Two suspicious domain names possibly impersonating Anydesk anydeskwin[.]info and anydeskdownload[.]info

Both the websites are serving an #opendir at the moment and pointing at AS13335

#threatintel #anydesk

Fun fact: you can make your PiKVM multiport by just hooking it up to a cheap four ports HDMI kvm and hooking up the control serial port to the rpi hub, and setting up macros in kvmd to make it switch ports from the Web UI.

it's everything I ever wanted and the Redfish BCMs in my SuperMicro stuff are starting to feel primitive and clumsy in comparison.

#PiKVM #kvm #HomeLab #computing #server #rpi #lom #linux

Let's Encrypt will issue new intermediate certs in Q1/2024: https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/L7XoAXt_s1c

Make sure your LE cert deployment logic includes serving the right intermediates that ACME should hand you, not just that same old LE intermediate you got years ago. Otherwise, there'll be breakage...

#x509 #pki #LetsEncrypt

FCC adopts new rules to protect consumers from SIM-swapping attacks - https://www.redpacketsecurity.com/fcc-adopts-new-rules-to-protect-consumers-from-sim-swapping-attacks/

#OSINT #ThreatIntel #CyberSecurity

VirusShare 2022 Decompiled
(aka Vi-Sha-Fy Unwrapped)

Another block of 31,536,000 seconds has come to an end, but the malware never stops. Here at VirusShare we checked the graphs and queried the databases to see how our 2022 went.

We started 2022 with a new set of 12 antivirus scanning engines and added one more this past October. These 13 scanners check and add a new file to the corpus every 0.6 seconds.

The database continued to grow, adding:

12,121,716 new malware samples in 6.5 TB

and

22,650,352 new 'clean' files in 2.6 TB

The entire system uses 86 TB of storage,
hosting 55.8 million malware files,
224.5 million 'clean' files, and
many more in the hopper.

Web crawlers have always been a part of the VirusShare infrastructure, but we dedicated some time to improving them and crawled:

26,361,862 unique URLs (twice)

from all over the internet. The crawlers along with new code to extract URLs from newly added malware samples were a big contributor to the volume added in the latter half of the year.

As the year came to a close, we added the @VXShare account to Mastodon and converted the tweets about new malware package releases over to toots. The plan for 2023 is to use Mastodon for these notifications. This new platform also makes for a nice way to tell you all about how the year went in a single post. Many thanks to @jerry for maintaining the infosec.exchange instance.

It is important to point out some of the costs of keeping VirusShare running. In 2022, we spent:

$4,000 on electricity
$5,750 on Internet connectivity
$1,500 on hard drives
$500 on antivirus licensing

The costs were offset by income of <checks notes>:

$0.00

Which brings me to the PBS telethon portion of this year-end post:

We don't have ads.
We don't sell your info.

If you or your company has benefited from this free project, please consider giving back. If you are looking to get more from the site like increased API calls, daily malware feeds, or supporting a special feature you'd like to see, reach out to @VXShare or to @corvus4n6, the company who officially hosts and maintains the project. Improvements and daily maintenance are (still) handled by one human, a bot, and lots of code running in seemingly endless loops.

Best wishes for 2023!

@forensication & Melissa97 the bot.