Free Republic

The Russian-made app, according to a new report from Guardio, has, in recent times, evolved into a thriving center where experienced cybercriminals and beginners can openly share illegal tools and knowledge—a "scammers paradise." As a result, a dark and well-organized supply chain of tools and victims' data has emerged... As the Guardio report clearly demonstrated, there is very little, if anything, secure about Telegram, contrary to popular reports. The paradox lies in Telegram's emphasis on its security and privacy features, despite there being no automatic end-to-end encryption in place; instead, message protection relies on policies rather than technology. Such a...

Every few days the past month, my phone receives a text message from an unknown number, purporting to be Nikki Haley, and telling me to get information on how to support her by clicking a link in the message. YEAH, RIGHT. Of course, it's almost certainly not really from Nikki, it's MALWARE from some cretin looking to scam me. So I hit "Delete and Report Junk". Again, and again, and again.... I'd guess a lot of folks are getting these. BTW, I'm in Upstate NY, registered Independent. Man, I really hate malware scammers. Find 'em and hang 'em.

Beijing, now Moscow.… Who else is hiding in broadband gateways?The US government today said it disrupted a botnet that Russia's GRU military intelligence unit used for phishing expeditions, spying, credential harvesting, and data theft against American and foreign governments and other strategic targets. This latest court-authorized takedown happened in January, and involved neutralizing "well over a thousand" home and small business routers that had been infected with the Moobot malware, which is a Mirai variant, according to FBI Director Christopher Wray, speaking at the Munich Cyber Security Conference on Thursday. Moobot can be used to remote-control compromised devices and launch...

The looming threat of a major cyber attack against the U.S. is becoming more likely after the FBI admitted that Chinese hackers are planning an all-out assault on the country’s power grid and infrastructure. A cyber attack against the United States would not just be devastating for Americans; it would also allow China to take advantage of the ensuing chaos, especially with it being an election year. According to U.S. officials, they have already foiled a state-backed Chinese effort to plant malware to damage civilian infrastructure.

The U.S. Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world’s second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang’s darknet website, and released a decryption tool that hundreds of victim companies can use to recover systems. Meanwhile, BlackCat responded by briefly “unseizing” its darknet site with a message promising 90 percent commissions for affiliates who continue to work with the crime group, and open season on everything from hospitals to nuclear power plants.

Thirty-five years ago today (November 2nd), the Internet Worm program was set loose to propagate on the Internet. Noting that now to the computing public (and cybersecurity professionals, specifically) often generates an "Oh, really?" response akin to stating that November 2nd is the anniversary of the inaugural broadcast of the first BBC TV channel (1936), and the launch of Sputnik 2 with Laika aboard (1957). That is, to many, it is ho-hum, ancient history. Perhaps that is to be expected after 35 years -- approximately the length of a human generation. (As an aside, I have been teaching at Purdue...

I cleaned my computer cache (IE files; Internet "history"; and CC cleaner). I then went online to Walmart link. Then my computer screen had the dreaded pseudo Microsoft warning: "You have malware; call our number..." There were several flashing banners, etc. I shut the computer down; rebooted; cleaned cache; etc. I didn't get the scam from the Walmart website, did I? Microsoft's website says this is a common scam currently, and my Malwarebytes didn't catch it. Neither did AVG. Did this piggyback something? Is it a time release program? I was on Zillow, Freerepublic, 3 gun forums, etc. thnx

TEMU app software has the full array of characteristics of the most aggressive forms of malware/spyware. The app has hidden functions that allow for extensive data exfiltration unbeknown to users, potentially giving bad actors full access to almost all data on customers’ mobile devices. It is evident that great efforts were taken to intentionally hide the malicious intent and intrusiveness of the software. We engaged numerous independent data security experts to decompile and analyze TEMU app’s code, integrated with experts of our own staff, and analysts who have written independently in the public domain. Contributing to the danger of mass...

"They do not know the full extent of the code’s presence in networks around the world". The fact that China was able to do this is catastrophic. We’re losing any pre-war prep to China which means that it’s likely to move more aggressively. A balance of power is the best way to avert a war and that depends on us keeping up our end. The Biden administration has failed grotesquely at that. Biden’s latest decision to pick a “historic” Navy Chief of Naval Operations instead of the one readiest to take on China just plays into that. But the national...

As if you didn’t have enough to worry about. Who will bring down America’s power grid first? Joe Biden or Vladimir Putin? Biden has a head start, to be sure. But some Russian hackers have reportedly cooked up some new malware designed specifically to target electrical grids and cause disruptions. The new threat was discovered by Mandiant, a cyber threat intelligence specialist firm. They believe that this new malware system “poses a plausible threat” to the operational technology behind various electrical grid assets. (Security Week)Mandiant on Thursday detailed a new piece of malware that appears to be linked to Russia...

The FBI is warning consumers about “juice jacking,” where bad actors use public chargers to infect phones and devices with malware. The law enforcement agency says consumers should avoid using public chargers at malls and airports, and stick to their own USB cables and charging plugs.

Linux is undoubtedly the best open-source operating system, and is arguably the most secure OS by design. Most computers these days are Linux-based. Android OS, which is the most commonly used mobile operating system, is also Linux-based. The same goes for Chromebooks and a variety of tablets. As amazing as Linux is, the chances of it getting compromised are also increasing due to its growing popularity. Although many tech enthusiasts believe that Linux is immune to viruses and malware, and doesn't require any anti-malware or anti-virus solutions, this isn't entirely true. What you need to understand is that no operating...

A standalone Command and Control (C2) server called “Alchimist” was recently discovered by Cisco Talos. The framework has been designed to run attacks via standalone GoLang-based executables that can be distributed easily. The framework found by Talos contains both the whole web user interface and the payloads.GoLang-written frameworkGo programming language, also known as GoLang, becomes increasingly popular for developers looking to compile their code on multiple different systems and architecture. As an example, we recently wrote about the Sliver offensive framework, fully written in Go. It is therefore no wonder that more cybercriminals are also adopting it.Alchimist, whose name has...

Meta's researchers have discovered more than 400 malicious Android and Apple apps designed to steal personal Facebook logins. The applications are disguised as games, photo editors, and health and lifestyle services. Often, app users are asked to log in with their Facebook, which enables hackers to steal logins and passwords.

Watch out: someone is spreading cryptocurrency-mining malware disguised as legitimate-looking applications, such as Google Translate, on free software download sites and through Google searches. The cryptomining Trojan, known as Nitrokod, is typically disguised as a clean Windows app and works as the user expects for days or weeks before its hidden Monero-crafting code is executed. It's said that the Turkish-speaking group behind Nitrokod – which has been active since 2019 and was detected by Check Point Research threat hunters at the end of July – may already have infected thousands of systems in 11 countries. What's interesting is that the...

Most of the time, users can choose to delete the...these new malicious apps trick victims into installing them, only to change their name and icons and even take some extra steps to conceal their presence on the device. Users can still delete them at will, the developers make it more difficult to find them on the affected devices. The 'GPS Locations Maps' app makes it difficult for users to find and uninstall it by changing its icon. Also, on some devices, a few malicious apps even request permission to bypass the battery optimization feature and start foreground services notifications to...

A newly uncovered form of Linux malware creates a backdoor into infected machines and servers, allowing cyber criminals to secretly steal sensitive information while also maintaining persistence on the network. Detailed by cybersecurity researchers at Intezer, the previously undetected malware has been called Orbit after filenames it used to temporarily store the output of executed commands. Linux is a popular operating system for servers and cloud infrastructure, which makes it a tempting target for cyber criminals. Orbit malware provides cyber criminals with remote access to Linux systems, allowing them to steal usernames and passwords and log TTY commands – the...

Your router is a crucial part of your home’s connection. It’s the primary way the internet gets into your house, and it sends out the Wi-Fi signal that connects all your wireless devices. Has it been years since you updated your router? We put together a quick quiz to help you choose the perfect model for your home and needs. This is a must if your connection is spotty and your router isn’t equipped with the latest security standards. Tap or click here to take our router-finder quiz. Even if your firmware is up to date, your router is still...

Apple’s struggles with zero-day attacks on its iOS and macOS platforms are showing no signs of slowing down. For the second time in as many months, Cupertino released iOS, iPadOS and macOS updates to address a critical WebKit security defect (CVE-2022-22620) that exposes Apple devices to remote code execution attacks. “Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited,” the company said in a barebones advisory. As is customary, Apple did not provide details on the scope of the attack, the platform being targeted,...

Research published earlier this week shows that a nasty Android banking malware has evolved, bringing with it a number of alarming new features—including the ability to factory reset your device after stealing your money. The malware in question is called BRATA, short for “Brazilian Remote Access Tool Android.” As you might expect from its name, it originally popped up in Brazil several years ago but has since spread to many other parts of the globe. Researchers with security firm Cleafy wrote this week that the newest version of the malware, first spotted in December, has a number of additional features...