Over the years I have worked with many people who track romance scams. I’ve spoken to analysts, psychologists, police officers, federal law enforcement, and most painfully: the victims. As an observer to many of these efforts, friends and family are normally the first to see changes in the victim.
By Asheer Malhotra, Vitor Ventura and Arnaud Zobec. Talos disclosed a MuddyWater campaign in January targeting Turkish entities that leveraged maldocs and executable-based infection chains to deliver multistage, PowerShell-based downloader malware.
Russia has created its own trusted TLS certificate authority (CA) to solve website access problems that have been piling up after sanctions prevent certificate renewals.
Since its reemergence on Nov. 14, 2021, Black Lotus Labs has once again been tracking Emotet, one of the world’s most prolific malware distribution families which previously infected more than 1.
In July of 2021, we identified an infection campaign targeting important European entities. During this investigation we could identify the threat actor behind these attacks as LazyScripter, an emerging APT group pointed by MalwareBytes in February 2021.
Hive, which is one of the more notable ransomware families of 2021, made waves in the latter half of the year after breaching over 300 organizations in just four months — allowing the group to earn what could potentially be millions of US dollars in profit.
This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes.
Executive summary A new reflection/amplification distributed denial of service (DDoS) vector with a record-breaking potential amplification ratio of 4,294,967,296:1 has been abused by attackers in the wild to launch multiple high-impact DDoS attacks.
Other versions also attempt to start the process with elevated privileges. These different versions and modifications might indicate that the malware was still undergoing development at the time of writing.
An Nvidia code-signing certificate was among the mountain of files stolen and leaked online by criminals who ransacked the GPU giant’s internal systems.
This is a list of substantial, commercial-or-social-good mainstream websites which provide onion services. You can find techical details and the legend/key for symbols in the footnotes section, below.
Facial recognition: Italian SA fines Clearview AI €20 million; Bans use of biometric data and monitoring of Italian data subjects
The Italian SA (Garante per la protezione dei dati personali) fined the US-based company Clearview AI EUR 20 million after finding it applied what amounted to biometric monitoring techniques also to individuals in the Italian territory.
Twitter is now accessible over the Tor network, allowing users in countries that banned it to continue accessing the social network’s site. The new onion URL was announced today by security engineer Alec Muffett who announced that Twitter can now be accessed worldwide via the Tor browser.
Obviously, this is not just a privacy issue at this point but also about being able to access sites and information that Russia is trying to shut down, but given Moscow police have also allegedly been seizing phones to read text messages, it would not be surprising for Russia to really start monitor