@LinuxAndYarn @GossiTheDog I've to applaud #WSJ for showing how much #Apple is shafting #consumers with overpriced #parts, because even if the #battery had only 10% tariff there's no reason for a #replacement part to cost more than $50.
It is apparently #WorldRatDay today 
#rat #rats
The landmine-sniffing rats are continuing their slow and steady task of demining Cambodia (and other places). Here's an article about a rat named Ronin setting a record for most mines discovered (109). The previous record holder had cleared 71 landmines by the time of his retirement.
#ThrowbackThursday to my second flat felt plushie I created 2 years ago when I had just come up with the concept and the name “Pocket Pals” and I was still very new to sewing, having started 2 months earlier.
The stitching is wonky, the thread I used for the embroidery and assembly was way too thick, but I actually still really love this little guy! I think the overall design is pretty well made!
Driving home from the petrol station last night, I saw a juvenile #rat run past on a grass bank between the exit road and some automatic car wash. I saluted the rodent (which has far less impact on the #environment than I do in my motor car)
Malspam Monday is when I check the inboxes of my honey pot accounts for anything interesting distributed through email.
Today, I found an example of #GuLoader for #Remcos #RAT
Details at https://github.com/malware-traffic/indicators/blob/main/2025-03-24-GuLoader-for-Remcos-RAT.txt
Operation FishMedley targeting governments, NGOs, and think tanks
ESET researchers have uncovered a global espionage operation called Operation FishMedley, conducted by the FishMonger APT group, which is operated by the Chinese contractor I-SOON. The campaign targeted governments, NGOs, and think tanks across Asia, Europe, and the United States during 2022. The attackers used implants like ShadowPad, SodaMaster, and Spyder, which are common or exclusive to China-aligned threat actors. The operation involved sophisticated tactics including lateral movement, credential theft, and custom malware deployment. Seven victims were identified across various countries and sectors. The analysis provides technical details on the malware used, initial access methods, and command and control infrastructure.
Pulse ID: 67dd406f6ba9eecd280aa95e
Pulse Link: https://otx.alienvault.com/pulse/67dd406f6ba9eecd280aa95e
Pulse Author: AlienVault
Created: 2025-03-21 10:33:19
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
Dragon RaaS | Pro-Russian Hacktivist Group Aims to Build on "The Five Families" Cybercrime Reputation
Dragon RaaS is a ransomware group that emerged in July 2024 as an offshoot of Stormous, part of a larger cybercrime syndicate known as 'The Five Families'. The group markets itself as a sophisticated Ransomware-as-a-Service operation but often conducts defacements and opportunistic attacks rather than large-scale ransomware extortion. Dragon RaaS primarily targets organizations in the US, Israel, UK, France, and Germany, exploiting vulnerabilities in web applications, using brute-force attacks, and leveraging stolen credentials. The group operates two ransomware strains: a Windows-focused encryptor based on StormCry and a PHP webshell. Despite claims of creating a unique ransomware variant, analysis reveals that Dragon RaaS's payloads are slightly modified versions of StormCry.
Pulse ID: 67db2bceaeb33fde1496fef2
Pulse Link: https://otx.alienvault.com/pulse/67db2bceaeb33fde1496fef2
Pulse Author: AlienVault
Created: 2025-03-19 20:40:46
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
Credit Card Skimmer and Backdoor on WordPress E-commerce Site
A sophisticated malware attack targeting WordPress WooCommerce sites was discovered, involving multiple components: a credit card skimmer, a hidden backdoor file manager, and a reconnaissance script. The attack focused on financial gain and long-term control. The skimmer, injected into the checkout page, collected payment and billing information, sending it to a malicious server. A PHP backdoor allowed remote system command execution, while a reconnaissance script gathered server information. The attack demonstrates the evolving complexity of e-commerce platform threats, emphasizing the need for strict security measures, regular scans, proper access controls, and timely updates to prevent such exploits.
Pulse ID: 67d52aad906732f7bad24dfa
Pulse Link: https://otx.alienvault.com/pulse/67d52aad906732f7bad24dfa
Pulse Author: AlienVault
Created: 2025-03-15 07:22:21
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
Do rat tails get cold? Does anyone have a picture of a rat with a tail cozy? tail sock? tail cover?
Hundreds of thousands of rubles for your secrets: cyber spies disguise themselves as recruiters
Cybercriminals impersonating a real company are sending fake job descriptions to employees of targeted organizations. The attackers, known as Squid Werewolf, are offering substantial sums of money, potentially hundreds of thousands of rubles, in exchange for sensitive information. This sophisticated phishing campaign aims to exploit the trust associated with legitimate recruitment processes to gather confidential data from unsuspecting employees. The operation demonstrates the evolving tactics of cyber espionage groups, blending social engineering with financial incentives to compromise organizational security.
Pulse ID: 67d1758164fe4b799677296c
Pulse Link: https://otx.alienvault.com/pulse/67d1758164fe4b799677296c
Pulse Author: AlienVault
Created: 2025-03-12 11:52:32
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
Malicious Packages Identified in the Wild: Insights and Trends from November 2024 Onward
FortiGuard Labs has analyzed malicious software packages detected from November 2024 to March 2025, revealing various attack techniques used to exploit system vulnerabilities. Key findings include 1,082 packages with low file counts, 1,052 packages with suspicious install scripts, and 1,043 packages lacking repository URLs. Attackers employ methods such as obfuscation, command overwrite, and typosquatting to bypass security measures. The analysis highlights the use of suspicious APIs, URLs, and installation scripts to exfiltrate data, establish backdoors, and perform remote control activities. Specific cases involve malicious Python and Node.js packages targeting developers and harvesting sensitive information. The report emphasizes the importance of robust detection strategies and proactive defense measures to mitigate these evolving cybersecurity threats.
Pulse ID: 67cf4b932b27ceeadb710aab
Pulse Link: https://otx.alienvault.com/pulse/67cf4b932b27ceeadb710aab
Pulse Author: AlienVault
Created: 2025-03-10 20:29:07
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
it's my birthday :O
#rat #rats #ratsOfMastodon #ratsOfFediverse #cute #cuteArt #OC #OCs #OCart
Zu 3, digitaler #Thymokratie, bewegend:
„Fragen wir den Wind:
Wer misst Ehre in Einsen und Nullen?
Wer entscheidet, ob dein digitaler Mut mehr wiegt als meine digitale Weisheit?
Ist das Netz ein gerechter Richter oder nur ein Spiegel unserer Schatten?“
(10/x)
PrintSteal: Exposing unauthorized CSC-Impersonating Websites Engaging in Large-Scale KYC Document Generation Fraud
This investigation uncovers a massive criminal operation known as 'PrintSteal' that generates and distributes fake Indian KYC documents. The scheme involves over 1,800 fraudulent domains impersonating government websites, with at least 2,727 registered operators on one platform alone. Over 167,000 fake documents have been created, including birth certificates, Aadhaar cards, and PAN cards. The operation uses a network of affiliates, illicit APIs, and encrypted communication channels. Financial analysis shows an estimated 40 Lakhs in revenue from a single platform. The widespread nature of this fraud poses significant risks to India's digital security, financial systems, and public trust in government services.
Pulse ID: 67c995880a7cc01b82ee04bc
Pulse Link: https://otx.alienvault.com/pulse/67c995880a7cc01b82ee04bc
Pulse Author: AlienVault
Created: 2025-03-06 12:31:04
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
Domo 
