#China-linked APT IronHusky revives and deploys updated version of MysterySnail RAT in attacks on Mongolian and Russian systems.
Read: https://hackread.com/chinese-apt-ironhusky-mysterysnail-rat-russia/
3/3 Yes, this is #enshittification. It's deliberate obsolescence.
The Microsoft business case is that users should buy their hardware (prominently advertised at their notice of support ending), and buy into W11/services.
The counterargument is that newer hardware is required to mitigate against some types of #malware attacks.
The background is that our computing environments are spoiled because some people are 'bad actors', which creates the need for ('cyber') #security
So, a business associate's email got spoofed and I was sent an email with a link. It was something that was normal for him to send so I clicked it. It was of course as you surmised, malicious.
I did this on my iPhone. Nothing opened and I haven't seen any worrying signs. Cleared all my history and such.
Anything I need to worry about? Asking all the big brains out there.
"Xanthorox AI" – sounds like something from sci-fi, but it points to the next evolution in cyber threats where AI might be crafting the attacks. Kind of wild, right? 
#Malware #TechNews
https://slashnext.com/blog/xanthorox-ai-the-next-generation-of-malicious-ai-threats-emerges/
Russians lure European diplomats into #malware trap with wine-tasting invite - https://www.theregister.com/2025/04/16/cozy_bear_grapeloader/ "Vintage #phishing varietal has improved with age"
Entertainment venue management firm #Legends #International disclosed a data breach
https://securityaffairs.com/176674/uncategorized/legends-international-disclosed-a-data-breach.html
#securityaffairs #malware
#China-linked #APT #Mustang #Panda upgrades tools in its arsenal
https://securityaffairs.com/176662/apt/china-linked-apt-mustang-panda-upgrades-tools-in-its-arsenal.html
#securityaffairs #malware
“Processing an audio stream in a maliciously crafted media file may result in code execution”
https://alecmuffett.com/article/113248
#apple #malware
New version of MysterySnail RAT and lightweight MysteryMonoSnail backdoor
A new version of the MysterySnail RAT, attributed to the Chinese-speaking IronHusky APT group, has been detected targeting government organizations in Mongolia and Russia. The malware, which hadn't been publicly reported since 2021, now features a modular architecture with five additional DLL modules for command execution. A lightweight version dubbed MysteryMonoSnail was also observed. The infection chain involves a malicious MMC script, an intermediary backdoor, and the main MysterySnail RAT payload. The attackers use public file storage and the piping-server project for command and control. This case highlights the importance of maintaining vigilance against seemingly obsolete malware families, as they may continue operating undetected for extended periods.
Pulse ID: 6800fcd0995e011520970651
Pulse Link: https://otx.alienvault.com/pulse/6800fcd0995e011520970651
Pulse Author: AlienVault
Created: 2025-04-17 13:06:24
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
Benutzer von Outlook müssen wirklich seeehr geduldig sein.
Meiner Meinung nach einer der miesesten #EMail-Clients (aber leider der beste #Groupware-Client) und dann noch die ständigen #Cloud-Zwänge, das Abschnorcheln der Passwörter durch #Microsoft (iOS/Android/neues #Outlook), quasi optimiert als Einfallstor für #Phishing und #Malware und dann noch solche Kleinigkeiten:
Fehler in Microsoft Outlook kann das System massiv verlangsamen
https://www.derstandard.at/story/3000000266163/fehler-in-microsoft-outlook-kann-das-system-massiv-verlangsamen
Leute, ich frage mich ernsthaft, warum die Menschen nicht scharenweise zu zumindest #Thunderbird wechseln, wo man fast alle Outlook-Nachteile mit einem Schlag verliert. Auch bei Benutzung via #Exchange.
Aunque el uso de aplicaciones infectadas con malware para robar información financiera no es algo nuevo, los últimos hallazgos de la empresa rusa de antivirus Doctor Web apuntan a una escalada significativa, ya que los atacantes están atacando directamente la cadena de suministro de varios fabricantes chinos para cargar aplicaciones maliciosas en dispositivos completamente nuevos.
https://thehackernews.com/2025/04/chinese-android-phones-shipped-with.html
#Ciberseguridad #Seguridad #Privacidad #Aplicaciones #Malware
A Warning about Malicious PoCs:
cannot believe it is occurring to people that #DOGE IS NOT ABOUT EFFICIENCY BUT #SURVEILLANCE. just like #creditCards #Paypal #Uber #Tesla #Doordash #Amazon #Netflix #GMail #Instagram and every fin/techbro business.
the apartheid clown’s #malware is a ruse to give techbros the power to spy on all Americans.
these are the consequences of your silence while many of your friends & relations vilified us for saying, DEFUND THE POLICE. we didn’t just mean PDs. we meant the whole police state.
Amiocugino Made in italy! L'esperto cyber "da palco" per ogni stagione.
Nel dubbio, dice “Zero Trust” e "blockchain" e la platea applaude.
Article: What is Incident Response? Process, Plan, and Complete Guide (2025) - Sygnia
Learn what Incident Response is, its process, and planning strategies. Explore this complete guide (2025) to effectively manage security incidents.
https://www.sygnia.co/blog/what-is-incident-response-process-plan-and-complete-guide/
Newly Registered Domains Distributing SpyNote Malware
Cybercriminals are employing deceptive websites on newly registered domains to distribute AndroidOS SpyNote malware. These sites imitate the Google Chrome install page on the Google Play Store, tricking users into downloading SpyNote, a powerful Android remote access trojan. SpyNote is used for surveillance, data exfiltration, and remote control of infected devices. The investigation uncovered multiple domains, IP addresses, and APK files associated with this campaign. The malware utilizes various C2 endpoints for communication and data exfiltration, with functions designed to retrieve and manipulate device information, contacts, SMS, and applications.
Pulse ID: 67feb504b76dd387be73309b
Pulse Link: https://otx.alienvault.com/pulse/67feb504b76dd387be73309b
Pulse Author: AlienVault
Created: 2025-04-15 19:35:32
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
