Replied in thread
@tagesschau ja wenn überall dieselbrige #backdoor|te #Govware (#Windows) benutzt wird ist das nunmal systemisches Versagen und politisch so gewollt!
Recent searches
Search options
Administered by:
#backdoor
3 posts3 participants0 posts today
Victims risk AsyncRAT infection after being redirected to fake Booking.com sites
Cybercriminals have launched a campaign redirecting users from gaming sites and social media to fake Booking.com websites. The scam uses fake CAPTCHA prompts to trick visitors into executing malicious commands on their devices. If successful, the attack downloads and installs AsyncRAT, a backdoor Trojan that allows remote monitoring and control of infected computers. The campaign, which began in mid-May, frequently changes its final redirect destination. The malicious actors exploit the fact that 40% of people book travel through online searches, creating ample opportunities for deception. To stay safe, users are advised to be cautious of website instructions, use anti-malware solutions, employ browser extensions that block malicious domains, and consider disabling JavaScript on unknown websites.
Pulse ID: 683f4a28139ebdbc4b63fd2d
Pulse Link: https://otx.alienvault.com/pulse/683f4a28139ebdbc4b63fd2d
Pulse Author: AlienVault
Created: 2025-06-03 19:16:56
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
New: Backdoors found in Python & NPM packages targeting Windows & Linux! Attackers use fake ‘colorama’ & ‘colorizr’ to steal data + gain remote access.
Read more: https://hackread.com/backdoors-python-npm-packages-windows-linux/
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto · Backdoors in Python and NPM Packages Target Windows and LinuxFollow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread
ViciousTrap: Persistent SSH Backdoors Found in 9,000+ ASUS Routers
A sophisticated cyberattack campaign, dubbed ViciousTrap, has compromised over 9,000 ASUS routers, establishing persistent SSH backdoors that survive reboots and firmware updates.
Reboot and firmware update useless: Thousands of Asus routers compromised
An IT security firm has discovered a sophisticated campaign to compromise Asus routers. The built-in backdoor is extremely persistent.
heise online · Reboot and firmware update useless: Thousands of Asus routers compromised
Neustart und Firmware-Update zwecklos: Tausende Asus-Router kompromittiert
Eine IT-Sicherheitsfirma hat eine ausgefeilte Kampagne zur Kompromittierung von Asus-Routern entdeckt. Die dabei eingebaute Hintertür ist äußerst hartnäckig.
heise online · Neustart und Firmware-Update zwecklos: Tausende Asus-Router kompromittiert
Poświęć 2 minuty i wyraź swoją opinię na temat retencji danych w UE i backdoorów w komunikacji e2e.
https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/14680-Impact-assessment-on-retention-of-data-by-service-providers-for-criminal-proceedings-_en
#privacy #eu #dataretention #backdoor #e2ee
European Commission - Have your sayEuropean Commission - Have your sayEuropean Commission - Have your say
G◍M◍◍T 
Migliaia di router ASUS infettati da backdoor persistente
https://gomoot.com/migliaia-di-router-asus-infettati-da-backdoor-persistente/
Gomoot : tecnologia e lifestyle Scopri le ultime novità in fatto di hardware, tecnologia IA e altro · Migliaia di router ASUS infettati da backdoor persistenteRouter ASUS compromessi senza l'uso di malware, sfruttando funzionalità legittime per garantire accesso remoto persistente anche dopo aggiornamenti.
Thousands of #Asus #routers are being hit with stealthy, persistent #backdoors
Thousands of home and small office routers manufactured by Asus are being infected with a stealthy #backdoor that can survive reboots and firmware updates in an attack by a nation-state or another well-resourced threat actor, researchers said.
#security
Ars Technica · Thousands of Asus routers are being hit with stealthy, persistent backdoors
Replied in thread
@marjolica @utf_7 @dashjackson @froge @arstechnica It'll impact any application that uses #Windows' #CryptoAPI and doesn't come with it's own #Encryption Library and #CertificateManagment.
- IDK if the "#Linux Subsystem for #Windows" (The real "#WindowsSubsystemForLinux" is #Wine!) may or may not be as #cursed as to just wrap said functions into the #CryptoAPI instead of doing it with the applications' dependencies.
Needless to say all #Chromium variants and #IE / #Edge are vulnerable to this #Backdoor which exists since at least #WindowsXP to this day!
- Thus consider said #OS inherently unsafe!
New #AyySSHush #botnet compromised over 9,000 #ASUS routers, adding a persistent SSH #backdoor.
https://securityaffairs.com/178413/malware/new-ayysshush-botnet-compromised-over-9000-asus-routers-adding-a-persistent-ssh-backdoor.html
#securityaffairs #hacking #malware
@dashjackson @froge @arstechnica this isn't new either.
- #Microsoft refuses to fix their #CrpytoAPI #Backdoor so anything that uses it (all browsers excpet #Firefox & #TorBrowser as well as all eMail clients except #Thunderbird) are vulnerable, and that vulnerable is trigger-able with a single HTTPS request.
GitHubGitHub - kkarhan/windows-ca-backdoor-fix: Fixes a critical backdoor in Windows' CryptoAPI, which allows to unconsenting Update of CA Certificates in the background. See https://www.heise.de/ct/ausgabe/2013-17-Zweifelhafte-Updates-gefaehrden-SSL-Verschluesselung-2317589.htmlFixes a critical backdoor in Windows' CryptoAPI, which allows to unconsenting Update of CA Certificates in the background. See https://www.heise.de/ct/ausgabe/2013-17-Zweifelhafte-Updates-gefae...
AyySSHush Botnet Exploits ASUS Routers to Establish Persistent SSH Backdoor
Pulse ID: 6837b3268dd103bcc69d7488
Pulse Link: https://otx.alienvault.com/pulse/6837b3268dd103bcc69d7488
Pulse Author: cryptocti
Created: 2025-05-29 01:06:46
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
Replied in thread
Just talking about passive voice-ish construction of the sentence that de-emphasizes the manufacturer putting in a backdoor for themselves or their government.
With "intended to be crazy" examples of similarly removing the actor cause.
European Union is once again proposing a new mass digital surveillance law. It is North Korea-level of extreme.
https://lemm.ee/post/65027886
lemm.eeEU is proposing a new mass surveillance law and is asking the public for feedback news - lemm.ee
Apple: Sonhos de internet via satélite esbarraram em Elon Musk e receios internos https://tugatech.com.pt/t67278-apple-sonhos-de-internet-via-satelite-esbarraram-em-elon-musk-e-receios-internos
TugaTechApple: Sonhos de internet via satélite esbarraram em Elon Musk e receios internos A Apple já nos habituou à sua funcionalidade de comunicação por satélite em iPhones desde 2022, um serviço que tem vindo a expandir. Contudo, novas revelações
Replied in thread
@GossiTheDog @signalapp it merely prevents #Screenshots by claiming it's #DRM'd content.
It's a mere ask and #Microsoft could specifically close that #API and make it subject to contractual agreements (as they did with their #Antivirus API calls to disable #WindowsDefender!) if they decide this is against their wishes.
It also doesn't prevent the #Keylogger nor works against the known #CryptoAPI #backdoor affecting all #Browsers (except #Firefox and @torproject / #TorBrowser) which can be triggered by a single #HTTPS request.
The correct solution for #Signal would be to alert all their users and specifically block #Windows in general or at least #Windows11 simply because it is a #Govware and empirically cannot be made private or secure.
But that would require them to actually give a shit, which thed don't, cuz otherwise they would've stopped demanding #PII like a #PhoneNumber and moved out of juristiction of #CloudAct.
- I mean, what's gonna prevent the #Trump-Regime from threatening @Mer__edith et. al. with lifetime in jail for not kicking the #ICC (or anyone else he and his fans dislike) from #Signal's infrastructure?
Since they are highly centralized.they certainly are capable to comply with "#Sanctions" (or whatever bs he'll claim!)...
GitHubGitHub - kkarhan/windows-ca-backdoor-fix: Fixes a critical backdoor in Windows' CryptoAPI, which allows to unconsenting Update of CA Certificates in the background. See https://www.heise.de/ct/ausgabe/2013-17-Zweifelhafte-Updates-gefaehrden-SSL-Verschluesselung-2317589.htmlFixes a critical backdoor in Windows' CryptoAPI, which allows to unconsenting Update of CA Certificates in the background. See https://www.heise.de/ct/ausgabe/2013-17-Zweifelhafte-Updates-gefae...
China-linked UnsolicitedBooker APT used new backdoor MarsSnake in recent attacks – Source: securityaffairs.com https://ciso2ciso.com/china-linked-unsolicitedbooker-apt-used-new-backdoor-marssnake-in-recent-attacks-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #UnsolicitedBooker #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #MarsSnake #backdoor #Security