Hundreds of subreddits are considering banning all links to X.com in response to Elon Musk’s salute at a Donald Trump inauguration rally that was celebrated by Nazis as being a Nazi salute. The moderators of dozens of those subreddits have said that they have decided they will ban all links to X. Here is a…
We start this week with the TikTok ban: how we got here, what happened, and, most importantly, why it means we need more decentralized services. Jason runs us through it. After the break, Joseph breaks down a site called GeoSpy which is marketing geolocation technology to the cops. In the subscribers-only section, we all scroll…
If it wasn’t already obvious, the last 72 hours have made it crystal clear that it is urgent to build and mainstream alternative, decentralized social media platforms that are resistant to government censorship and control, are not owned by oligarchs and dominated by their algorithms, and in which users own their follower list and can…
An issue with Cloudflare allows an attacker to find which Cloudflare data center a messaging app used to cache an image, meaning an attacker can obtain the approximate location of Signal, Discord, Twitter/X, and likely other chat app users. In some cases an attacker only needs to send an image across the app, with the…
Shortly after Donald Trump was sworn in as the 47th president of the United States on Monday, many Facebook users started to report that the social network automatically made them follow Trump’s Facebook page. I’ve seen several threads on this issue on Reddit, social media, and people I know personally have also asked me why…
Sophos MDR identifies a new threat cluster riffing on the playbook of Storm-1811, and amped-up activity from the original connected to Black Basta ransomware.
HomuWitch is a ransomware strain that initially emerged in July 2023. Unlike the majority of current ransomware strains, HomuWitch targets end-users – individuals – rather than institutions and companies. Its prevalence isn’t remarkably large, nor is the requested ransom payment amount, which has allowed the strain to stay relatively under the radar thus far. During…
Key Points Avast discovered an in-the-wild admin-to-kernel exploit for a previously unknown zero-day vulnerability in the appid.sys AppLocker driver. Thanks to Avast’s prompt report, Microsoft addressed this vulnerability as CVE-2024-21338 in the February Patch Tuesday update. The exploitation activity was orchestrated by the notorious Lazarus Group, with the end goal of establishing a kernel read/write…
Key Points Avast discovered a new campaign targeting specific individuals through fabricated job offers. Avast uncovered a full attack chain from infection vector to deploying “FudModule 2.0” rootkit with 0-day Admin -> Kernel exploit. Avast found a previously undocumented Kaolin RAT, where it could aside from standard RAT functionality, change the last write timestamp of…
Key Points Avast discovered and analyzed a malware campaign hijacking an eScan antivirus update mechanism to distribute backdoors and coinminers Avast disclosed the vulnerability to both eScan antivirus and India CERT. On 2023-07-31, eScan confirmed that the issue was fixed and successfully resolved The campaign was orchestrated by a threat actor with possible ties to…