="https://infosec.space/tags/ScreenRecorder" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ScreenRecorder</span></a> and/or commit <a href="https://infosec.space/tags/ProvilegueEscalatiom" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ProvilegueEscalatiom</span></a> successfully <em>at all</em>...</li></ul><p>And since <span class="h-card" translate="no"><a href="https://cyberplace.social/@GossiTheDog" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GossiTheDog</span></a></span> managed to get it running on a system w/o <em>"<a href="https://infosec.space/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a>" acceleration</em> aka. <em>"<a href="https://infosec.space/tags/NPU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NPU</span></a>"</em> it's safe to assume that it'll be perfectly possible to retroactively shove it down everyones' throats without recourse!</p><ul><li>Actually there are options for recourse besides <em>"<a href="https://infosec.space/tags/ThoughtsAndPrayers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThoughtsAndPrayers</span></a>"</em> that regulators like <span class="h-card" translate="no"><a href="https://social.bund.de/@bsi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bsi</span></a></span> would actually take this seriously: </li></ul><p>Like: <em>Stop using <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> and <a href="https://www.youtube.com/watch?v=PkKfV0ATrH4" rel="nofollow noopener" target="_blank">get some help</a> migrating away from it to a good <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> distro!</em></p><p><a href="https://infosec.space/tags/WhatYouAllowIsWhatWillContinue" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WhatYouAllowIsWhatWillContinue</span></a></p>
Linux Magazine<p>Is someone listening in on your typing? Chris Binnie shows you how acoustic keyloggers work <a href="https://www.linux-magazine.com/Issues/2024/278/Acoustic-Keyloggers" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">linux-magazine.com/Issues/2024</span><span class="invisible">/278/Acoustic-Keyloggers</span></a> <a href="https://fosstodon.org/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://fosstodon.org/tags/keylogger" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keylogger</span></a> <a href="https://fosstodon.org/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://fosstodon.org/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://fosstodon.org/tags/EDR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EDR</span></a> <a href="https://fosstodon.org/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://fosstodon.org/tags/attack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>attack</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload