Russia is preparing something in #Belarus under guise of military drills
“Look at Belarus — this summer, #Russia is preparing something there under the guise of #military #exercises. This is how its new #attacks usually start,” Zelensky said
“But where this time? I don’t know. #Ukraine? #Lithuania? #Poland? God forbid! But we all have to be prepared. All our institutions are open to cooperation.”
#RussianAggression #Imperialism #StandWithUkraine #RussianPropaganda
#AI Code #Hallucinations Increase the Risk of ‘Package Confusion’ #Attacks
A new #study found that code generated by AI is more likely to contain made-up information that can be used to trick software into interacting with #malicious #code.
https://www.wired.com/story/ai-code-hallucinations-increase-the-risk-of-package-confusion-attacks/
#France calls #UN Security Council meeting over #Russian #attacks on civilians in Ukraine
#Russia has intensified its #missile and #drone #attacks against #Ukrainian cities. towns & #civilians even as the U.S. seeks to broker a peace deal. Kyiv has called for a full, unconditional #ceasefire as the first step in the #peace process — a request #Moscow continues to reject.
Ransomware attacks have evolved beyond simple data encryption, with cybercriminals now using double extortion tactics to increase their leverage over victims. Companies that pay the ransom to regain access to their files may still face data leaks, regulatory penalties, and reputational...
Dear Canadians:
Judging from our experience, #terror #attacks like that in #Vancouver shortly before #elections suddenly stop after elections.
🇨🇦
Trump Urges Vladimir to Halt Attacks on Kyiv Amid Growing Discontent #World #attacks #Discontent #growing #halt #Kyiv #Trump #urges #Vladimir
https://tinyurl.com/29r97tfv
Farmaajo Justifies Troop Pullout from Aden Yabaal Amid Rising Al-Shabaab Attacks in Central Somalia #Somalia #WestAfrica #Aden #AlShabaab #attacks #Central #Farmaajo #Justifies #Pullout #rising #Somalia #troop #Yabaal
https://tinyurl.com/26ga2gev
#Phishing #attacks via #SVG files to increase in 2025
https://technewsro.blog/atacurile-de-phishing-prin-fisiere-svg-cresc-n-2025/
Wish people would keep their dogs on a leash on trailways, pathways (people bike on these) and in parks where people are known to have children around.
Nobody wants to get attacked, lunged at or bitten on their way to a destination, much less have to rush their child to a hospital. #leashyourdog #offleash #unacceptable #attacks #dogs #irresponsible #dogowners
Escalating Violence in Plateau: Nigeria Faces Heightened Insecurity as Lives are Lost in Recent Attacks #WestAfrica #Africa #attacks #business #currentevents #Economy #escalating #faces #governance #Heightened #insecurity #LegalandJudicialAffairs #lives #lost #news #Nigeria #PLATEAU #politics #sports #trade #travel #violence #WestAfrica
https://tinyurl.com/2dk6vzpe
How #AI Hallucinations Are Fueling a New Class of Supply Chain #Attacks https://socket.dev/blog/slopsquatting-how-ai-hallucinations-are-fueling-a-new-class-of-supply-chain-attacks
Hackers bypass Gmail & Microsoft 2FA with advanced phishing attacks. Protect your accounts now with stronger security measures.
#Microsoft #2FA #advanced #phishing #attacks #Protect #accounts #stronger #security
https://www.hitnewslatest.com/2025/04/gmail-and-microsoft-2fa-security.html
:androidalt: :apple_inc: Phishing Platform 'Lucid' behind Wave of iOS and Android SMS Attacks.
⚠️Beware⚠️, a phishing-as-a-service [PhaaS] platform named 'Lucid' has been targeting 169 entities in 88 countries using well-crafted messages sent on iMessage [iOS] and RCS [Android].
http://catalyst.prodaft.com/public/report/lucid/overview
#apple #imessage #android #rcs #sms #spam #lucid #phishing #messages #attacks #it #security #privacy #engineer #media #tech #news
![[ImageSource: Prodaft]
Device Farm used for spamming Targets.
Lucid operators use large-scale iOS and Android device farms to send text messages. For iMessage, Lucid uses temporary Apple IDs. For RCS, the threat actors exploit carrier-specific implementation flaws in sender validation.
"The main purpose of showcasing phishing messages being sent from victim devices while driving is to demonstrate how easily individuals can become involved in such operations," Prodaft said. "Some threat actors may be drawn to low-risk, low-profit spam campaigns that require minimal technical skills or infrastructure — often relying on virtualization tools or repurposed physical devices to automate message delivery at scale."
⚠️When receiving a spam message on your device urging you to follow an embedded link or reply to the message, simply ignore it. Instead, log in to the actual service directly and check for pending alerts or bills.⚠️](https://files.mastodon.social/cache/media_attachments/files/114/319/465/948/075/649/original/a63528b8886a3bda.jpeg)
However, because this attack has been going on for two weeks, some endpoint protection tools (well, about a third of them) are catching on that this particular file is bad, and should feel bad.
https://www.virustotal.com/gui/file/13d71b884a0625f3aa3805fb779d95513d0485671ab8c090a0c790ceda071e63
The most important lesson here is that attackers always come up with new ways to evade detection. Using a commercially available, normally legitimate remote access tool with a valid cryptographic signature lets the attacker bypass some kinds of endpoint detection.
Remember to check the From: address in emails, and the destination of any links they point to. You can do this by hovering your mouse over the link without clicking, and waiting a second. If it says it's from the SSA, but it isn't pointing to SSA.gov, then it's a lie.
If you find content like this useful, please follow me here, or on LinkedIn: https://www.linkedin.com/in/andrew-brandt-9603682/
9/fin
When clicked, the button delivers malware, but it's an unexpected payload: A client installer for the commercial remote-access tool ConnectWise.
Every time I clicked the download link, it gave me the same file with six different random digits appended to the filename. Note that it is not, as the website implies, a PDF document, but a Windows executable file, with a .exe extension.
8/
This is where I tell you: don't do this! I am a trained professional. I click all the bad links so you don't have to. I am going to show you what happens next.
A button appears on this page, labeled "Access Your Statement." The site serving up this payload delivers a file named "Social Security Statement Documents [six digit random number].exe"
7/
![The site delivers a file named "Social Security Statement Documents [six random numbers].exe" and the numbers change every time you download the file.](https://files.mastodon.social/cache/media_attachments/files/114/315/298/488/886/264/original/e45ed7b5705495c9.png)
Finally the target lands on a page on the InMotion site that closely resembles the look-and-feel of the content in the email message.
The page tells the visitor, in part "Download your statement as a PDF file" and "For security reasons, we recommend accessing your statement through your secure device."
Spoiler alert: It was not a PDF file.
(Edit: A reader informs me that this appears to be the hosting space used by the temp agency website, and that for whatever reason, the URL appears differently here.)
6/
The target's browser then lands on another website, hosted by a large hosting service, InMotion Hosting. As with the temp agency website, the attackers have set up multiple URLs on this site, where the first URL performs a 302 redirect to go to the second URL, for no apparent reason other than to create the URL equivalent of a Rube Goldberg contraption.
5/
That link then immediately 302 redirects the target's browser to a link on a second website, one that belongs to a temp agency based in the US state of Maryland.
The attackers have created two URLs on this company's site for this purpose. The first one redirects to the second one.
Again, the site appears to have been compromised and used specifically for the purpose of obfuscating the redirection chain.
4/
