Show more
⇄ Σ = Mᄃ² ⇆  

Traditionally, the focus has been on defending against digital threats such as malware, ransomware, and phishing attacks by detecting them and responding. However, as cyber threats become more sophisticated. There is a growing recognition of the importance of measures that stop new attacks before they are recognized.

Why Hardsec Matters: From Protecting Critical Services to Enhancing Resilience

thehackernews.com/2024/08/why-

0
⇄ Σ = Mᄃ² ⇆  

We wanted to update you on some changes that Google’s making, and what we’re doing in Browser Guard to keep you protected.

Google Manifest V3 and Malwarebytes Browser Guard

malwarebytes.com/blog/personal

ICYMI

uBlock lite for manifest V3

counter.social/@ecksmc/1129064

creator of ublock has made an ad blocker specifically for the new API and it's available to use right now

counter.social/@ecksmc/1121281

1+
⇄ Σ = Mᄃ² ⇆  

Hundreds of millions of AMD CPUs are facing a new vulnerability called Sinkhole. The exploit, which was first reported by Wired, impacts processors dating back to 2006

wired.com/story/amd-chip-sinkc

Despite Sinkhole hitting some of AMD’s best processors, only the most recent batch of chips will receive a patch

AMD isn’t patching Ryzen 1000, 2000, or 3000 processors, nor is it patching Threadripper 1000 and 2000 CPUs, reports Tom’s Hardware.

tomshardware.com/pc-components

1+
⇄ Σ = Mᄃ² ⇆  

Ransomware attacks are on the rise across the world. How are U.S. companies being impacted and what can the government do about it? Bill Whitaker speaks with former NSA Director of Cybersecurity Rob Joyce and Las Vegas publisher Anthony Curtis

Check out this Podcast: 60 minutes:

Scattered Spider, Work to Own, Greta Gerwig

player.fm/1BkkfvM

0
⇄ Σ = Mᄃ² ⇆  

USPS Text Scammers Duped His Wife, So He Hacked Their Operation

worthy of a 🫡 right?

m.slashdot.org/story/431720

Smith began a mission: Hunt down the scammers. Over the course of a few weeks, Smith tracked down the Chinese-language group behind the mass-smishing campaign, hacked into their systems, collected evidence of their activities, and started a months-long process of gathering victim data and handing it to USPS investigators and a US bank

1
⇄ Σ = Mᄃ² ⇆  

ongoing and widespread malware campaign force-installed malicious Google Chrome and Microsoft Edge browser extensions in over 300,000 browsers, modifying the browser's executables to hijack homepages and steal browsing history.

(Check your extensions - list of extensions you should get rid off)

bleepingcomputer.com/news/secu

0
⇄ Σ = Mᄃ² ⇆  

multi-stage attack, disguised as a customer service request, delivers malicious attachments that, once opened, install XWorm, VenomRAT, AsyncRAT, and PureHVNC

sophisticated phishing campaign targeting Windows systems leverages multiple evasion techniques, including Python obfuscation, shellcode generation, and loading, to deploy a payload of malware.

gbhackers.com/windows-malware-

0
⇄ Σ = Mᄃ² ⇆  

Not SOCRadar breach.... Or not?

What Exactly Happened in This Incident?

The investigation revealed that SOCRadar’s internal systems were not breached. The threat actor acquired a license from SOCRadar under a legitimate company name, providing access to the platform similar to any other customer. With this account, the actor could search for well-known domain names, collect Telegram channel names, and crawl these channels to harvest email addresses.

socradar.io/socradars-response

1
⇄ Σ = Mᄃ² ⇆  

Hackers stole $12m in virtual currency from Ronin Network, which has previously suffered a massive $620m heist

Although its not your usual "heist" as the $12 million was returned - it was Ethical hackers who stole it then returned it

infosecurity-magazine.com/news

0
⇄ Σ = Mᄃ² ⇆  

Elastic Security Labs has lifted the lid on a slew of methods available to attackers who want to run malicious apps without triggering Windows' security warnings, including one in use for six years.

Bad apps bypass Windows security alerts for six years using newly unveiled trick

theregister.com/2024/08/06/bad

Windows SmartScreen and Smart App Control both have weaknesses of which to be wary

0
⇄ Σ = Mᄃ² ⇆  

Meanwhile:

Android security updates this month patch 46 vulnerabilities, including a high-severity remote code execution (RCE) exploited in targeted attacks.

bleepingcomputer.com/news/secu

Google says that "there are indications that CVE-2024-36971 may be under limited, targeted exploitation," with threat actors likely exploiting to gain arbitrary code execution without user interaction on unpatched devices.

/nosanitize

source.android.com/docs/securi

0
⇄ Σ = Mᄃ² ⇆  

North Korean hackers exploit VPN update flaw to install malware

bleepingcomputer.com/news/secu

South Korea's National Cyber Security Center (NCSC) warns that state-backed DPRK hackers hijacked flaws in a VPN's software update to deploy malware and breach networks.

1
⇄ Σ = Mᄃ² ⇆  

Sidenote:

Install and use URL check app as your default browser

counter.social/@ecksmc/1126370

With the VirusTotal module enabled you can check URLs, read the report without actually visiting VirusTotal site, before actually opening them

Or any URL you think might be dodgy try copying it then paste it into VirusTotal

virustotal.com/gui/home/url

will check the URL itself - there is also a file upload option for files you wanna check

0
⇄ Σ = Mᄃ² ⇆  

malware dons several cloaks, but the latest one to stay wary of is called BingoMod, and Bleeping Computer found a report from researchers at cybersec firm Cleafy saying it uses a technique called smishing to attack devices

cleafy.com/cleafy-labs/bingomo

1
⇄ Σ = Mᄃ² ⇆  

The fourth biggest mobile network in the UK has issued a warning over a fresh wave of fake texts

According to Three Mobile, they've blocked a jaw-dropping 20 million fraudulent messages this year alone. That's 111,111 every day. But despite the best efforts of the network, some of these scam texts are still slipping through to net.

1
⇄ Σ = Mᄃ² ⇆  

Google ads push fake Google Authenticator site installing malware

bleepingcomputer.com/news/secu

1
⇄ Σ = Mᄃ² ⇆  

security issue in the latest version of WhatsApp for Windows allows sending Python and PHP attachments that are executed without any warning when the recipient opens them - For the attack to be successful, Python needs to be installed

bleepingcomputer.com/news/secu

0
⇄ Σ = Mᄃ² ⇆  

Organizations Warned of Exploited Twilio Authy Vulnerability

CISA warns of the in-the-wild exploitation of CVE-2024-39891, a Twilio Authy bug leading to the disclosure of phone number data

securityweek.com/organizations

ICYMI

counter.social/@ecksmc/1127243

counter.social/@ecksmc/1088325

1
⇄ Σ = Mᄃ² ⇆  

Chrome users will now see warnings alerting them of suspicious files (based on lower confidence verdicts and unknown risk of user harm) or dangerous files (on high confidence verdicts and high risk of user harm)

Chrome browser now also sends suspicious files to the company's servers for a deeper scan for users with Enhanced Protection mode enabled

1
⇄ Σ = Mᄃ² ⇆  

Google promotes its reCAPTCHA service as a security mechanism for websites, but researchers affiliated with the University of California, Irvine, argue it's harvesting information while extracting human labor worth billions.…Forget security – Google's reCAPTCHA v2 is exploiting users for profit

In a paper [PDF]

arxiv.org/pdf/2311.10911

titled "Dazed & Confused: A Large-Scale Real-World User Study of reCAPTCHAv2,"

1
Show more

⇄ Σ = Mᄃ² ⇆
@[email protected]

⇄ Σ = Mᄃ² ⇆'s choices:

cososec

1.23K

tipsandtricks

438

jussayin

298

ai

209

linux

88

podcasts

75

cybercrime

38

scotspolitics

23

cosotips

20

privacy

13

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.

Resources

Developers

What is CounterSocial?

Created by potrace 1.15, written by Peter Selinger 2001-2017

counter.social

More…