Famous Chollima deploying Python version of GolangGhost RAT

In May 2025, Cisco Talos identified a Python-based remote access trojan (RAT) called 'PylangGhost', used by a North Korean-aligned threat actor. PylangGhost shares similarities with the previously documented GolangGhost RAT. The threat actor, Famous Chollima, has been targeting employees with experience in cryptocurrency and blockchain technologies through fake job interview sites. The attacks primarily affect users in India. The malware is deployed through a two-stage process involving fake skill-testing pages and malicious command execution. PylangGhost consists of six Python modules and offers functionalities similar to its Golang counterpart, including system information collection, file manipulation, and browser data theft from over 80 extensions.

Pulse ID: 6852f50f8e7fb42e2328c1c5
Pulse Link: https://otx.alienvault.com/pulse/6852f50f8e7fb42e2328c1c5
Pulse Author: AlienVault
Created: 2025-06-18 17:19:11

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlockChain #Browser #Cisco #CyberSecurity #DataTheft #Golang #India #InfoSec #Korea #Malware #NorthKorea #OTX #OpenThreatExchange #Python #RAT #RemoteAccessTrojan #Talos #Trojan #bot #cryptocurrency #AlienVault

Know thyself, know thy environment

This intelligence report emphasizes the importance of understanding one's own environment and personal weaknesses in cybersecurity. It stresses the need for repeatable processes to maintain knowledge of one's environment and advocates for continuous learning to fill skill gaps. The report also highlights recent vulnerability disclosures by Cisco Talos across various software, including catdoc, Parallel, NVIDIA, and High-Logic FontCreator. It underscores the significance of promptly applying patches and remaining vigilant against potential exploits. Additionally, the report touches on recent cyber incidents affecting the NHS, United Natural Foods, and vulnerabilities in Google accounts and SinoTrack GPS devices.

Pulse ID: 684b4df94471bd4d9fb1988c
Pulse Link: https://otx.alienvault.com/pulse/684b4df94471bd4d9fb1988c
Pulse Author: AlienVault
Created: 2025-06-12 22:00:25

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Cisco #CyberSecurity #ELF #Edge #Google #InfoSec #OTX #OpenThreatExchange #Talos #Vulnerability #bot #AlienVault

More progress in setting up #talos and #kubernetes!

Because my provider, Netcup, doesn't have a firewall in front of the #vps, I want to set up a #wireguard server to secure things, but that requires storage. Last time I finally got talos to split the SSD into volumes, one part for ephemeral talos, and the rest for #ceph and #ceph-rook.

But for that to work, I also had to do something with #fluxcd (at least as part of the guide I'm following). I think it's working! There's still more to do as far as cleanup and continuing, but I should be able to get #kustomize working soon!

Then, I'll follow more setup steps so that I can finally do what I could have done with #docker on regular #linux lol.

#overcomplicatingThings #putItOnTheResume

I just discovered something in how to handle #talos in my #selfhosting single-node #kubernetes cluster, I think. I'm still in the process of trying to get things installed and running.

Since I currently have a single 550GB disk, the way that it look like to handle data is to set up a volume configuration targeting the EPHEMERAL volume, which is what talos uses for the disk install, and set a limit on it. Then make a user volume configuration to target the rest of the disk space that you want.

I'm still trying to see if this will actually work, but what I have so far is below. I'm planning to use #ceph and #rook-ceph to manage volume storage.

# nodes/n1.yaml
machine:
  install:
    disk: /dev/vda
  network:
    hostname: n1
    interfaces:
    - interface: eth0
      dhcp: true

---
# goal: limit the size of talos ephemeral volume to 100GB and use the rest for ceph
apiVersion: v1alpha1
kind: VolumeConfig
name: EPHEMERAL
provisioning:
  diskSelector:
    match: system_disk
  minSize: 2GB
  maxSize: 100GB
  grow: false
---
apiVersion: v1alpha1
kind: UserVolumeConfig
name: ceph-data
provisioning:
  diskSelector:
    match: system_disk # my vps has one volume
  minSize: 100GB

https://www.alojapan.com/1295036/the-true-tall-tales-of-talos-touchdown-in-tokyo/ The True Tall Tales of Talos: Touchdown in Tokyo #news #NWA #Talos #Tokyo #TokyoNews #東京 #東京都 Editor’s Note: Talos, a member of the National Wrestling Alliance, reached out to Slamwrestling.net recently and informed us he will be doing a tour for the All-Japan Pro Wrestling promotion. Per Talos’ request, certain names have been changed to protect their anonymity.  Plus, who are we to argue with a seven-foot giant?  What follows is …

« Medeia and Talus », 1919

by Sybil Tawse (English artist, 1886-1971)
Illustration for Thomas Bulfinch's "Stories of Gods and Heroes", The Thomas Y. Crowell Company, c. 1919

#vintagefantasyart #fantasyart #fantasyillustration #SybilTawse #ArtNouveau #greekmythology #medeia #talos

Progress into getting #talos #vps running on NetCup! I hope to eventually get #fediverse services running for the #digitalnomad and #expat communities. But one thing at a time! I'm overcomplicating things a bit on purpose because I want to learn and I don't get a chance to do a lot of this during my job. For this scale, running a VPS with eventual block storage is more economical than managed #kubernetes. This is very likely a beta and I totally forsee nuking everything to go live at some point.

#selfhosting

🔥 Learn Kubernetes cluster management with Talos! Join Kevin Tijssen & Erwin de Keijzer’s hands-on workshop at DevOpsDays AMS. Bootstrapping, upgrading, & more.

📅 June 18-20 | 🎟️ Tickets: https://tickets.devopsdays.org/devopsdays-amsterdam/2025/

#DevOpsDaysAMS #Talos #Kubernetes #Workshop

So... Talos linux for #Kubernetes is great and all, but the NetApp Trident CSI node operator performs callouts to things like mkdir, mount, umount, mount.nfs, mount.nfs4 and the ilk.

This is a problem on #Talos, as those binaries don't exist. So I wrote a Dockerfile to take the distributed #Trident image and copy in the missing binaries and /etc files from Debian. This means I have to override the Trident image in the helm chart, but also I can mount NetApp NFS shares now.

🇺🇦 #NowPlaying on #KEXP's #MiddayShow

Ólafur Arnalds, Talos (feat. Niamh Regan & Ye Vagabonds):
🎵 We Didn’t Know We Were Ready

#ÓlafurArnalds #Talos #NiamhRegan #YeVagabonds

https://open.spotify.com/track/3tR41RxOlzlIZn6LGeX0Y6

🎶 show playlist 👇
https://open.spotify.com/playlist/55kiq57r1ErxcYnr6B3P6g

🎶 KEXP playlist 👇
https://open.spotify.com/playlist/6VNALrOa3gWbk794YuIrwg

Cybercriminals camouflaging threats as AI tool installers

Cisco Talos has uncovered new threats disguised as legitimate AI tool installers, including CyberLock ransomware, Lucky_Gh0$t ransomware, and a newly-discovered malware called Numero. These threats exploit the increasing popularity of AI across various industries. CyberLock, developed using PowerShell, encrypts specific files and demands a $50,000 ransom in Monero. Lucky_Gh0$t is a variant of Yashma ransomware, distributed as a fake ChatGPT installer. Numero, masquerading as an AI video creation tool, manipulates the Windows GUI, rendering systems unusable. Threat actors are using SEO poisoning and social media to distribute these fraudulent installers, targeting businesses in B2B sales, technology, and marketing sectors. Organizations must exercise caution and rely on reputable vendors to avoid falling prey to these malicious campaigns.

Pulse ID: 683877ce5988443994d884f3
Pulse Link: https://otx.alienvault.com/pulse/683877ce5988443994d884f3
Pulse Author: AlienVault
Created: 2025-05-29 15:05:50

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#ChatGPT #Cisco #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #PowerShell #RansomWare #SEOPoisoning #SocialMedia #Talos #Windows #bot #AlienVault

After moving my homelab cluster from microk8s to Talos, I've written a new blog post outlining the cluster build:

Setting up a Talos kubernetes cluster with talhelper

https://www.beyondwatts.com/posts/setting-up-a-talos-kubernetes-cluster-with-talhelper/

#homelab #kubernetes #talos #talhelper

@dexter well this is nice to see again, home sweet home in the Talos II bootloader - with a FreeBSD ISO installer ...

Left: OpenBMC interface w/ iKVM
Right: standard term via SSH to BMC and "obmc-console-client"

14.2 is installing now, no surprises. tomorrow, more fun!

#freebsd #talos #openbmc #power #openpower #ibm

@fossasia #talos solves this in a far less convoluted way.

i wonder if i could get talos to run on qubes

#talos #talosLinux #qubes #qubesOS #kubernetes

What I'm #selfhosting on my #truenas server with #docker compose files. It's been quite a journey in learning. I hope to eventually get some #VPS up and running in the #cloud to host some #fediverse services. I'm currently looking in to learning #talos #linux to get a couple of #kubernetes services running. Manual kubernetes should be cheaper to run than managed, so I'm thinking it would be cool to have a couple of VPSs running talos.

I need some help from the #selfhosting and #homelab community, I have reached full analysis paralysis!

I have 3 weeks left to determine what hardware to buy for my #selfhosted #homeprod my goal is to run #nextcloud & #immich in production well enough that It can seamlessly support my wife to #degoogle

I was leaning towards #talos cluster or #k3s for #kubernetes and #longhorn storage, but might all be overkill

Have determined I have these options are similar price & energy budget points:

In essence, figuring out spaceflight is one very complex puzzle and nobody can show you the solution beforehand. Maybe that's why I have always loved "The Talos Principle". Now that the remaster is out, I thought it would be a good idea to talk about it and how it relates to KSP
https://youtu.be/970KtI5Bacw

#kerbalspaceprogram #ksp #games #gaming #pcgaming #videogames #talos #thetalosprinciple

@NafiTheBear im planning to learn starting with #talos might be worth a look for you

@bashfulrobot
You should try it with ClusterAPI! So easy; just change the manifests and new nodes get deployed automatically.

#Talos #Proxmox #CABPT #CACPPT #Capmox