shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

268
active users

#malware

15 posts13 participants0 posts today
Replied in thread

@X00001 Obviously this is typical of #ClownFlare.

They are happy with #Malware, #Cybercrime and #Terrorism and literal #CSAM on their network as long as they are the ones profiteering from it.

And no, CloudFlare isn't interested in launching a shittier version of #flattr or something.

  • Personally, I block their #ASN just like their clients and all the "#AI" grifters!
Replied in thread

@X00001 #Nintendo kicking #Switch2 devices off their network for #ToS violations is one thing, and like the #Xbox360 that is justifyable.

  • However remotely #bricking devices is not, as Nintendo does not own these devices legally when they are rightfully sold to a consumer.

Even #Microsoft of all corporations knew that they cannot cross that line, and merely exclude #consoles from #Multiplayer and #Purchases but still allowing people to play their games.

I am not affected and most certainly won't buy a #NSW2 / #SW2 for that reason alone.

Replied in thread

@ramsey #PHP has the same issue, abeit server-side...

  • It too is a shitshow in terms of #security and not really performant to the point that #NSAbook wrote their own cross-compiler to make it go brrr!...

Both #JavaScript & PHP are nuisances and should've been put down like #ActiveX.
Silverlight, #Shockwave and #FlashPlayer long ago!

  • And yes, if you haven't seen PHP being used as #shitcoin #miner and #malware you haven't even tried dealing with it.

But you can spare yourself the trauma and stockholming...

PHP Community on MastodonLarry Garfield (@Crell@phpc.social)@kkarhan@infosec.space @alina@girldick.gay There's a lot more to PHP than Wordpress. Even most PHP devs hate Wordpress. But OK, you just want to rant ignorantly, so I'm not going to bother listening. Good day, and have fun being blocked.
Replied in thread

@Crell @alina It's not an ignorant rant.

  • I've made peace with it, just as I've made peace never touching #Windows ever again.

You may call me an "opinionated asshole" from your point of view, but I sincerely wish I was wrong.

The real cost doesn't come through to #consoomers except as #ReducedLifecycle due to #bloat.

But then again what do I expect from a coward doing the reply & block - combo, because confronting the fact that people got burned out by shit like PHP would mean admitting mistakes, and we can't have that as a fanboy.

🚨 Fake 7-Zip installer exfiltrates Active Directory files.
A #malicious installer disguised as 7-Zip steals critical Active Directory files, including ntds.dit and the SYSTEM hive, by leveraging shadow copies and exfiltrating the data to a remote server.
🥷 Upon execution, the #malware creates a shadow copy of the system drive to bypass file locks and extract protected files without disrupting system operations.

🎯 It then copies ntds.dit, which contains Active Directory user and group data, and SYSTEM, which holds the corresponding encryption keys.

The malware connects to a remote server via SMB using hardcoded credentials. All output is redirected to NUL to minimize traces.

👨‍💻 #ANYRUN Sandbox makes it easy to detect these stealthy operations by providing full behavioral visibility, from network exfiltration to credential staging, within a single interactive session.
🔍 See analysis session: app.any.run/tasks/7f03cd5b-ad0

This technique grants the attacker full access to ntds.dit dump, allowing them to extract credentials for Active Directory objects and enables lateral movement techniques such as Pass-the-Hash or Golden Ticket.

🚀 Analyze and investigate the latest malware and #phishing threats with #ANYRUN.
#ExploreWithANYRUN

Continued thread

You know someone fucked up #WebDesign when logging out makes your CPU spike to 85% and the fan sound like one's running a #Shitcoin #Mining #Malware (aka. #Cryptojacker) and closing the tab results in 1 GB less RAM and 3 GB less overall cached assets.

  • And yes I did check these results by running sudo sh -c "sync; echo 3 > /proc/sys/vm/drop_caches"' before, during and after the website has been opened.

"Cybersecurity researchers have discovered a “critical” security vulnerability on Linux that can give attackers full system access — even on devices using full disk encryption."

New Linux Security Flaw Uses Initramfs to Inject Malware omgubuntu.co.uk/2025/07/ubuntu

OMG! Ubuntu · New Linux Security Flaw Uses Initramfs to Inject MalwareA newly found security flaw in Ubuntu could allow attackers with physical access to bypass full disk encryption. Learn how the attack works.

SK Telecom in South Korea had a bad data breach.... and boy, are they getting hit with all kinds of consequences for it, including:

-- a fine for late reporting ($22k USD);

-- an order to send notifications to all customers who were affected (23 million?!);

-- a judgment that they have to waive cancellation fees if dissatisfied customers canceled (and 660,000 canceled just last month alone); and

-- a criminal investigation has been launched into them for not preserving data properly for the regulator's investigation.