CIRCLE WITH A DOT

@heiseonline Ok, jetzt die Interessante Frage, welches Profil muss man kopieren und wo muss man sich bewerben? Um auf ähnliche Weise zusätzliche Gehälter ohne Arbeit zu bekommen? /s

#Stryker attack wiped tens of thousands of devices, no #malware neededhttps://www.bleepingcomputer.com/news/security/stryker-attack-wiped-tens-of-thousands-of-devices-no-malware-needed/#cybersecurity #healthcare #medical

Command-and-control IPv4 map, 2026-03-04 to 2026-03-17 #Malwarehttps://abjuri5t.github.io/SarlackLab/156.234.56[.]0/23156.234.208[.]0/20156.234.160[.]0/21178.16.52[.]0/22185.213.60[.]0/2323.235.177[.]0/24156.234.67[.]0/24156.234.252[.]0/2223.226.56[.]0/24

New.Kaspersky: Free real estate: GoPix, the banking Trojan living off your memory https://securelist.com/gopix-banking-trojan/119173/ #threatresearch #infosec #malware Also from Kaspersky:How chatting with a bot can lead to tragedy https://www.kaspersky.com/blog/chatbot-wrongful-death-cases/55446/ #chatbots

Boost your skills with today’s cybersecurity playlist: exploits, defenses, and real-world lessons. https://www.youtube.com/playlist?list=PLXqx05yil_mfewDtWRQo8UEBmGnkFzbiq#CyberAwareness #NetworkSecurity #ZeroTrust #ThreatIntelligence #Malware

FBI sucht Opfer infizierter Steam-Spiele für eigene ErmittlungenDas FBI ruft Nutzer von acht bei Steam angebotenen, aber infizierten Games zu Hilfe. Durch ein Formular sollen Spieler die Ermittlungen unterstützen.https://www.heise.de/news/FBI-sucht-Opfer-infizierter-Steam-Spiele-fuer-eigene-Ermittlungen-11211660.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon#Entertainment #FBI #Malware #Security #Spiele #Steam #ValveSoftware #news

Build your own AI Malware Analysis Lab with Remnuxhttps://www.youtube.com/watch?v=YOduz8VIvvw#malware #cybersecurity

New playlist online: from malware analysis to ethical hacking demos. Check it out here https://www.youtube.com/playlist?list=PLXqx05yil_meVZxfweEcJLwzoVmXIwux4#Malware #EthicalHacking #CyberDefense #NetworkSecurity #IncidentResponse

Oh, great. Why do I get the feeling there's more to this intervention?Polygon: The FBI is investigating suspicious (as in malware-infested) games that got pulled from Steam https://www.polygon.com/steam-fbi-investigation-crypto-scam-early-access-playtest-valve/ @polygon Jere's the FBI dedicated Steam page: Seeking Victim Information in Steam Malware Investigation https://www.fbi.gov/how-we-can-help-you/victim-services/seeking-victim-information/seeking-victim-information-in-steam-malware-investigation #infosec #malware #Steam

Announcing a Major Architectural Update to RIFT RIFT has undergone a complete rearchitecture to enhance its modularity, extensibility, and usability. An experimental build has been released on our GitHub repository, while the stable build remains available. The experimental build will continue to receive updates and improvements over time. What is RIFT?RIFT is a valuable tool for reverse engineers, designed to generate on-demand FLIRT signatures for Rust binaries. What's new?️ Three Operation Modes: - File Analysis Mode: Point RIFT directly at a binary. - Direct Generation Mode: Target specific crate versions and compiler combinations. - HTTP API Server Mode: Run RIFT as a service with an async job queue. Modernized Ida Pro Plugin: The Ida Plugin has been rebuilt with server integration, enabling FLIRT signature generation while reversing without needing to leave the window.For more details, visit: https://github.com/microsoft/RIFT#reverseengineering #malware #rift #infosec #opensource #binaryanalysis

YAPA: Analysis of DailyFIle PDF Apphttps://blog.lukeacha.com/2026/03/yapa-analysis-of-dailyfile-pdf-app.htmlShort summary: https://hackerworkspace.com/article/yapa-analysis-of-dailyfile-pdf-app#malware #threatintelligence #vulnerability

AI-assisted #Slopoly #malware powers #Hive0163’s #ransomware campaignshttps://securityaffairs.com/189378/malware/ai-assisted-slopoly-malware-powers-hive0163s-ransomware-campaigns.html#securityaffairs #hacking #AI

RE: https://infosec.exchange/@_r_netsec/116220859869337905Waah, joli boulot.Je me demande qui en est l’auteur.lecture technique très intéressante.Une analyse statique complétée par du monitoring comportementale réseau qui plonge dans les entrailles du ver infostealer macOS injecté dans un plugin VS Code lors de la campagne Glassworm v2.. C’est balaise et résilient, avec une belle répartition des tâches de vol entre AppleScript et Node.js. Les échantillons déobfusqués ont aussi été mis à disposition sur #malwarebazaar https://bazaar.abuse.ch/sample/d72c1c75958ad7c68ef2fb2480fa9ebe185e457f3b62047b31565857fa06a51a/#CyberVeille #MacSecurity #macOS #Malware #ThreatIntel #Glassworm

New PhantomRaven NPM attack wave steals dev data via 88 packageshttps://www.bleepingcomputer.com/news/security/new-phantomraven-npm-attack-wave-steals-dev-data-via-88-packages/Short summary: https://hackerworkspace.com/article/new-phantomraven-npm-attack-wave-steals-dev-data-via-88-packages#malware #cybersecurity #threatintelligence

#malware on Vulkan Loader#IOCs72a8eb805e026accc0a5805847db978f (세무 감사.exe)0a580815e4dbedecafd88b207eca8c8f (vulkan-1.bin)55b624a0b0423a337b804fe8e305a386 (vulkan-1.dll)

---------------- Malware Analysis: BeatBanker Android banker + minerOverviewBeatBanker is an Android malware family that combines traditional banker functionality with embedded crypto-mining capabilities. Analysis identifies a packed sample with a native loader (l.so) that dynamically loads a DEX component; later samples have been observed dropping a component identified as BTMOB for mining.Behavior and Components• Loader and packing: The malware uses a native shared object (l.so) acting as a DEX loader and unpacker, enabling dynamic class loading and evasion of static detection.• Banking module: The banking component monitors installed browsers (Chrome, Firefox, sBrowser, Brave, Opera, DuckDuckGo, Dolphin Browser, Edge). It extracts visited domains using the regex ^(?:https?://)?(?:[^:/\\]+\\.)?([^:/\\]+\\.[^:/\\]+) and can manage and open links in the device's default browser.• Crypto mining: Some samples include or drop a miner component (reported as BTMOB), indicating dual-purpose monetization.• Persistence & telemetry: Includes mechanisms for persistence, telemetry exfiltration, and dynamic code loading from C2.C2 Capabilities (selection)The C2 implements a wide command set allowing full device control and data collection. Examples include dynamic DEX class loading, simulated updates that lock the screen, Google Authenticator monitoring (goauth), toggles for protection bypass, audio recording (srec), clipboard pasting via Accessibility Services (pst), SMS sending (ssms), and full device wipes via Device Administrator (adm<>wip<>).Additional capabilities include keylogger and virtual keyboard management, overlay-based full-screen locks, screen capture/streaming, macroed taps/swipes, saved-link management, and VPN/firewall control.Ecosystem and DeliveryRecent detections indicate modular deployment and possible Malware-as-a-Service distribution. The combination of banking-focus functionality and miner payloads suggests flexible monetization strategies. New samples reportedly drop BTMOB, reinforcing the dual-burden design.Limitations and Open DetailsTechnical reporting focuses on observed code paths and C2 commands; specific IoCs and attribution are not provided here. The loader-based architecture and heavy reliance on Accessibility and overlay privileges are notable constraints and enablers for the malware's capabilities. beatbanker #android #malware #btmob #mobilesecurity Source: https://securelist.com/beatbanker-miner-and-banker/119121/

New.Kaspersky: BeatBanker: A dual‑mode Android Trojan https://securelist.com/beatbanker-miner-and-banker/119121/ @Kaspersky Picus: The Role of Generative AI in BAS: Why Attackers Move in Minutes and Defenders Still Take Days https://www.picussecurity.com/resource/blog/the-role-of-generative-ai-in-bas-why-attackers-move-in-minutes-and-defenders-still-take-days SentinelOne: FortiGate Edge Intrusions | Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise https://www.sentinelone.com/blog/fortigate-edge-intrusions/ @SentinelOneCloudflare: Investigating multi-vector attacks in Log Explorer https://blog.cloudflare.com/investigating-multi-vector-attacks-in-log-explorer/ @cloudflare Any.Run: OAuth Device Code Phishing: A New Microsoft 365 Account Breach Vector https://any.run/cybersecurity-blog/oauth-device-code-phishing/ @anyrun_app #malware #Microsoft #phishing #threatresearch #infosec #Android #Google #Fortinet

Boost your skills with today’s cybersecurity playlist: exploits, defenses, and real-world lessons. https://www.youtube.com/playlist?list=PLXqx05yil_mfoBxJ3ER2KkNgeMh6ivUWe#CyberAwareness #NetworkSecurity #ZeroTrust #ThreatIntelligence #Malware

This is based on research from Huntress from March 4: https://www.huntress.com/blog/openclaw-github-ghostsocks-infostealerMalwarebytes: Beware of fake OpenClaw installers, even if Bing points you to GitHub https://www.malwarebytes.com/blog/news/2026/03/beware-of-fake-openclaw-installers-even-if-bing-points-you-to-github #infosec #OpenClaw #GitHub #malware #Bing #Microsoft

Command-and-control domain tree, 2026-02-21 to 2026-03-06 #Malwarehttps://abjuri5t.github.io/SarlackLab/*.bettereveryball[.]co[.]uk*.suncrest[.]in[.]net