#Cybercrime-Bande "#ScatteredSpider": Vier Verhaftungen in Großbritannien | Security https://www.heise.de/news/Cybercrime-Bande-Scattered-Spider-Vier-Verhaftungen-in-Grossbritannien-10483782.html #Lapsus$ #Ransomware #Malware

#Cybercrime-Bande "#ScatteredSpider": Vier Verhaftungen in Großbritannien | Security https://www.heise.de/news/Cybercrime-Bande-Scattered-Spider-Vier-Verhaftungen-in-Grossbritannien-10483782.html #Lapsus$ #Ransomware #Malware
DoNot APT Hits European Ministry with New LoptikMod Malware https://hackread.com/donot-apt-hits-european-ministry-loptikmod-malware/ #CyberEspionage #Cybersecurity #CyberAttacks #CyberAttack #LoptikMod #Security #Malware #europe #DoNot #APT
Malware Found in Official GravityForms Plugin Indicating Supply Chain Breach
https://patchstack.com/articles/critical-malware-found-in-gravityforms-official-plugin-site/
@X00001 Obviously this is typical of #ClownFlare.
They are happy with #Malware, #Cybercrime and #Terrorism and literal #CSAM on their network as long as they are the ones profiteering from it.
And no, CloudFlare isn't interested in launching a shittier version of #flattr or something.
@X00001 #Nintendo kicking #Switch2 devices off their network for #ToS violations is one thing, and like the #Xbox360 that is justifyable.
Even #Microsoft of all corporations knew that they cannot cross that line, and merely exclude #consoles from #Multiplayer and #Purchases but still allowing people to play their games.
I am not affected and most certainly won't buy a #NSW2 / #SW2 for that reason alone.
Mexiko: Untersuchung wegen mutmaßlicher Schmiergeldzahlung beim Kauf von Pegasus
Beim Kauf der Spionagesoftware Pegasus soll Mexikos Ex-Präsident Enrique Peña Nieto Schmiergeld kassiert haben. Die Staatsanwaltschaft leitet Ermittlungen ein.
@ramsey #PHP has the same issue, abeit server-side...
Both #JavaScript & PHP are nuisances and should've been put down like #ActiveX.
Silverlight, #Shockwave and #FlashPlayer long ago!
But you can spare yourself the trauma and stockholming...
@Crell @alina It's not an ignorant rant.
You may call me an "opinionated asshole" from your point of view, but I sincerely wish I was wrong.
The real cost doesn't come through to #consoomers except as #ReducedLifecycle due to #bloat.
But then again what do I expect from a coward doing the reply & block - combo, because confronting the fact that people got burned out by shit like PHP would mean admitting mistakes, and we can't have that as a fanboy.
AiLock ransomware: What you need to know - The AiLock ransomware gang gives its victims just 72 hours to respond and five days to pa... https://www.fortra.com/blog/ailock-ransomware #ransomware #guestblog #malware
Fake 7-Zip installer exfiltrates Active Directory files.
A #malicious installer disguised as 7-Zip steals critical Active Directory files, including ntds.dit and the SYSTEM hive, by leveraging shadow copies and exfiltrating the data to a remote server. Upon execution, the #malware creates a shadow copy of the system drive to bypass file locks and extract protected files without disrupting system operations.
It then copies ntds.dit, which contains Active Directory user and group data, and SYSTEM, which holds the corresponding encryption keys.
The malware connects to a remote server via SMB using hardcoded credentials. All output is redirected to NUL to minimize traces.
#ANYRUN Sandbox makes it easy to detect these stealthy operations by providing full behavioral visibility, from network exfiltration to credential staging, within a single interactive session.
See analysis session: https://app.any.run/tasks/7f03cd5b-ad02-4b3a-871f-c31ac0f5dc15/?utm_source=mastodon&utm_medium=post&utm_campaign=fake_7zip&utm_term=090725&utm_content=linktoservice
This technique grants the attacker full access to ntds.dit dump, allowing them to extract credentials for Active Directory objects and enables lateral movement techniques such as Pass-the-Hash or Golden Ticket.
Analyze and investigate the latest malware and #phishing threats with #ANYRUN.
#ExploreWithANYRUN
iX-Workshop: Sicherer Betrieb von Windows 11 in Unternehmen
Lernen Sie an praktischen Beispielen, wie Sie Windows 11 Pro und Enterprise in Ihrem Unternehmen sicher und effektiv einsetzen.
Malware warning -- Booking.com / Xworm
This is nasty. You think you've gone to booking dot com, but the "accept cookies" popup downloads Xworm malware to your device and you've been pwned. The bad guys have full control over your device.
#BookingDotCom #Malware 3Xworm
You know someone fucked up #WebDesign when logging out makes your CPU spike to 85% and the fan sound like one's running a #Shitcoin #Mining #Malware (aka. #Cryptojacker) and closing the tab results in 1 GB less RAM and 3 GB less overall cached assets.
sudo sh -c "sync; echo 3 > /proc/sys/vm/drop_caches"'
before, during and after the website has been opened."Cybersecurity researchers have discovered a “critical” security vulnerability on Linux that can give attackers full system access — even on devices using full disk encryption."
New Linux Security Flaw Uses Initramfs to Inject Malware https://www.omgubuntu.co.uk/2025/07/ubuntu-security-initramfs-bypass-encryption
Daily podcast: Johnson Controls, Verizon, Qantas, Aflac, Medicare, Louis Vuitton and politically motivated hackers are all part of the last 2 weeks! Woo.
#News #TechNews #Cybersecurity #DataBreach #Privacy #Ransomware #Malware #podcast
@MxVerda I think #JavaScript is being.runed by the fact that it's being abused for #tracking & #cryptojacking #malware to the point that disabling it is a necessity!
SK Telecom in South Korea had a bad data breach.... and boy, are they getting hit with all kinds of consequences for it, including:
-- a fine for late reporting ($22k USD);
-- an order to send notifications to all customers who were affected (23 million?!);
-- a judgment that they have to waive cancellation fees if dissatisfied customers canceled (and 660,000 canceled just last month alone); and
-- a criminal investigation has been launched into them for not preserving data properly for the regulator's investigation.