Lifeboat Foundation

Royal Ransomware is the latest ransomware operation to add support for encrypting Linux devices to its most recent malware variants, specifically targeting VMware ESXi virtual machines.

BleepingComputer has been reporting on similar Linux ransomware encryptors released by multiple other gangs, including Black Basta, LockBit, BlackMatter, AvosLocker, REvil, HelloKitty, RansomEXX, and Hive.

The new Linux Royal Ransomware variant was discovered by Will Thomas of the Equinix Threat Analysis Center (ETAC), and is executed using the command line.

Basically I underestimated chat gpt it is Basically much more powerful than I realized not just a Jetson society but it could even bring realities like we have seen in star trek the next generation where one can ask an AI anything and it can do anything given a task. This could also bring upon a superintelligence once programmed much like a wolfram alpha is for homework but for everything. It can nearly do any job and can replace all tech jobs eventually to get to universal basic income or even bring an end to the wild west of the internet it could create a near perfect cyber defense because it could simply know everything and make everything bug free. In short it can a near God like AI to answer and do any digital task. This can make nearly all jobs eventually automated:3.

It’ll be a while before ChatGPT takes your job entirely, and in the meantime you can use it to make work life easier.

Juan Andres Guerrero-Saade’s speciality is picking apart malicious software to see how it attacks computers.

It’s a relatively obscure cybersecurity field, which is why last month he hosted a weeklong seminar at Johns Hopkins University where he taught students the complicated practice of reverse engineering malware.

Continue reading “Want to build a website? Just ask ChatGPT in plain English” »

A new wave of #ransomware attacks is exploiting a #VMware vulnerability to target #ESXi hypervisor servers.

Searching Google for downloads of popular software has always come with risks, but over the past few months, it has been downright dangerous, according to researchers and a pseudorandom collection of queries.

“Threat researchers are used to seeing a moderate flow of malvertising via Google Ads,” volunteers at Spamhaus wrote on Thursday. “However, over the past few days, researchers have witnessed a massive spike affecting numerous famous brands, with multiple malware being utilized. This is not ‘the norm.’”.

Stay ahead of the game with top-notch cybersecurity measures. The attacks may be becoming more severe, but so are our defenses.

An ongoing Google ads malvertising campaign is spreading malware installers that leverage KoiVM virtualization technology to evade detection when installing the Formbook data stealer.

KoiVM is a plugin for the ConfuserEx. NET protector that obfuscates a program’s opcodes so that the virtual machine only understands them. Then, when launched, the virtual machine translates the opcodes back to their original form so that the application can be executed.

“Virtualization frameworks such as KoiVM obfuscate executables by replacing the original code, such as NET Common Intermediate Language (CIL) instructions, with virtualized code that only the virtualization framework understands,” explains a new report by SentinelLabs.

Security researchers warn that hackers may start using Microsoft Visual Studio Tools for Office (VSTO) more often as method to achieve persistence and execute code on a target machine via malicious Office add-ins.

The technique is an alternative to sneaking into documents VBA macros that fetch malware from an external source.

Since Microsoft announced it would block the execution of VBA and XL4 macros in Office by default, threat actors moved to archives (.ZIP,.ISO) and. LNK shortcut files to distribute their malware.

A threat actor named InTheBox is promoting on Russian cybercrime forums an inventory of 1,894 web injects (overlays of phishing windows) for stealing credentials and sensitive data from banking, cryptocurrency exchange, and e-commerce apps.

The overlays are compatible with various Android banking malware and mimic apps operated by major organizations used in dozens of countries on almost all continents.

Being available in such numbers and at low prices, allows cybercriminals to focus on other parts of their campaigns, development of the malware, and to widen their attack to other regions.