Mastodawn

Fake Zoom, Teams Meeting Invites use Compromised Certificates to Drop Malware.

A new wave of phishing attacks is hitting office workers where they feel safest- their daily meeting invites. Instead of using obvious malware, threat actors are now using stolen digital certificates to trick computers into trusting malicious files.

⁉️According to researchers from the Microsoft Defender Security Research Team, these attacks involve highly convincing fake updates for apps like Zoom, Microsoft Teams, and Adobe Reader.⁉️

https://www.microsoft.com/en-us/security/blog/2026/03/03/signed-malware-impersonating-workplace-apps-deploys-rmm-backdoors/

#zoom #microsoft #teams #adobe #reader #phishing #attacks #rmm #backdoors #it #security #privacy #engineer #media #infosec #tech #news

RedPacket Security 6d ago

Contagious Interview: Malware delivered through fake developer job interviews - https://www.redpacketsecurity.com/contagious-interview-malware-delivered-through-fake-developer-job-interviews/

#threatintel
#Contagious-Interview
#Malware
#Recruitment-Scams
#Backdoors
#Visual-Studio-Code

Contagious Interview: Malware delivered through fake developer job interviews - RedPacket Security

Microsoft Defender Experts has observed the Contagious Interview campaign, a sophisticated social engineering operation active since at least December 2022.

RedPacket Security

eqtv Mar 10

The Quietest Cyber Catastrophe of 2025

https://peertube.eqver.se/w/kcgoMRv5VMABLWxfSphKjF

poshort_128_en

PeerTube

Show thread

Kevin Karhan

Mar 6

@nixCraft I'd just refuse.to comply as a matter if.principle because #Cyberfascism is always bad.

Same reason why @delta don't integrate #Govware #Backdoors and snitch on users despite #Russia's #Cyberfascists (#Roskomnadzor) sueing them…

Erik van Straten Mar 6

Als "the good guys" worden gehacked en informatie van nietsvermoedende niet-Amerikanen NIET ALLEEN in handen van de FBI valt: https://edition.cnn.com/2026/03/05/politics/fbi-investigating-cyber-breach-critical-surveillance-network (mijn eerste bron: https://www.bleepingcomputer.com/news/security/fbi-investigates-breach-of-surveillance-and-wiretap-systems/).

Nb. dit soort taps vinden plaats in het kader van de FISA (The Foreign Intelligence Surveillance Act) wetgeving waarin niet-Amerikanen nauwelijks rechten hebben. De FBI tapt zoveel mogelijk telecommunicatie van of naar de VS, maar hoogst waarschijnlijk ook verbindingen die geheel buiten de VS blijven.

Dat is dezelfde wetgeving die straks (of nu al) voor DigiD en informatiesystemen van de Belastingdienst en Defensie geldt.

Een surveillance maatschappij helpt ook the bad guys (dankzij gehackte camera's op straat wist de Mossad waar Khamenei zich bevond.

Dit is precies waarom we geen ChatControl of achterdeurtjes in encryptie moeten willen!

#FISA #Datalek #Surveillance #ChatControl #AchterDeurtjes #BackDoors #Encryptie #Encryption #EncryptionBackdoors #FBI #CIA #NSA #FisaSection702

Eugene Alvin Villar 🇵🇭Feb 28

RE: https://en.osm.town/@seav/112217310004579603

#Veritasium recently published a very comprehensive and educational video about the XZ Utils backdoor incident two years ago: https://youtu.be/aoag03mSuXQ

More info about the backdoor: https://en.wikipedia.org/wiki/XZ_Utils_backdoor

The toot that exposed the backdoor to the world: https://mastodon.social/@AndresFreundTec/112180083704606941

#XZUtils #Linux #OpenSource #backdoors #exploits #infosec

Show thread

Kevin Karhan

Feb 25

@earthshine precisely that is the poibt of it and also the correct answer to #FUD by #CCSS vendors (i.e. #Microsoft) against #FLOSS (i.e. #Linux)…

Also #transparency is key, cuz then #Backdoors (i.e. #Govware) like #GoldenKeyBoot are nearly impossible to hide.
- The middle-ground is #SourceAvailable like #Tarsnap, where providing the client sourcecode is done as means to build #trust with #evidence to claims (in this case 'here's the code, you have custody of all the keys, we never have them!'…

Schneier on Security RSS Feb 23

On the Security of Password Managers

Good article on password managers that secretly have a backdoor.
New research shows that these cla... https://www.schneier.com/blog/archives/2026/02/on-the-security-of-password-managers.html

#Uncategorized #PasswordSafe #backdoors #passwords

On the Security of Password Managers - Schneier on Security

Good article on password managers that secretly have a backdoor. New research shows that these claims aren’t true in all cases, particularly when account recovery is in place or password managers are set to share vaults or organize users into groups. The researchers reverse-engineered or closely analyzed Bitwarden, Dashlane, and LastPass and identified ways that someone with control over the server—either administrative or the result of a compromise—can, in fact, steal data and, in some cases, entire vaults. The researchers also devised other attacks that can weaken the encryption to the point that ciphertext can be converted to plaintext...

Schneier on Security

Hacker News Feb 22

We hid backdoors in ~40MB binaries and asked AI + Ghidra to find them

https://quesma.com/blog/introducing-binaryaudit/

#HackerNews #AI #Binary #Audit #Ghidra #Backdoors #Security

We hid backdoors in ~40MB binaries and asked AI + Ghidra to find them - Quesma Blog

BinaryAudit benchmarks AI agents using Ghidra to find backdoors in compiled binaries of real open-source servers, proxies, and network infrastructure.

Quesma

Martin Reitsma Feb 20

Firmware Backdoors Be Spying On You – PSW #914
Firmware Backdoors Be Spying On You – PSW #914
#Firmware #Backdoors

https://opr.news/3415179d260219en_us?link=1&client=ex_global

Download Now
https://opr.as/share

Firmware Backdoors Be Spying On You – PSW #914

This is an interesting RCE, I remember remote access software vendor Bombgar was acquired by BeyondTrust. Attackers are now scanning for a new RCE, details: The bug is a variant of an earlier BeyondTrust WebSocket RCE (CVE-2024-12356) that Silk Typhoon used in the 2024 U.S. Treasury breach, hitting the same WebSocket endpoint via a different code path.

opera news app