Language Selection

English French German Italian Portuguese Spanish

Proprietary Leftovers

Filed under

  • Relentless ransomware disguised as Windows Updates takes aim at students [iophk: Windows TCO]

    The security specialists at BleepingComputer spotted the problem, with forum users reporting the infection after installing self-declared W10 updates from illegal “warez” repositories. These sites offer pirated and cracked versions of paid software, and they’re infamous for being filled with easy targets for those who want to spread malware. The Magniber program hidden in these bogus updates encrypts targeted portions of the user’s storage drive, then demands an anonymous transfer of Bitcoin equal to about $2,600 USD in order to get your files back. The price goes up if you wait more than a few days, and there’s no known workaround to free your files without opening your wallet.

  • Elon Musk taking over Twitter, but most marketers not worried

    Why 58% of marketers aren’t concerned. Verification of accounts. Removing bots. Free speech. These were among the reasons marketers are feeling optimistic about Musk owning Twitter. Here’s a sampling of comments: [...]

  • Mandiant finds threat actor targeting email collection over long periods [iophk: Windows TCO]

    Security firm Mandiant has released details about a threat actor it has named UNC3524, which infiltrates and resides for long periods in Windows environments where it can collect emails in bulk. The active backdoor is named QUIETEXIT and it is based on the Dropbear SSH client-server software which is generally used in environments with low memory and processor resources.

  • UNC3524: Eye Spy on Your Email [iophk: Windows TCO]

    In this blog post, we introduce UNC3524, a newly discovered suspected espionage threat actor that, to date, heavily targets the emails of employees that focus on corporate development, mergers and acquisitions, and large corporate transactions. On the surface, their targeting of individuals involved in corporate transactions suggests a financial motivation; however, their ability to remain undetected for an order of magnitude longer than the average dwell time of 21 days in 2021, as reported in M-Trends 2022, suggests an espionage mandate. Part of the group’s success at achieving such a long dwell time can be credited to their choice to install backdoors on appliances within victim environments that do not support security tools, such as anti-virus or endpoint protection. The high level of operational security, low malware footprint, adept evasive skills, and a large Internet of Things (IoT) device botnet set this group apart and emphasize the “advanced” in Advanced Persistent Threat. UNC3524 also takes persistence seriously. Each time a victim environment removed their access, the group wasted no time re-compromising the environment with a variety of mechanisms, immediately restarting their data theft campaign. We are sharing the tools, tactics, and procedures used by UNC3524 to help organizations hunt for and protect against their operations.

  • Class cancelled at Kellogg Community College following ransomware attack [iophk: Windows TCO]

    Kellogg Community College announced on May 1 that the technology issues that started days before were caused by a ransomware attack. Due to the ongoing attack, all KCC campuses are closed until further notice.

  • Estonia hosts NATO-led cyber war games, with one eye on Russia [iophk: Windows TCO]

    Over the last week, the NATO Cooperative Cyber Defense Center of Excellence hosted the 10th edition of one of the world's largest annual interactive cybersecurity drills.

    Over 2,000 participants from 32 countries formed teams and logged in remotely to help defend regions of Berylia — an imaginary island nation in conflict with its Southern neighbor, Crimsonia — represented by organizers in Tallinn, Estonia's capital city. Participants included cybersecurity experts from governments and private companies, as well as academics.

  • Health Care Organizations Warned of Aggressive Ransomware Threat [iophk: Windows TCO]

    Ransomware is the “business pandemic.” Warnings have been issued by multiple agencies around the world to alert businesses to increase their protection and awareness. Most recently, the Department of Health and Human Services (HHS) has issued a warning to health care organizations related to what it calls “an exceptionally aggressive” ransomware group known as Hive.

    Hive has been active since June of last year, but according to the HHS, has been more active of late targeting health care organizations with “double extortion” threats. The group is described as “financially motivated,” demanding payment to unlock data it has encrypted and also threatening to publicly release unencrypted data, selling it on “name and shame” dark web sites according to the HHS alert.

  • Tenet says 'cybersecurity incident' disrupted hospital operations [iophk: Windows TCO]

    Tenet, one of the largest for-profit health systems in the U.S., said it experienced a "cybersecurity incident" last week that disrupted some acute care operations.

    Most critical functions have been restored, while affected facilities are beginning to resume normal operations, according to a statement on Tuesday from the Texas-based operator.

  • [Attackers] sneak code onto Oulu city website to mine cryptocurrency

    The malware, which caused the computers of visitors to the city's official webpage to generate cryptocurrency without their knowledge, was detected and removed over the weekend.

More in Tux Machines

today's howtos

  • How to install go1.19beta on Ubuntu 22.04 – NextGenTips

    In this tutorial, we are going to explore how to install go on Ubuntu 22.04 Golang is an open-source programming language that is easy to learn and use. It is built-in concurrency and has a robust standard library. It is reliable, builds fast, and efficient software that scales fast. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel-type systems enable flexible and modular program constructions. Go compiles quickly to machine code and has the convenience of garbage collection and the power of run-time reflection. In this guide, we are going to learn how to install golang 1.19beta on Ubuntu 22.04. Go 1.19beta1 is not yet released. There is so much work in progress with all the documentation.

  • molecule test: failed to connect to bus in systemd container - openQA bites

    Ansible Molecule is a project to help you test your ansible roles. I’m using molecule for automatically testing the ansible roles of geekoops.

  • How To Install MongoDB on AlmaLinux 9 - idroot

    In this tutorial, we will show you how to install MongoDB on AlmaLinux 9. For those of you who didn’t know, MongoDB is a high-performance, highly scalable document-oriented NoSQL database. Unlike in SQL databases where data is stored in rows and columns inside tables, in MongoDB, data is structured in JSON-like format inside records which are referred to as documents. The open-source attribute of MongoDB as a database software makes it an ideal candidate for almost any database-related project. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MongoDB NoSQL database on AlmaLinux 9. You can follow the same instructions for CentOS and Rocky Linux.

  • An introduction (and how-to) to Plugin Loader for the Steam Deck. - Invidious
  • Self-host a Ghost Blog With Traefik

    Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter. The creators of Ghost offer managed Pro hosting but it may not fit everyone's budget. Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup. Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more. I use Traefik to secure my websites using an SSL certificate obtained from Let's Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals. In this tutorial, I'll share the necessary steps for deploying a Ghost blog with Docker and Traefik.

Red Hat Hires a Blind Software Engineer to Improve Accessibility on Linux Desktop

Accessibility on a Linux desktop is not one of the strongest points to highlight. However, GNOME, one of the best desktop environments, has managed to do better comparatively (I think). In a blog post by Christian Fredrik Schaller (Director for Desktop/Graphics, Red Hat), he mentions that they are making serious efforts to improve accessibility. Starting with Red Hat hiring Lukas Tyrychtr, who is a blind software engineer to lead the effort in improving Red Hat Enterprise Linux, and Fedora Workstation in terms of accessibility. Read more

Today in Techrights

Android Leftovers