Free Republic

I cleaned my computer cache (IE files; Internet "history"; and CC cleaner). I then went online to Walmart link. Then my computer screen had the dreaded pseudo Microsoft warning: "You have malware; call our number..." There were several flashing banners, etc. I shut the computer down; rebooted; cleaned cache; etc. I didn't get the scam from the Walmart website, did I? Microsoft's website says this is a common scam currently, and my Malwarebytes didn't catch it. Neither did AVG. Did this piggyback something? Is it a time release program? I was on Zillow, Freerepublic, 3 gun forums, etc. thnx

TEMU app software has the full array of characteristics of the most aggressive forms of malware/spyware. The app has hidden functions that allow for extensive data exfiltration unbeknown to users, potentially giving bad actors full access to almost all data on customers’ mobile devices. It is evident that great efforts were taken to intentionally hide the malicious intent and intrusiveness of the software. We engaged numerous independent data security experts to decompile and analyze TEMU app’s code, integrated with experts of our own staff, and analysts who have written independently in the public domain. Contributing to the danger of mass...

"They do not know the full extent of the code’s presence in networks around the world". The fact that China was able to do this is catastrophic. We’re losing any pre-war prep to China which means that it’s likely to move more aggressively. A balance of power is the best way to avert a war and that depends on us keeping up our end. The Biden administration has failed grotesquely at that. Biden’s latest decision to pick a “historic” Navy Chief of Naval Operations instead of the one readiest to take on China just plays into that. But the national...

As if you didn’t have enough to worry about. Who will bring down America’s power grid first? Joe Biden or Vladimir Putin? Biden has a head start, to be sure. But some Russian hackers have reportedly cooked up some new malware designed specifically to target electrical grids and cause disruptions. The new threat was discovered by Mandiant, a cyber threat intelligence specialist firm. They believe that this new malware system “poses a plausible threat” to the operational technology behind various electrical grid assets. (Security Week)Mandiant on Thursday detailed a new piece of malware that appears to be linked to Russia...

The FBI is warning consumers about “juice jacking,” where bad actors use public chargers to infect phones and devices with malware. The law enforcement agency says consumers should avoid using public chargers at malls and airports, and stick to their own USB cables and charging plugs.

Linux is undoubtedly the best open-source operating system, and is arguably the most secure OS by design. Most computers these days are Linux-based. Android OS, which is the most commonly used mobile operating system, is also Linux-based. The same goes for Chromebooks and a variety of tablets. As amazing as Linux is, the chances of it getting compromised are also increasing due to its growing popularity. Although many tech enthusiasts believe that Linux is immune to viruses and malware, and doesn't require any anti-malware or anti-virus solutions, this isn't entirely true. What you need to understand is that no operating...

A standalone Command and Control (C2) server called “Alchimist” was recently discovered by Cisco Talos. The framework has been designed to run attacks via standalone GoLang-based executables that can be distributed easily. The framework found by Talos contains both the whole web user interface and the payloads.GoLang-written frameworkGo programming language, also known as GoLang, becomes increasingly popular for developers looking to compile their code on multiple different systems and architecture. As an example, we recently wrote about the Sliver offensive framework, fully written in Go. It is therefore no wonder that more cybercriminals are also adopting it.Alchimist, whose name has...

Meta's researchers have discovered more than 400 malicious Android and Apple apps designed to steal personal Facebook logins. The applications are disguised as games, photo editors, and health and lifestyle services. Often, app users are asked to log in with their Facebook, which enables hackers to steal logins and passwords.

Watch out: someone is spreading cryptocurrency-mining malware disguised as legitimate-looking applications, such as Google Translate, on free software download sites and through Google searches. The cryptomining Trojan, known as Nitrokod, is typically disguised as a clean Windows app and works as the user expects for days or weeks before its hidden Monero-crafting code is executed. It's said that the Turkish-speaking group behind Nitrokod – which has been active since 2019 and was detected by Check Point Research threat hunters at the end of July – may already have infected thousands of systems in 11 countries. What's interesting is that the...

Most of the time, users can choose to delete the...these new malicious apps trick victims into installing them, only to change their name and icons and even take some extra steps to conceal their presence on the device. Users can still delete them at will, the developers make it more difficult to find them on the affected devices. The 'GPS Locations Maps' app makes it difficult for users to find and uninstall it by changing its icon. Also, on some devices, a few malicious apps even request permission to bypass the battery optimization feature and start foreground services notifications to...

A newly uncovered form of Linux malware creates a backdoor into infected machines and servers, allowing cyber criminals to secretly steal sensitive information while also maintaining persistence on the network. Detailed by cybersecurity researchers at Intezer, the previously undetected malware has been called Orbit after filenames it used to temporarily store the output of executed commands. Linux is a popular operating system for servers and cloud infrastructure, which makes it a tempting target for cyber criminals. Orbit malware provides cyber criminals with remote access to Linux systems, allowing them to steal usernames and passwords and log TTY commands – the...

Your router is a crucial part of your home’s connection. It’s the primary way the internet gets into your house, and it sends out the Wi-Fi signal that connects all your wireless devices. Has it been years since you updated your router? We put together a quick quiz to help you choose the perfect model for your home and needs. This is a must if your connection is spotty and your router isn’t equipped with the latest security standards. Tap or click here to take our router-finder quiz. Even if your firmware is up to date, your router is still...

Apple’s struggles with zero-day attacks on its iOS and macOS platforms are showing no signs of slowing down. For the second time in as many months, Cupertino released iOS, iPadOS and macOS updates to address a critical WebKit security defect (CVE-2022-22620) that exposes Apple devices to remote code execution attacks. “Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited,” the company said in a barebones advisory. As is customary, Apple did not provide details on the scope of the attack, the platform being targeted,...

Research published earlier this week shows that a nasty Android banking malware has evolved, bringing with it a number of alarming new features—including the ability to factory reset your device after stealing your money. The malware in question is called BRATA, short for “Brazilian Remote Access Tool Android.” As you might expect from its name, it originally popped up in Brazil several years ago but has since spread to many other parts of the globe. Researchers with security firm Cleafy wrote this week that the newest version of the malware, first spotted in December, has a number of additional features...

Mobile Attacker’s Mindset Series – Part II Evaluating how attackers operate when there are no rules leads to discoveries of advanced detection and response mechanisms. ZecOps is proudly researching scenarios of attacks and sharing the information publicly for the benefit of all the mobile defenders out there. iOs persistence is presumed to be the hardest bug to find. The attack surface is somewhat limited and constantly analyzed by Apple’s security teams. Creativity is a key element of the hacker’s mindset. Persistence can be hard if the attackers play by the rules. As you may have guessed it already – attackers...

Ever since the introduction of Windows Vista in early 2007, Microsoft has enforced the rule that Windows drivers must carry digital signatures by default. Any software that runs in kernel mode, in fact, has to be signed by the company. This is a security measure that should prevent malicious software from digging its claws in too deep. However, what happens when Microsoft gives its blessing to a rootkit? That's what happened a few months ago and was just now discovered thanks to G DATA Software security analyst Karsten Hahn. Initially, the company received a false-positive alert from a driver that...

Microsoft has issued an alert over a remote access tool (RAT) dubbed RevengeRAT that it says has been used to target aerospace and travel sectors with spear-phishing emails. RevengeRAT, also known as AsyncRAT, is being distributed via carefully crafted email messages that prompt employees to open a file masquerading as an Adobe PDF file attachment that in fact downloads a malicious visual basic (VB) file. Security firm Morphisec recently flagged the two RATs as part of a sophisticated Crypter-as-a-Service that delivers multiple RAT families.SEE: Network security policy (TechRepublic Premium)According to Microsoft, the phishing emails distribute a loader that then delivers...

Chinese security outfit Qihoo 360 Netlab on Wednesday said it has identified Linux backdoor malware that has remained undetected for a number of years.The firm said its bot monitoring system spotted on March 25 a suspicious ELF program that interacted with four command-and-control (C2) domains over the TCP HTTPS port 443 even though the protocol used isn't actually TLS/SSL."A close look at the sample revealed it to be a backdoor targeting Linux X64 systems, a family that has been around for at least three years," Netlab researchers Alex Turing and Hui Wang said in an advisory.An MD5 signature for the...

WikiLeaks continued its ongoing release of documents from the CIA Friday with a collection of files detailing the agency’s ability to obscure its activities and make it difficult for investigators to attribute the origins of attacks and hacking.The latest release from what WikiLeaks calls Vault 7 is titled “ Marble ” and contains documentation of files that are purportedly part of the CIA Core Library of malware code. WikiLeaks describes Marble as part of the CIA’s “anti-forensics approach.” The name “Marble” refers to a specific algorithm that scrambles and unscrambles data.Marble is one of the more technical releases that WikiLeaks...

In 2010, the U.S. Department of Defense found thousands of its computer servers sending military network data to China — the result of code hidden in chips that handled the machines’ startup process. In 2014, Intel Corp. discovered that an elite Chinese hacking group breached its network through a single server that downloaded malware from a supplier’s update site. And in 2015, the Federal Bureau of Investigation warned multiple companies that Chinese operatives had concealed an extra chip loaded with backdoor code in one manufacturer's servers.