Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
sfba.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A Mastodon instance for the San Francisco Bay Area. Come on in and join us!

Administered by:

Server stats:

2.3K
active users

sfba.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

#malware

83 posts74 participants16 posts today
Public
OTX Bot

APT 29 Deploys GRAPELOADER Malware

APT29 is a Russian state-sponsored threat actor that launched an advanced
phishing campaign targeting European diplomatic entities, particularly Ministries
of Foreign Affairs and embassies.

Pulse ID: 6806b689e6608961a0da7d3f
Pulse Link: otx.alienvault.com/pulse/6806b
Pulse Author: cryptocti
Created: 2025-04-21 21:20:09

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
#APT29#CyberSecurity#Europe
Public
Anonymous 🐈🐾☕🍵🏴🇵🇸 :af:

Hold your phone near your card... and they drain your bank account.

A new Android malware-as-a-service, SuperCard X, is targeting Italians with NFC relay attacks—letting cybercriminals remotely steal card data and pull off ATM & PoS fraud.
#CyberSecurity #Malware
thehackernews.com/2025/04/supe

The Hacker NewsSuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay AttacksSuperCard X malware exploits NFC relay and social engineering to steal card data in Italy, enabling ATM fraud.
Public
OTX Bot

The "free money" trap: How scammers exploit financial anxiety

This analysis explores how scammers capitalize on financial stress by promising 'free money' through fake subsidy programs, government grants, or relief cards. Common tactics include using urgency, exclusivity, and fabricated social proof to manipulate victims. Scammers employ various techniques such as phishing, impersonation, fake customer support, QR code scams, and malware-laden attachments to collect personal data for identity theft or future scams. The article provides red flags to watch for, including vague claims, lack of contact information, and unrealistic promises. To protect against these scams, individuals should verify sources, avoid sharing personal information on unverified websites, report suspicious sites, and educate others about these fraudulent schemes.

Pulse ID: 6802cb9dcd152b0f855adc5b
Pulse Link: otx.alienvault.com/pulse/6802c
Pulse Author: AlienVault
Created: 2025-04-18 22:01:01

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
#CyberSecurity#Government#ICS
Public
Tom

Been reading about this malware China is using written for Linux:

sysdig.com/blog/unc5174-chines

and it struck me: Why mount /tmp and /var/tmp without noexec, nodev, nosuid? Seems crazy to allow a directory anyone can write to, to run executables.

While we're at it, get rid of wget and curl and anything else that would allow them to even get a "dropper" on the system?

Isn't this common sense stuff?!

Sysdig · UNC5174’s evolution in China’s ongoing cyber warfare: From SNOWLIGHT to VShellAfter a year under the radar, the Sysdig Threat Research Team identified a new campaign from Chinese state-sponsored threat actor UNC5174.
#infosec#opsec#malware
Public
Taylor Parizo

I forgot to update this but I had been running it as an LXC listening on two internal OVS bridge ports for a while until I was playing around with OPNsense and realized they had a maltrail plugin. Now I'm monitoring traffic on the OPNsense WAN (not my public ISP WAN but a separate internal network) and the OPNsense LAN.
#malware #opnsense #homelab

ExploreLive feeds
About