Chinese Gang Used ArcGIS As A Backdoor For A Year – And No One Noticed
[State sponsored] Crims turned trusted [#ESRI] mapping software into a hideout - no traditional malware required
--
https://www.theregister.com/2025/10/14/chinese_hackers_arcgis_backdoor/ <-- shared media article
--
https://www.scworld.com/brief/novel-flax-typhoon-campaign-exploited-arcgis-for-extended-persistence <-- shared technical media article
--
https://reliaquest.com/blog/threat-spotlight-inside-flax-typhoons-arcgis-compromise <-- shared security technical article
--
https://securityaffairs.com/183398/apt/flax-typhoon-apt-exploited-arcgis-server-for-over-a-year-as-a-backdoor.html <-- shared security technical article
--
“A Chinese state-backed cybergang known as Flax Typhoon spent more than a year burrowing inside an ArcGIS server, quietly turning the trusted mapping software into a covert backdoor..."
#GIS #spatial #mapping #security #malware #exploit #ArcGIS #server #China #statesponsored #FlaxTyphoon #espionage #SOE #objectextension #hidden #payload #backups #risk #hazard #restapi #credentials #flaw #malicious #persistence
#persistence
Các người sáng lập thành công khác ở điểm kiên nhẫn hành động mỗi ngày. Mesk ý tưởng không quan trọng, cần kiên nhẫn đąng lên, không ngừng cố gắng. #Founders #Persistence #Startup #NgườiSángLập #GiữNhẫnNve #Business
https://www.reddit.com/r/SaaS/comments/1o841jg/founders_that_get_it_do_this_one_thing_differently/
**Chúc mửng! SaaS của chúng ta từ cơn gục rơi xuống đến 6 người dùng trả钱 trong 1 tuần!** 🎉 Đã vượt qua OpenAI và Google trong lĩnh vực nhỏ của mình! 🌟 Xem kết quả tạiMuse: [v’appropriate showcase link]
**#SaaS #CôngNgắn #Vietnam #ÁpĐặt Versuch**
#Persistence #TechStartup #Innovation
https://www.reddit.com/r/SaaS/comments/1o6sik8/our_saas_has_first_users_in_2_years_that_we_have/
Chinese hackers abuse geo-mapping tool for year-long persistence
https://www.bleepingcomputer.com/news/security/chinese-hackers-abuse-geo-mapping-tool-for-year-long-persistence/
#Infosec #Security #Cybersecurity #CeptBiro #ChineseHackers #GeoMappingTool #Persistence
Edison failed often, yet he kept working. His lesson is clear: stay steady, and you will astonish yourself.
#Persistence #Success #Quotes
https://quotes.thisgrandpablogs.com/reach-our-potential/
New publication: 'Persistence', https://doi.org/10.4324/9781003495611-18
An overview of the debate from my particular perspective. #philosophy #metaphysics #persistence
Statistics indicate that 90% of people quit before achieving success. I choose to be in the 10% that keeps going. #Persistence #SuccessMindset
He that falls obstinate in his courage — Si succiderit, de genu pugnat — he who, for any danger of imminent death, abates nothing of his assurance; who, dying, yet darts at his enemy a fierce and disdainful look, is overcome not by us, but by fortune; he is killed, not conquered.
The most valiant are sometimes the most unfortunate.
There are defeats more triumphant than victories.
[Celuy qui tombe obstiné en son courage, si succiderit, de genu pugnat. Qui pour quelque danger de la mort voisine, ne relasche aucun point de son asseurance, qui regarde encores en rendant l’ame, son ennemy d’une veuë ferme & desdaigneuse, il est battu, non pas de nous, mais de la fortune: il est tué, non pas vaincu: les plus vaillans sont par fois les plus infortunez. Aussi y a-il des pertes triomphantes à l’envy des victoires.]
Michel de Montaigne (1533-1592) French essayist
Essays, Book 1, ch. 30 (1.30), “Of Cannibals [Des Cannibales]” (1578) [tr. Cotton/Hazlitt (1877)]
More info about (and translations of) this quote: wist.info/montaigne-michel-de/…
#quote #quotes #quotation #qotd #montaigne #bravery #courage #defeat #defiance #persistence #triumph #valor #victory #confidence
Join @MarkusKett at #IBMTechXchange!
Oct 8, 10:30 AM EDT
Talk 2790: Rethinking Microservice #Persistence: Beyond the Database Monolith
https://reg.tools.ibm.com/flow/ibm/techxchange25/sessioncatalog/page/sessioncatalog/session/1746107435312001T3Dw
Learn how slashes ORM/db lag, enables agile & cost-efficient #Microservices.
Join @MarkusKett at #IBMTechXchange!
Oct 8, 10:30 AM EDT
Talk 2790: Rethinking Microservice #Persistence: Beyond the Database Monolith
https://reg.tools.ibm.com/flow/ibm/techxchange25/sessioncatalog/page/sessioncatalog/session/1746107435312001T3Dw
Learn how slashes ORM/db lag, enables agile & cost-efficient #Microservices.
The moment you see your kids running - proud moment. They have been running every day for the past 5 days. Maybe they will reach me one day. Hope this teaches them about consistency, persistence and more importantly the health benefits #run #running #health #consistency #persistence
Building a house for your data
Filtering = foundation
Entities = framework
Transactions = plumbing
Migrations = renovations
Security = locks & alarms
Learn the Quarkus way → https://www.the-main-thread.com/p/quarkus-java-data-persistence-journey
What, after all, has maintained the human race on this old globe, despite all the calamities of nature and all the tragic failings of mankind, if not faith in new possibilities and courage to advocate them?
Jane Addams (1860-1935) American reformer, suffragist, philosopher, author
Peace and Bread in Time of War, ch. 7 “Personal Reactions During War” (1922)
More info about this quote: wist.info/addams-jane/22534/
#quote #quotes #quotation #qotd #janeaddams #courage #endurance #faith #humancondition #optimism #persistence #possibilities
Why #curiousity, #persistence and #entrepreneurialism are good things to have but also why they will annoy the hell out of everyone around you. My interview with the good folks at Bold Journey: https://boldjourney.com/news/meet-martin-bihl/ #advertising #marketing #creativity #business
Las cosas buenas les llegan a los que son pacientes y grandes cosas les llegan a los que persisten 😎😉🙏🏻#patience #faith #persistence 💪🏻 #tyGod ❤️ #gym #workout
🦠 Malware Analysis
===================
🦠 Malware Analysis
Executive summary: Fake utility installers (including speedtest,
manual-reader/finder, PDF tools, and some AI frontends) have been
observed to bundle a portable Node runtime, extract an obfuscated
JavaScript payload, and install a Scheduled Task to execute that JS on
a recurring cycle. The JS speaks to a C2 (observed domain:
cloud.appusagestats[.]com), exfiltrates system identifiers and can
execute arbitrary commands returned by the server.
Technical details:
• The installers are packed with an Inno-Packer and drop a portable
Node runtime folder alongside the visible application executable.
• Persistence is implemented via a Scheduled Task (task.xml) that
executes the dropped node.exe with an obfuscated *.js script on an
approximate 12-hour cadence.
• The JavaScript is heavily obfuscated but decodes into JSON-formatted
POST payloads (e.g., a version string like "0.2.1" and a
JSON.stringify body). The script queries
HKLM\Software\Microsoft\Cryptography for MachineGuid via reg.exe to
uniquely identify hosts.
• The C2 interaction includes encoded/obfuscated POSTs and server
responses that can include commands such as powershell -NoPr... for
remote execution.
Impact and attack mechanics:
• The visible app functions normally, reducing suspicion while the
background agent provides persistent C2 connectivity and remote
execution capabilities.
• This separation increases attack surface: defenders may see only a
benign UI app while a persistent Node-based agent operates
independently.
Detection guidance:
• Search for Scheduled Tasks invoking node.exe outside known
development contexts.
• Detect unexpected portable Node runtimes co-located with third-party
installers.
• Monitor outbound POSTs to uncommon domains like
cloud.appusagestats[.]com and inspect request bodies for JSON
structures and Base64-encoded payloads.
• Track registry queries for
HKLM\Software\Microsoft\Cryptography\MachineGuid from non-standard
processes.
Mitigations:
• Block or alert on execution of portable runtimes from user-writable
directories.
• Restrict scheduled task creation to privileged installers; monitor
changes to task scheduler.
• Enforce egress filtering to limit access to suspicious domains and
use TLS inspection where policies allow.
References & notes:
• Observed artifacts: Inno-Packer installer, portable Node folder,
obfuscated *.js, task.xml, C2 domain cloud.appusagestats[.]com.
🔹 nodejs #powershell #scheduledtask #obfuscation #persistence
🔗 Source: https://security5magics.blogspot.com/2025/09/fake-online-speedtest-application.html
Weaponizing macOS auditd
Backdoors auditd for persistence; shows malloc zone limits cause loader crashes when run via auditd coalition; advises mmap for large allocations.
The amount of caffeine in a strong cup of coffee increases the time that people spend attempting an insoluble task. Stress further enhances this effect.
Summary: https://www.psypost.org/study-finds-caffeine-increases-task-persistence-under-pressure/
Original paper: https://onlinelibrary.wiley.com/doi/10.1002/hup.70014
New Book: DSL thinks about mobility of people’s, materials, and ideas along pipelines (specific conditions) to present an amazing analysis of the spatial structures within which native peoples exist within White US mainstream society — compelling & passionate!! #persistence #lumbee #geography
