nostr:npub1jyc2707wuydkqq7j8fsmpnnyqevnnv6hlua0dum5d9t0kqpptv7s2jzwlp
what's a "flank-speed kill race"?
PyPI malware found last month linked to Lazarus/DPRK: https://www.reversinglabs.com/blog/vmconnect-supply-chain-campaign-continues
DPRK hackers are known to use malicious libraries for their attacks, but have previously been linked to npm only: https://github.blog/2023-07-18-security-alert-social-engineering-campaign-targets-technology-industry-employees/
Rest of the World has published an article showing how the accounts of Chinese dissidents get flooded with spammy adult content every time they post something critical of the regime: https://restofworld.org/2023/chinese-sextortion-scammers-are-flooding-twitter/
Something similar happened last year when Chinese porn spam bots flooded the site in an attempt to mask news of anti-Covid protests in China: https://www.washingtonpost.com/technology/2022/11/27/twitter-china-spam-protests/
GCHQ’s National Cyber Security Centre and international partners share technical details about Infamous Chisel, new malware used to target the Ukrainian military
https://www.ncsc.gov.uk/news/uk-allies-support-ukraine-calling-out-russia-gru-malware-campaign
AhnLab researchers have published a report on Andariel's latest campaigns and operations.
The report covers malware like NukeSped variant Volgmer, Andardoor, AndarLoader, DuarianBeacon, TigerRAT, Black RAT, Goat RAT, and the Troy reverse shell.
That's quite the arsenal.
Wired has published an exposé on Bentley, a Russian national named Maksim Sergeevich Galochkin, who leads a software development team inside the Trickbot cybercrime group: https://www.wired.com/story/trickbot-trickleaks-bentley/
Nisos, which helped Wired with its article, has also published a report showcasing that Trickbot was working with the Russian FSB intelligence agency in some sort of capacity: https://www.nisos.com/research/trickbot-trickleaks-data-analysis/
Smishing Triad group has collected the personal and financial data of more than 108,000 victims
https://www.resecurity.com/blog/article/smishing-triad-targeted-usps-and-us-citizens-for-data-theft
Apparently, Huntress had developed a QakBot vaccine they were using to prevent infections
"Come the end of December 2022, we dropped the number of new Qakbot infection reports down to practically zero."
https://www.huntress.com/blog/qakbot-malware-takedown-and-defending-forward
The Sudo Linux utility has been rewritten in Rust.
https://www.memorysafety.org/blog/sudo-first-stable-release/
Talks from the x33fcon Europe 2023 security conference, which took place at the end of May, are now available on YouTube.
https://www.youtube.com/playlist?list=PL7ZDZo2Xu3332bKrXyCb0VEg52nqmMAcv
InQuest researchers look at the history of Antibot, an open-source tool that started as a GitHub project but is now one of the go-to solutions used to filter bot and authentic traffic on phishing sites and other malware control panels.
https://inquest.net/blog/adversary-on-the-defense-antibot-pw/
Netenrich researchers look at new versions of ADHUBLLKA, a ransomware strain used to target individuals and small businesses with small ransom demands ranging from $800 to $1,600.
https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
An investigation by web developer Travis Brown has found that around 70% of Elon Musk's Twitter followers are likely bot accounts there to just inflate his follower numbers.
Raw data: https://gist.github.com/travisbrown/82de45bccd760032635ebef7bfeb4d83
Article: https://mashable.com/article/elon-musk-x-twitter-follower-data
Security researchers from watchTowr have published a technical analysis and proof-of-concept code for CVE-2023-36844, an RCE in Juniper SRX and EX devices.
https://labs.watchtowr.com/cve-2023-36844-and-friends-rce-in-juniper-firewalls/
Security researchers who attended the Black Hat and DEFCON security conferences in Las Vegas at the start of the month and stayed at the Caesars Palace Hotel and Casino should be aware that cases of Legionnaires' disease had been reported among hotel guests.
Russian hackers have disrupted the services of Poland's national railway system
https://tickernews.co/hackers-bring-down-polands-train-network-in-massive-cyber-attack/
84 arrested in India for running scams call center
Reddit seems to believe 7-Zip's website was hacked
https://old.reddit.com/r/windows/comments/1614g3o/did_7zip_get_hacked_server_distributing_different/
Firefox users may import Chrome extensions now
https://www.ghacks.net/2023/08/23/firefox-users-may-import-chrome-extensions-now/
Newsletter: https://riskybiznews.substack.com/p/winrar-zero-day-hacked-crypto-trader-accounts
Podcast: https://risky.biz/RBNEWS190/
-WinRAR zero-day used to hack stock and crypto traders
-China's Barracuda hacking campaign still going strong
-Brazilian Telegram hacker gets 20 years in prison
-Ransomware gangs prefer night-time attacks
-Venus Protocol invalidates $63m from hacker account
-FBI warns of impeding TraderTraitor laundering attempts
-Data leak at Brazil's largest escort site
-DEA gets scammed
-Tor gets PoW-based anti-DDoS mitigation
