handmade.social

0 posts0 participants0 posts today

ricardo :mastodon:<a href="https://fosstodon.org/tags/ESET" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ESET</a> recommends installing <a href="https://fosstodon.org/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> if your unsupported <a href="https://fosstodon.org/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Windows</a> 11 PC can't update from 10 <a href="https://www.neowin.net/amp/eset-recommends-installing-linux-if-your-unsupported-windows-11-pc-cant-update-from-10/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.neowin.net/amp/eset-recommends-installing-linux-if-your-unsupported-windows-11-pc-cant-update-from-10/</a>

Aryeh GoretskyI just had my 19th anniversary at <a href="https://infosec.exchange/tags/ESET" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ESET</a>, and passed my 35 year anniversary in the AV industry a couple of months ago, which started at <a href="https://infosec.exchange/tags/McAfee" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#McAfee</a>. Still fighting the good fight, and thinking about how the industry has changed over the decades... A long way from floppy diskette boot sector infectors to EFI system partition infectors on solid state drives. Well... maybe not so far after all. :)

Nick W.<a href="https://infosec.exchange/tags/ESET" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ESET</a> has probably known this for years, as others have. It's likely a nation-state or somebody who is basically doing this by using hidden payloads delivered in OS updates (a.k.a. found in the wild).I've had the worst sort of luck maintaining dual boot on some of my PC systems. When I run an update either on <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> or Windows, my system has been known to lose its shimx64.efi or have its content internally modified in some surreptitious way which I cannot see on my end, at all. No joke. And no bullshit. <a href="https://infosec.exchange/tags/UEFI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UEFI</a> is a lackluster standard. Microsoft keeps adhering to use of this standard because no one in industry could agree on much else at the time.<a href="https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/</a>

st1nger :unverified: 🏴‍☠️ :linux: :freebsd:Researchers at security firm <a href="https://infosec.exchange/tags/ESET" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ESET</a> said Wednesday that <a href="https://infosec.exchange/tags/Bootkitty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Bootkitty</a> -- the name unknown threat actors gave to their <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> bootkit -- was uploaded to <a href="https://infosec.exchange/tags/VirusTotal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VirusTotal</a> earlier this month. The World's First Unkillable <a href="https://infosec.exchange/tags/UEFI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UEFI</a> Bootkit For Linux <a href="https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/</a>

Argenis<a href="https://mastodon.online/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://mastodon.online/tags/UEFI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UEFI</a> <a href="https://mastodon.online/tags/BootKit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BootKit</a> <a href="https://mastodon.online/tags/PersistentMalware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PersistentMalware</a> <a href="https://mastodon.online/tags/ESET" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ESET</a> <a href="https://mastodon.online/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a><a href="https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/</a>

st1nger :unverified: 🏴‍☠️ :linux: :freebsd:<a href="https://infosec.exchange/tags/ESET" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ESET</a> Research details the analysis of a previously unknown vulnerability in <a href="https://infosec.exchange/tags/Mozilla" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mozilla</a> products exploited in the wild. This critical vulnerability, assigned CVE-2024-9680 with a CVSS score of 9.8, allows vulnerable versions of <a href="https://infosec.exchange/tags/Firefox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Firefox</a>, <a href="https://infosec.exchange/tags/Thunderbird" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Thunderbird</a>, and the <a href="https://infosec.exchange/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Tor</a> Browser to execute code in the restricted context of the browser <a href="https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/</a>

Kevin Karhan :verified:<a href="https://infosec.space/@topher" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@topher</a> nit used it yet but <a href="https://infosec.space/tags/ESET" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ESET</a> AFAICT are one of tue few vendors that ain't falling under some <a href="https://infosec.space/tags/cyberfacist" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyberfacist</a> bs. from either the <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#USA</a>, "<a href="https://infosec.space/tags/PRC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PRC</a>" or <a href="https://infosec.space/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a>... <ul><li>I did took a look into it at an employer as part of planning a new <a href="https://infosec.space/tags/ManagedIT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ManagedIT</a> offering based on <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://infosec.space/tags/Desktop" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Desktop</a>|s...</li></ul>I should give it a closer look.

Xavier «X» Santolaria :verified_paw: :donor:📨 Latest issue of my curated <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> and <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> list of resources for week #42/2024 is out!It includes the following and much more:➝ <a href="https://infosec.exchange/tags/Cisco" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cisco</a> Investigating <a href="https://infosec.exchange/tags/Breach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Breach</a>;➝ Data from <a href="https://infosec.exchange/tags/Verizon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Verizon</a>'s push-to-talk System for Sale;➝ <a href="https://infosec.exchange/tags/Gmail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Gmail</a> Alert For 2.5B Users As <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a> Hack Confirmed;➝ Dark Web Shut Down in Finland;➝ <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> Lost Cloud Security Logs;➝ <a href="https://infosec.exchange/tags/ESET" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ESET</a> Breached;Subscribe to the <a href="https://infosec.exchange/tags/infosecMASHUP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosecMASHUP</a> newsletter to have it piping hot in your inbox every week-end ⬇️<a href="https://infosec-mashup.santolaria.net/p/infosec-mashup-422024?r=299go8&utm_campaign=post&utm_medium=web" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec-mashup.santolaria.net/p/infosec-mashup-422024?r=299go8&utm_campaign=post&utm_medium=web</a>

gtbarryEuropean govt air-gapped systems breached using custom malwareAn APT hacking group known as GoldenJackal has successfully breached air-gapped government systems in Europe using two custom toolsets to steal sensitive data, like emails, encryption keys, images, archives, and documents<a href="https://mastodon.social/tags/europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#europe</a> <a href="https://mastodon.social/tags/ESET" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ESET</a> <a href="https://mastodon.social/tags/APT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT</a> <a href="https://mastodon.social/tags/GoldenJackel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GoldenJackel</a> <a href="https://mastodon.social/tags/airgapped" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#airgapped</a> <a href="https://mastodon.social/tags/USB" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#USB</a> <a href="https://mastodon.social/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://mastodon.social/tags/hakers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hakers</a> <a href="https://mastodon.social/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://mastodon.social/tags/hacked" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacked</a><a href="https://www.bleepingcomputer.com/news/security/european-govt-air-gapped-systems-breached-using-custom-malware/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/european-govt-air-gapped-systems-breached-using-custom-malware/</a>

Recent searches

Search options

Administered by:

Server stats:

#eset