Sorry for all the spam everyone. Not sure who's doing this exactly, but I have ideas. They have been flooding Mastodon with daily bursts of messages from throwaway accounts mentioning my handle and trying to associate me with stupid and bad stuff. Thanks, @jerry
Looks like Boeing may be dealing with a rapid disassembly of their company-wide IT network. The company has published a notice on its employee emergency page that says they're canceling shifts at various plants and sending home people whose job depends on IT stuff to work.
I sincerely hope this isn't the beginning of another Jaguar Land Rover type incident where production is halted for extended periods.
Say what you will about LinkedIn and all its phony baloney, but it is occasionally useful for discovering friends of known threat actors. Plenty of cybercriminals have IRL LinkedIn profiles, and when you find them LI helpfully suggests a number of other accounts you might be interested in following that it thinks are somehow related to the profile you're looking at. And that's twice now this month that LI has revealed connections between threat actors that I didn't find on my own.
This presidency invokes so many literary allusions of late. Last week, it was Narcissus at the green slime Reflecting Pool. This week, we're tilting at windmills again. Mind you, this has nothing to do with ugliness or national security concerns. It's just another payoff for the oil companies at the taxpayer's expense.
"The Trump administration on Monday said it would pay Duke Energy $129 million to abandon its plans to build an offshore wind farm off North Carolina."
"Mr. Burgum also repeated his earlier claims that offshore wind farms threaten national security. Last year, the Interior Department cited those concerns when ordering a halt to the construction of five other wind farms off the East Coast, saying their spinning turbines could interfere with military radar. But several federal judges struck down the stop-work orders, saying they were unpersuaded by the administration’s arguments."
"After its losses in court, the administration pivoted to a new strategy: paying developers to walk away from offshore wind projects. It struck the first such deal in March with the French energy company TotalEnergies."
"That deal saw the government pay TotalEnergies nearly $1 billion to abandon plans to build two wind farms, one off New York and the other in the same area off North Carolina. Seven Democratic-controlled states have sued the administration over that agreement, calling it an illegal use of taxpayer dollars."
@EthicalProfessor we looked at that first (we support them). They recommend mostly Samsung, LG and Shark products. But the Shark one we have is already too aggressive on the carpets, and they're all apparently that way. I won't buy Samsung or LG anything anymore.
Was looking at buying a new cordless vacuum, but they all suck.
Seriously though, they're all either too weak (short battery or low suction) or they try to eat the carpet and are completely at war with you on thicker pile stuff. I happen to think canister vacuums work great on everything, but I'm not the one one usually doing the vacuuming.
One thing I've noticed after tracking down so many cybercriminals is that it's super common for the person's first sales thread on a forum to include data stolen from an organization in the country where they live. This is more remarkable when the threat actor is outside the United States, because it very often tells you exactly which country they are from.
You might think that this would be a very dumb thing to do from a self-preservation perspective, but a lot of times they are eager to make a splash on the forums and the best data or access they have is their government's data or some company working with their country's govt. And if you consider that many young people get started in hacking by sticking it to the local authorities and trying to make them look like clowns, it makes a lot more sense.
New, from me: 'Popa' Botnet Linked to Publicly Traded Israeli Firm
"For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass data-scraping efforts. This week, researchers from multiple security firms concluded that the Popa botnet is linked to NetNut, a “residential proxy” provider operated by the publicly-traded Israeli firm Alarum Technologies Ltd [NASDAQ: ALAR]."
There is an incredible amount of interesting data and findings in the reports on Popa released this week. For example, the proxy detection service Spur told me they recently scraped the LG and Samsung app stores and found that each had approximately 3,000 apps available for download. Spur said it found that more than 42 percent of apps available for download via the webOS operating system on LG smart TVs include SDKs that turn one’s television into an always-on residential proxy node. More than a quarter of the apps made for Samsung’s Tizen operating system had similar residential proxy components, Spur found.
ICYMI, the United States plans to significantly reduce the aircraft and warships that it makes available for NATO operations in Europe, according to two senior European officials, accelerating America’s effort to scale down the protection it has offered to European allies for eight decades. The NYT reports the decision would limit NATO’s ability to launch long-range strikes and conduct surveillance.
The threat I'm thinking of is like black faxing in the old days, except against your wallet instead of your toner cartridge. https://en.wikipedia.org/wiki/Black_fax
There was an important court decision last week in a lawsuit filed by 20 states to halt the Trump administration's arbitrary new requirements for distributing food assistance funds to 39 million families that depend on these benefits. On June 5, a federal judge blocked the administration from enforcing new conditions on billions of dollars in federal nutrition funding, siding with a coalition of Democratic-led states that argued the requirements threatened programs serving low-income families.
"According to court filings, the disputed conditions included provisions related to immigration, "gender ideology" and "fair athletic opportunities" for women and girls. The states argued the requirements were vague, unrelated to nutrition and agriculture programs, and imposed without proper legal procedures."
I've written multiple stories about these Supplemental Nutrition Assistance Program (SNAP) benefits, from the perspective of them being stolen by card skimming devices secretly installed at checkout counters and random places. In the past, the states have struggled to get the federal government to reimburse them for these fraud costs, which are disproportionately caused by organized crime groups, particularly Armenian and Romanian gangs that have a significant presence in the US. Now the states are struggling to get these benefits funded at all. But the skimming threat hasn't gone away, because while some state benefits cards do now have chips on them, many still allow the cards to be swiped.
Malware developers are now adding text about nuclear and biological weapons to their spyware to evade AI-based security scanners.
tl;dr: The inclusion of content that LLMs are trained to refuse -- such as information about nukes and bioweapons -- can effectively prevent the LLM from continuing to analyze the threat.
"This header appears designed for AI-mediated analysis, not for Node, Bun, or Python. It attempts to derail scanners or analyst copilots that feed the beginning of a file to a language model without clearly isolating the content as untrusted data. In weak pipelines, this can cause refusal behavior, prompt confusion, context pollution, or premature classification before the scanner reaches the actual malware."
IDK why, but this reminds me of the Calvin & Hobbes cartoon where Calvin asks his mom for stuff she will never give him in a million years, and then he just asks for a cookie.
Hey Windows (ab)users! Microsoft patched around 200 vulnerabilities in Windows etc today, a record Patch Tuesday batch. All indications are they fixed two of the zero-days dropped last month by the researcher Nightmare Eclipse, including "Green Plasma" and the "YellowKey" exploit that allowed local access to data encrypted by BitLocker. In response to today's Patch Tuesday, Nightmare Eclipse dropped an exploit for what they claimed was a zero-day bug in Windows Defender.
Nearly three dozen of the bugs patched this month earned Microsoft’s most dire “critical” rating, and exploit code for at least three of the weaknesses is now publicly available.
Everyone's heard of link shorteners, but did you know about link extenders? Someone forwarded me a curious long ass link that turned out to be malicious (after several redirects) that was created with this service. I could see this being useful for shady marketing companies as well as malware purveyors.
Sit with this for a second: If the White House had its way, all the immigrants in this country would be dead -- at least on paper. WaPo reports that the Trump administration had plans to classify 2.7 million living people — including some U.S. citizens and lawful permanent residents — as dead as part of its immigration enforcement efforts. The plan reportedly fell apart after pushback from Social Security Administration employees who were tasked with implementing it.
My follower count here seems to have dropped by ~750-1,000 overnight. I'm guessing there was some kind of cleanup done on botted accounts or something? Or maybe I just pissed a lot of people off at once (totally possible).
@dalias They got access to 20 encrypted vaults. They'd still have to work out the master password for those targeted accounts. Theoretically, that could be done offline, as happened w/ the breach at LastPass, but it took many months for a lot of those stolen vaults to be cracked.
Dashlane posted an update saying hackers brute-forced its two-factor authentication system, and gained access to the encrypted password vaults for "fewer than 20 personal plan users." Dashlane said there was no evidence of a hack of its own systems, but it hasn't shared yet why or how that 2FA was compromised. The company said “the goal of the attack was to brute-force two-factor authentication (2FA) protections to allow the attacker to register new devices on existing user accounts,” and that it has already notified affected users.
Independent investigative journalist. Covers cybercrime, security, privacy. Author of 'Spam Nation,' a NYT bestseller. Former Washington Post reporter, '95-'09. Signal: briankrebs.07 krebsonsecurity @ gmail .comLinkedin: https://www.linkedin.com/in/bkrebs