Le Pouls Du Monde

BillWow, loving the CISA malware analysis report. Clear, simple. Hadn't seen those before. Here's one on Resurge.<a href="https://www.cisa.gov/news-events/analysis-reports/ar25-087a" rel="nofollow noopener" translate="no" target="_blank">https://www.cisa.gov/news-events/analysis-reports/ar25-087a</a><a href="https://infosec.exchange/tags/cisa" class="mention hashtag" rel="nofollow noopener" target="_blank">#cisa</a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a>

BillOk, this is fun. A study on malware compiled in (relatively) obscure languages.<a href="https://arxiv.org/abs/2503.19058" rel="nofollow noopener" translate="no" target="_blank">https://arxiv.org/abs/2503.19058</a><a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a> <a href="https://infosec.exchange/tags/programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#programming</a>

Vladimir SavićNo surprise here ...<a href="https://mastodon.social/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Malware</a> is harder to find when written in obscure language <a href="https://www.theregister.com/2025/03/29/malware_obscure_languages/" rel="nofollow noopener" translate="no" target="_blank">https://www.theregister.com/2025/03/29/malware_obscure_languages/</a>P.S. I was under the impression that everything ultimately boils down to assembly, but OK... 😜

defnullYearly reminder that <a href="https://chaos.social/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a> on <a href="https://chaos.social/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#linux</a> can just shutdown <a href="https://chaos.social/tags/ClamAV" class="mention hashtag" rel="nofollow noopener" target="_blank">#ClamAV</a> before downloading payload to avoid real-time detection, and <a href="https://chaos.social/tags/cisco" class="mention hashtag" rel="nofollow noopener" target="_blank">#cisco</a> does not think this is a problem.<a href="https://github.com/Cisco-Talos/clamav/issues/1169" rel="nofollow noopener" translate="no" target="_blank">https://github.com/Cisco-Talos/clamav/issues/1169</a><a href="https://chaos.social/tags/itsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#itsec</a> <a href="https://chaos.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://chaos.social/tags/foss" class="mention hashtag" rel="nofollow noopener" target="_blank">#foss</a>

Un Tornquistense⚠️version preliminar<a href="https://mastodon.world/tags/Seguridad" class="mention hashtag" rel="nofollow noopener" target="_blank">#Seguridad</a> en <a href="https://mastodon.world/tags/internet" class="mention hashtag" rel="nofollow noopener" target="_blank">#internet</a> /en linea — Un tornquistense<a href="https://write.as/un-tornquistense/seguridad-en-internet-en-linea" rel="nofollow noopener" translate="no" target="_blank">https://write.as/un-tornquistense/seguridad-en-internet-en-linea</a>> Hecho por Un Tornquistense ¿Que es? Son las precauciones o medidas que tomamos para protegernos a nosotros y nuestra información personal. Lo podríamos comparar c...Si les gusto retooteenlo por favor🫶<a href="https://mastodon.world/tags/ciberseguridad" class="mention hashtag" rel="nofollow noopener" target="_blank">#ciberseguridad</a> <a href="https://mastodon.world/tags/privacidad" class="mention hashtag" rel="nofollow noopener" target="_blank">#privacidad</a> <a href="https://mastodon.world/tags/seguridadenlinea" class="mention hashtag" rel="nofollow noopener" target="_blank">#seguridadenlinea</a> <a href="https://mastodon.world/tags/virus" class="mention hashtag" rel="nofollow noopener" target="_blank">#virus</a> <a href="https://mastodon.world/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a>

Christoffer S.(cyfirma.com) Konni RAT Analysis: Multi-Stage Attack Process and Evasion Techniques <a href="https://www.cyfirma.com/research/analysis-of-konni-rat-stealth-persistence-and-anti-analysis-techniques/" rel="nofollow noopener" translate="no" target="_blank">https://www.cyfirma.com/research/analysis-of-konni-rat-stealth-persistence-and-anti-analysis-techniques/</a>Executive Summary: This report provides a comprehensive analysis of Konni RAT, a sophisticated remote access Trojan linked to North Korean cyber espionage group APT37. The malware employs a multi-stage attack process involving batch files, PowerShell scripts, and VBScript to exfiltrate sensitive data and maintain persistence. The attack begins with a zip archive containing a malicious LNK file disguised as a document. The malware exploits Windows Explorer limitations to hide malicious commands and uses obfuscation techniques to evade detection. Key capabilities include data exfiltration from user directories, system information gathering, persistence through registry modifications, and communication with command-and-control servers. The report includes detailed technical analysis of the attack stages, from initial infection to data exfiltration, along with indicators of compromise and YARA detection rules.<a href="https://swecyb.com/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cybersecurity</a> <a href="https://swecyb.com/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener" target="_blank">#NorthKorea</a> <a href="https://swecyb.com/tags/APT37" class="mention hashtag" rel="nofollow noopener" target="_blank">#APT37</a> <a href="https://swecyb.com/tags/MalwareAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#MalwareAnalysis</a> <a href="https://swecyb.com/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#ThreatIntel</a> <a href="https://swecyb.com/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Malware</a> <a href="https://swecyb.com/tags/Reversing" class="mention hashtag" rel="nofollow noopener" target="_blank">#Reversing</a>

your auntifa liza 🇵🇷 🦛 🦦it should be obvious by now that anything created by the <a href="https://mastodon.social/tags/techbros" class="mention hashtag" rel="nofollow noopener" target="_blank">#techbros</a> behind this coup needs to be considered <a href="https://mastodon.social/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a><a href="https://www.wired.com/story/doge-rebuild-social-security-administration-cobol-benefits/" rel="nofollow noopener" translate="no" target="_blank">https://www.wired.com/story/doge-rebuild-social-security-administration-cobol-benefits/</a>and that includes the 2-3 years of <a href="https://mastodon.social/tags/Palantir" class="mention hashtag" rel="nofollow noopener" target="_blank">#Palantir</a> having free reign hacking everything related to not just <a href="https://mastodon.social/tags/immigration" class="mention hashtag" rel="nofollow noopener" target="_blank">#immigration</a> but <a href="https://mastodon.social/tags/passports" class="mention hashtag" rel="nofollow noopener" target="_blank">#passports</a> DOGE IS MORE THAN <a href="https://mastodon.social/tags/MALWARE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MALWARE</a> IT’S <a href="https://mastodon.social/tags/RANSOMWARE" class="mention hashtag" rel="nofollow noopener" target="_blank">#RANSOMWARE</a> so who is putting up contingencies to use all the <a href="https://mastodon.social/tags/OpenGOV" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenGOV</a> tools we have had developed the last 20 years, to audit the White House’s acts of digital terrorism?

securityaffairsRussian authorities arrest three suspects behind <a href="https://infosec.exchange/tags/Mamont" class="mention hashtag" rel="nofollow noopener" target="_blank">#Mamont</a> <a href="https://infosec.exchange/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#Android</a> <a href="https://infosec.exchange/tags/banking" class="mention hashtag" rel="nofollow noopener" target="_blank">#banking</a> trojan <a href="https://securityaffairs.com/175935/cyber-crime/russian-authorities-arrest-three-suspects-behind-mamont-android-banking-trojan.html" rel="nofollow noopener" translate="no" target="_blank">https://securityaffairs.com/175935/cyber-crime/russian-authorities-arrest-three-suspects-behind-mamont-android-banking-trojan.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a>

securityaffairsNew <a href="https://infosec.exchange/tags/ReaderUpdate" class="mention hashtag" rel="nofollow noopener" target="_blank">#ReaderUpdate</a> malware variants target <a href="https://infosec.exchange/tags/macOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#macOS</a> users <a href="https://securityaffairs.com/175891/malware/readerupdate-malware-variants-targets-macos.html" rel="nofollow noopener" translate="no" target="_blank">https://securityaffairs.com/175891/malware/readerupdate-malware-variants-targets-macos.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a>

Dino<a href="https://infosec.exchange/@BleepingComputer" class="u-url mention" rel="nofollow noopener" target="_blank">@BleepingComputer</a> Do we think something like this is enough to find if this garbage is present on a Linux system? `sudo find / -iregex '.*ethers-.*` <a href="https://masto.ai/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a> <a href="https://masto.ai/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> <a href="https://masto.ai/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a>

securityaffairs<a href="https://infosec.exchange/tags/BlackLock" class="mention hashtag" rel="nofollow noopener" target="_blank">#BlackLock</a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ransomware</a> Targeted by Cybersecurity Firm <a href="https://securityaffairs.com/175877/cyber-crime/blacklock-ransomware-targeted-by-cybersecurity-firm.html" rel="nofollow noopener" translate="no" target="_blank">https://securityaffairs.com/175877/cyber-crime/blacklock-ransomware-targeted-by-cybersecurity-firm.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a>

The New OilNew <a href="https://mastodon.thenewoil.org/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#Android</a> <a href="https://mastodon.thenewoil.org/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a> uses <a href="https://mastodon.thenewoil.org/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#Microsoft</a>’s .NET <a href="https://mastodon.thenewoil.org/tags/MAUI" class="mention hashtag" rel="nofollow noopener" target="_blank">#MAUI</a> to evade detection<a href="https://www.bleepingcomputer.com/news/security/new-android-malware-uses-microsofts-net-maui-to-evade-detection/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/new-android-malware-uses-microsofts-net-maui-to-evade-detection/</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a>

securityaffairs<a href="https://infosec.exchange/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#Android</a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a> campaigns use .NET MAUI to evade detection <a href="https://securityaffairs.com/175843/cyber-crime/android-malware-uses-net-maui-to-evade-detection.html" rel="nofollow noopener" translate="no" target="_blank">https://securityaffairs.com/175843/cyber-crime/android-malware-uses-net-maui-to-evade-detection.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a>

Avoid the Hack! :donor:Another Monday. Another edition of the Privacy Roundup featuring news items curated with end user <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#privacy</a> and <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> in mind.This edition features:- <a href="https://infosec.exchange/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#Android</a> Apps using <a href="https://infosec.exchange/tags/Bluetooth" class="mention hashtag" rel="nofollow noopener" target="_blank">#Bluetooth</a> and Wi-Fi connection data to estimate and collect user location data - <a href="https://infosec.exchange/tags/Apple" class="mention hashtag" rel="nofollow noopener" target="_blank">#Apple</a> Passwords app used insecure HTTP - Video gamers beware: another game pulled from Steam for being <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a> in disguise - Free online converters adding malware to converted files - Threat actors using <a href="https://infosec.exchange/tags/Reddit" class="mention hashtag" rel="nofollow noopener" target="_blank">#Reddit</a> posts to push information stealing malware, primarily targeting <a href="https://infosec.exchange/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptocurrency</a> traders/enthusiasts - Data breaches at the largest US sperm bank and a large teacher union … and more.<a href="https://infosec.exchange/tags/privacymatters" class="mention hashtag" rel="nofollow noopener" target="_blank">#privacymatters</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/gaming" class="mention hashtag" rel="nofollow noopener" target="_blank">#gaming</a><a href="https://avoidthehack.com/privacy-week12-2025" rel="nofollow noopener" translate="no" target="_blank">https://avoidthehack.com/privacy-week12-2025</a>

Mare PolarisSurprise, suprise, <a href="https://mastodon.social/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a>. Who would have thought uh. <a href="https://www.bleepingcomputer.com/news/security/fbi-warnings-are-true-fake-file-converters-do-push-malware/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/fbi-warnings-are-true-fake-file-converters-do-push-malware/</a>

The New OilPopular <a href="https://mastodon.thenewoil.org/tags/Chrome" class="mention hashtag" rel="nofollow noopener" target="_blank">#Chrome</a> extensions, including ad blockers, got hijacked. Learn how to protect yourself<a href="https://adguard.com/en/blog/popular-chrome-extensions-including-ad-blockers-hijacked.html" rel="nofollow noopener" translate="no" target="_blank">https://adguard.com/en/blog/popular-chrome-extensions-including-ad-blockers-hijacked.html</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://mastodon.thenewoil.org/tags/guide" class="mention hashtag" rel="nofollow noopener" target="_blank">#guide</a> <a href="https://mastodon.thenewoil.org/tags/AdBlocker" class="mention hashtag" rel="nofollow noopener" target="_blank">#AdBlocker</a> <a href="https://mastodon.thenewoil.org/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a>

Recent searches

Search options

Administered by:

Server stats:

#malware