Warum wird #Windows nicht als #Malware deklariert?

New #ResolverRAT #malware targets #pharma and #healthcare orgs worldwide

https://www.bleepingcomputer.com/news/security/new-resolverrat-malware-targets-pharma-and-healthcare-orgs-worldwide/

Slopsquatting

As AI coding assistants invent nonexistent software libraries to download and use, enterprising attackers create and upload libraries with those names&... https://www.schneier.com/blog/archives/2025/04/slopsquatting.html

We’re seeing an increasing volume of blocked queries to the SocGholish-related domain - blackshelter[.]org in the last several days.

Es gibt nichts zu sehen, bitte gehen Sie weiter. #microsoft #keylogger #malware

Last week I posted a thread about a #spam campaign delivering a #ConnectWise client as its payload. As of this morning, the threat actors have changed the payload (https://www.virustotal.com/gui/file/30e1d059262b851a2b432ec856aeba5bb639ba764aa85643703163d62000a2f4) and it appears to try to connect to the address "relay.noscreener[.]info" which resolves to 104.194.145.66.

Embedded in the installer .msi file is a file called system.config, which contains this domain name and a base64-encoded string.

The fake Social Security website is still being hosted on a compromised site that belongs to a temp agency based on the east coast of the US.

Previous thread:

https://infosec.exchange/@threatresearch/114315246724920453

#VXUnderground has posted a "best of" page with their favorite papers. I think some of these should be required reading for red teamers, malware researchers, or vulnerability researchers. Thoughts?
https://vx-underground.org/Best%20Of
#redteam #malware #malware_research #vulnerability

Would anyone be willing to give me some Wordpress advice? A guy *claiming* to be from Bluehost just called and said my hosted site has malware, then offered me $360/yr protection plan. Refused to say anything about where malware was located or how to fix. Jerk. Bluehost is too expensive already and I'm toying with just pulling the plug on my site altogether (it's not very popular), or maybe porting it over to the $4/month (?) version at wordpress.com. I'd be grateful for any tips on removing malware, finding cheaper host, and whether terminating a blog makes sense. #wordpress #malware #hosting #blog

https://www.theregister.com/AMP/2025/04/12/ai_code_suggestions_sabotage_supply_chain/

create a malicious software package under a hallucinated package name and then upload the bad package…when an #AIcodeassistant re-hallucinates the co-opted name, the process of installing dependencies and executing the code will run the #malware…

…a form of typosquatting, where variations or misspellings of common terms are used to dupe people. Seth Michael Larson, #Python Software Foundation, has dubbed it #slopsquatting – "slop" being a common pejorative for AI output

#Ransomware: Verschlüsselung ist out, es lebe der Datenklau - inside-it[.]ch https://www.inside-it.ch/ransomware-verschluesselung-ist-out%252C-es-lebe-der-datenklau-20250213 #Malware

Security-Firma hackt #Ransomware-Bande - inside-it[.]ch https://www.inside-it.ch/security-firma-hackt-ransomware-bande-20250331 #Malware

Verkehrsbetriebe Baden-Wettingen mit #Ransomware attackiert - inside-it[.]ch https://www.inside-it.ch/verkehrsbetriebe-baden-wettingen-mit-ransomware-attackiert-20250403 #RansomwarePlay #Play #Malware

Wie Security-Forscher die Nadel im Heuhaufen finden - inside-it[.]ch https://www.inside-it.ch/wie-security-forscher-die-nadel-im-heuhaufen-finden-20250403 #Malware #Ransomware

Haha nice

#LLM #CyberPunk #Malware

https://bsky.app/profile/thomasfuchs.at/post/3lmnqvt35bk2z

Update: source → https://wandering.shop/@janellecshane/114327654973832756

■ Activan las alarmas por la nueva estafa bancaria que llega por el móvil y tiene a los españoles en su punto de mira ■ Se trata de un troyano para Android.
https://www.huffingtonpost.es/life/consumo/activan-alarmas-nueva-estafa-bancaria-llega-movil-espanoles-punto-mirabr.html?int=MASTODON_WORLD

Gericht nennt Details zu Angriffen auf 1223 #WhatsApp-User mit #Pegasus-Spyware | heise online https://www.heise.de/news/Gericht-nennt-Details-zu-Angriffen-auf-1223-WhatsApp-User-mit-Pegasus-Spyware-10348270.html #Malware #spyware #NSO #NSOgroup #Überwachung #surveillance #Hacking #CyberCrime

Im Visier von Europol: Operation Endgame führt zu weiteren Verhaftungen
#ITSicherheit #Malware #Botnetze #Cybercrime #DropperMalware #europol #OperationEndgame #RansomwareInfrastruktur https://sc.tarnkappe.info/6f90b6

Gericht nennt Details zu Angriffen auf 1223 WhatsApp-User mit Pegasus-Spyware

Ein Gerichtsdokument verrät Standorte der Opfer, für die Angriffe genutzte Server und die Herkunft der Angriffe mit der Pegasus-Spyware auf eine WhatsApp-Lücke.

https://www.heise.de/news/Gericht-nennt-Details-zu-Angriffen-auf-1223-WhatsApp-User-mit-Pegasus-Spyware-10348270.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

Police detains #Smokeloader #malware customers, seizes servers

https://www.bleepingcomputer.com/news/security/police-detains-smokeloader-malware-customers-seizes-servers/

Fake #Microsoft #Office add-in tools push #malware via #SourceForge

https://www.bleepingcomputer.com/news/security/fake-microsoft-office-add-in-tools-push-malware-via-sourceforge/