☣️ CISA unveils free Thorium malware analysis platform

｢ On Thursday, the organizations announced the release of Thorium, an automated malware and forensic analysis platform that CISA says can “integrate commercial, custom and open-source analysis tools and enable cyber defenders to quickly assess malware threats and index forensic analysis results into a unified platform.” ｣

https://therecord.media/cisa-unveils-free-malware-analysis-tool

#malware #cisa #cybersecurity

AquaSec deckte jetzt eine üble Malware für Linux auf, wobei verseuchte Bilddateien den Angriffsvektor beinhalten: Koske verbreitet sich - aktuell - über präparierte Pandabärbilder, die ein Script in C mit der unangenehmen Payload mitbringen. Offensichtlich half ein LLM bei der Entwicklung der Malware. Schöne, neue KI-Welt.

https://www.aquasec.com/blog/ai-generated-malware-in-panda-image-hides-persistent-linux-threat/

#Linux #malware #infosec #koske #ki #ai

🚨 Malware Found in Official GravityForms Plugin Indicating Supply Chain Breach - Patchstack

https://patchstack.com/articles/critical-malware-found-in-gravityforms-official-plugin-site/

#gravityforms #supplychainattack #malware #wordpress

Mexiko: Untersuchung wegen mutmaßlicher Schmiergeldzahlung beim Kauf von Pegasus

Beim Kauf der Spionagesoftware Pegasus soll Mexikos Ex-Präsident Enrique Peña Nieto Schmiergeld kassiert haben. Die Staatsanwaltschaft leitet Ermittlungen ein.

https://www.heise.de/news/Mexiko-Untersuchung-wegen-mutmasslicher-Schmiergeldzahlung-beim-Kauf-von-Pegasus-10483500.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Malware#Netzpolitik#Pegasus #news

• It too is a shitshow in terms of #security and not really performant to the point that #NSAbook wrote their own cross-compiler to make it go brrr!...

Both #JavaScript & PHP are nuisances and should've been put down like #ActiveX.
Silverlight, #Shockwave and #FlashPlayer long ago!

• And yes, if you haven't seen PHP being used as #shitcoin #miner and #malware you haven't even tried dealing with it.

But you can spare yourself the trauma and stockholming...

• I've made peace with it, just as I've made peace never touching #Windows ever again.

You may call me an "opinionated asshole" from your point of view, but I sincerely wish I was wrong.

• Look where all the absurd complexity got us: #NSAbook, #JavaScript-based #malware that mines #shitcoins and #tracking #cookies.

The real cost doesn't come through to #consoomers except as #ReducedLifecycle due to #bloat.

But then again what do I expect from a coward doing the reply & block - combo, because confronting the fact that people got burned out by shit like PHP would mean admitting mistakes, and we can't have that as a fanboy.

#EOD #thxbye #next

Espionage 🤝 Cybercrime :: TA829 🤝 UNK_GreenSec

Our extensive visibility into the threat landscape has led us to conclude that there is very likely a link between TA829 (a cybercriminal actor also conducting #espionage in line with Russian state interests) & UNK_GreenSec (a #cybercriminal cluster observed deploying #malware and #ransomware).

See our research blog for a technical analysis of the intriguing overlap between the threat actor clusters. https://brnw.ch/21wTN3n