bontchev

bontchev , 5 days ago to random

Economics in one lesson.

Gargron , 13 days ago (edited 13 days ago) to random

RE: https://mastodon.social/@verge/116041069446538092

We’ve moved our internal communications from Discord to Zulip at Mastodon, and I think there are plans to do the same for our Patreon community Discord. The harder part will be untangling my gaming communities from this…

bontchev , 1 month ago to random

My MongoDB honeypot is now open source:

https://gitlab.com/bontchev/mongopot

Visualization (not included in the repo):

https://pandora.nlcv.bas.bg/grafana/d/EysKAV4Dz/mongopot

malwaretech , 2 months ago to random

[Thread, post or comment was deleted by the author]

briankrebs , 2 months ago to random

New, by me: Is your Android TV streaming box part of a botnet?

"On the surface, the Superbox media streaming devices for sale at retailers like BestBuy and Walmart may seem like a steal: They offer unlimited access to more than 2,200 pay-per-view and streaming services like Netflix, ESPN and Hulu, all for a one-time fee of around $400. But security experts warn these TV boxes require intrusive software that forces the user’s network to relay Internet traffic for others, traffic that is often tied to cybercrime activity such as advertising fraud and account takeovers."

The story looks closely at what Superbox is, how it operates, and what it appears to do on the sly. Spoiler: A Censys researcher found that installing the apps that allow these channels to stream enrolls the user's IP in a residential proxy service, and that these devices include powerful network discovery and remote access tools like Tcpdump and Netcat.

Overall, the Superbox is just one brand in an ocean of no-name Android-based TV boxes that are widely available and that either come pre-infected with malware or require malicious apps to use.

https://krebsonsecurity.com/2025/11/is-your-android-tv-streaming-box-part-of-a-botnet/

ALT

Daojoan , 2 months ago to random

The QWERTY keyboard was designed to reduce mechanical jamming in early typewriters.

We kept it for computers. Which don't jam.

How many of our systems are just preserved solutions to problems that no longer exist?

And how would we even know?

briankrebs , 3 months ago (edited 3 months ago) to random

Watched the Kubrick classic 2001: A Space Odyssey on an international flight recently, and can confirm this movie is still the best way to fall asleep on a plane.

Except the part where (SPOILER ALERT!) Hal (AI) goes rogue and starts killing the crew. I'm not proud of this, but I have frequent fantasies of being Dave, where I'm floating around inside AI's mind, disconnecting critical circuits while the machine gurgles "Daisy."

briankrebs , 3 months ago to random

After reading some of the Epstein emails, I was compelled to look in Constella Intelligence and Spycloud for exposed passwords tied to Epstein's email address: Would you believe he reused the password "Ghislaine"? If he didn't tell all his secrets, he probably leaked them inadvertently through shitty passwords.

malwaretech , 3 months ago to random

[Thread, post or comment was deleted by the author]

georgetakei , 3 months ago to random

Put a quack in charge, expect to be royally ducked.

ALT

briankrebs , 3 months ago to random

So the Smart Chicken people apparently think I'm dumb and won't notice that there are now just three bone-in chicken thighs in each package, down from four and costing even more.

briankrebs , 3 months ago to random

Was searching my Signal contacts for something something "N" and found a contact I'd not noticed before: Note to Self. One of these days I will just RTFM.

"Who is Note to Self?

This contact entry is a chat to send messages to yourself.
Use this feature to jot down a note for yourself to review later or to share messages and files with your linked devices.
All messages in Note to Self are end-to-end encrypted Signal messages.
Yes, you can send disappearing messages to yourself. The timer starts immediately."

https://support.signal.org/hc/en-us/articles/360043272451-Note-to-Self

ALT

georgetakei , 4 months ago to random

Let’s call it what it is: murder

ALT

briankrebs , 4 months ago (edited 4 months ago) to random

I'm only just getting my feet wet after vacay, but I've gathered that there's a big Amazon #cloutage today? IDK if that's a word, but if not it is now :) Is it DNS? I haven't caught up yet.

briankrebs , 4 months ago (edited 4 months ago) to random

New, by me: A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen from dozens of Fortune 500 firms if they refuse to pay a ransom. The group also claimed responsibility for a recent breach involving Discord user data, and for stealing terabytes of sensitive files from thousands of customers of the enterprise software maker Red Hat.

As I was reporting this story, this happened:

On Monday evening, KrebsOnSecurity received a malware-laced message from a reader that threatened physical violence unless their unstated demands were met. The missive, titled “Shiny hunters,” contained the hashtag $LAPSU$$SCATEREDHUNTER, and urged me to visit a page on limewire[.]com to view their demands.

KrebsOnSecurity did not visit this link, but instead forwarded it to Mandiant, which confirmed that similar menacing missives were sent to employees at Mandiant and other security firms around the same time.

The link in the message fetches a malicious trojan disguised as a Windows screensaver file (Virustotal’s analysis on this malware is here). Simply viewing the booby-trapped screensaver on a Windows PC is enough to cause the bundled trojan to launch in the background.

Mandiant’s Austin Larsen said the trojan is a commercially available backdoor known as ASYNCRAT, which is a .NET-based backdoor that communicates using a custom binary protocol over TCP, and can execute shell commands and download plugins to extend its features.

https://krebsonsecurity.com/2025/10/shinyhunters-wage-broad-corporate-extortion-spree/

ALT

GossiTheDog , 4 months ago to random

Cl0p ransomware extortion gang have a zero day in Oracle E-Business Suite (component: BI Publisher Integration) - which they’ve been exploiting since last month to steal data.

https://www.bleepingcomputer.com/news/security/oracle-patches-ebs-zero-day-exploited-in-clop-data-theft-attacks/

briankrebs , 5 months ago (edited 5 months ago) to random

All the feckless scheming by the Democrats isn't going to unseat the Orange Tyrant in the White House. It's going to take mass public demonstrations, extended work stoppages/strikes, govt shutdowns, and sustained and viral boycotts of companies that bent the knee for profit or because they have spineless leaders.

Not saying it's going to be easy, but violent resistance is not the answer, as the Cheetoh-in-Chief would like nothing more than that. Nonviolent resistance works, and has a long history of unseating despotic leaders.

From today's NYT:

"President Trump demanded on Saturday that his attorney general move quickly to prosecute figures he considers his enemies, the latest blow to the Justice Department’s tradition of independence."

“We can’t delay any longer, it’s killing our reputation and credibility,” Mr. Trump wrote in a social media post addressed to “Pam,” meaning Attorney General Pam Bondi. “They impeached me twice, and indicted me (5 times!), OVER NOTHING. JUSTICE MUST BE SERVED, NOW!!!”

Mr. Trump named James B. Comey, the former F.B.I. director; Senator Adam B. Schiff, Democrat of California; and Letitia James, the New York attorney general, saying he was reading about how they were “all guilty as hell, but nothing is going to be done.”

"Asked later by reporters about his message for Ms. Bondi, Mr. Trump said, “They have to act. They have to act fast.”

https://www.nytimes.com/2025/09/20/us/politics/trump-justice-department-us-attorneys.html

briankrebs , 5 months ago to random

We all know that many news sites have paywalls. It is, after all, some or a big part of how they've chosen to fund their news gathering. There are lots of ways around paywalls or to access individual stories behind one: e.g., archive.is or archive.today lets you search a news article link to see if it's already been saved, and frequently you can read the full story that way.

I mention this because I post a lot of links to stories that are behind paywalls, and a common reply is "paywall," as if a) that wasn't obvious and b) the link was somehow discovered to be serving malware or something. Sometimes I will post an archive.today link to a story if it's urgent and paywalled, but it's definitely not my job to do that and I've started muting the "paywall" whiners.

briankrebs , 5 months ago to random

No, we're not going to limit COVID vaccines. We're just going to continue to sow fear, uncertainty and doubt in the minds of the public about whether it's safe or even available.

From NYT: "The federal vaccine committee appointed by Health Secretary Robert F. Kennedy Jr. voted unanimously on Friday to further limit access to Covid vaccines, recommending that adults 65 and older receive the shots only after discussing the potential benefits and risks with a health care provider."

"The panel also said that everyone from 6 months to 64 years old could get the vaccine after consulting with a provider. But it was unclear whether that contradicted the Food and Drug Administration’s authorization of the shots only for adults over 65 and younger people with certain health conditions."

"Together, the decisions raise questions about whether Americans can continue to walk into their neighborhood pharmacies for routine vaccinations or whether in some states they will first need a doctor’s permission."

https://www.nytimes.com/2025/09/19/health/cdc-vaccines-mmrv-hepatitis-b.html

It's a long time between now and November 2026. How many people will get sick and die unnecessarily before then because of this administration's utter disregard for and hostility toward science, hard data and smart people?

briankrebs , 5 months ago to random

Breaking, new, by me:

Self-replicating "Shai-Hulud" worm hits 180+ Software Packages

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub, experts warn. The malware, which briefly infected multiple code packages from the security vendor CrowdStrike, steals and publishes even more credentials every time an infected package is installed.

https://krebsonsecurity.com/2025/09/self-replicating-worm-hits-180-software-packages/

a picture from the movie "Dune" showing a giant sandworm emerging out of the desert and towering down on two humans below.

ALT

briankrebs , 5 months ago to random

Every time I board an airplane, I somehow relearn everything I needed to know about human nature, kindness and the lack thereof.

briankrebs , 5 months ago to random

Here's what I want to know: Is there any gap between narcissists of the nth degree and sociopaths? Because I can't see any difference.

briankrebs , 5 months ago to random

Makes that TWO pitches I've received in the last 24h that included the delightful phrase "new AI-powered cloud security and compliance software."

There's so much to unpack here it's hard to know where to start (or stop), but it seems to suggest that some new AI-based technology has been devised to help close security compliance gaps. #1: Checking boxes is not where most organizations are failing. #2 Where are the basic standards of care for AI-based software that would give this untested technology the right to claim the ability to audit anything? Let alone itself.

The golden rule for physicians is "First, do no harm." Somehow, we've grown accustomed to security products and software that violate this basic idea six ways from Sunday.

briankrebs , 5 months ago to random

This is so fucked up. Thanks to the heads up from @osma (do we have quote posts yet??).

https://yle.fi/a/74-20182048

As I've said after each time the hapless Finnish justice system lets the notorious criminal hacker Julius Kivimaki off with a slap on the wrist, he'll just keep harming people. Because this guy still has zero remorse for his crimes, whether we're talking about his extortion of thousands of people over their psychotherapy patient notes, or any of his other many exploits.

Just this week, Hulu debuted a 4-part documentary on Kivimaki's ignominious career. I offered some perspectives on Julius in that series as well:

https://www.hulu.com/series/most-wanted-teen-hacker-9c894205-bcde-413c-9b53-1e3bbe99112e

briankrebs , 5 months ago to random

Yes, Windows (ab)users, it's that time of the month again! Oh, and if you've not done so yet, it's also time to rethink what you're going to do with that trusty old Windows 10 PC in a couple of months when Microsoft stops shipping free security updates for it.

Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known "zero-day" or actively exploited vulnerabilities in this month's bundle from Redmond, which nevertheless includes patches for 13 flaws that earned Microsoft's most-dire "critical" label. Meanwhile, both Apple and Google recently released updates to fix zero-day bugs in their devices.

https://krebsonsecurity.com/2025/09/microsoft-patch-tuesday-september-2025-edition/

ALT

dangillmor , 5 months ago (edited 5 months ago) to random

Update: AP is still up with video: https://www.youtube.com/watch?v=0FIMnPfFHHw

Reuters bends knee to China dictatorship and removes video of Xi and Putin talking about changing out body parts.

Presumably lots of people have copies, so it's important for them to post them promiscuously -- and if possible anonymously -- to boost Streisand effect.

https://www.reuters.com/business/media-telecom/reuters-withdraws-xi-putin-longevity-video-after-china-state-tv-pulls-legal-2025-09-06/

briankrebs , 5 months ago to random

just wow. read this, from Techdirt:

Wired, Business Insider Editors Duped By Completely Bogus ‘AI’ Using ‘Journalist’ Who Made Up Towns, People That Don’t Exist

https://www.techdirt.com/2025/09/02/wired-business-insider-editors-duped-by-completely-bogus-ai-using-journalist-who-made-up-towns-people-that-dont-exist/

Here's Wired's mea culpa:

https://www.wired.com/story/how-wired-got-rolled-by-an-ai-freelancer/

Techdirt's Karl Bode correctly concludes: "This country has taken an absolute hatchet to quality journalism, which in turn has done irreparable harm to any effort to reach reality-based consensus or have an informed electorate. The rushed integration of “AI,” usually by media owners who largely only see it as a way to cut corners and undermine labor, certainly isn’t helping. Add in the twisted financial incentives of an ad-based engagement infotainment economy, and you get exactly the sort of journalistic outcomes academics long predicted."

briankrebs , 5 months ago to random

And just like that, the largest known DDoS has nearly doubled in size over the past couple of months. Cloudflare promises more details, and says the largest attack (11.5 terabits per second) came from Google Cloud.

ALT

briankrebs , 5 months ago to random

This is an unwelcome development: New research shows Android-based malware droppers aren't just delivering banking trojans anymore: They're also being loaded with SMS stealers and spyware.

Dutch mobile security firm ThreatFabric finds the shift comes amid changes Google is piloting in certain markets like Thailand, Singapore, Brazil and India to block sideloading of suspicious apps requesting dangerous permissions.

The report says the other factor driving this trend is that threat actors want to future-proof their operations. "By encapsulating even basic payloads inside a dropper, they gain a protective shell that can evade today’s checks while staying flexible enough to swap payloads and pivot campaigns tomorrow."

https://www.threatfabric.com/blogs/android-droppers-the-silent-gatekeepers-of-malware

briankrebs , 5 months ago to random

NBC News: A hacker used AI to automate an 'unprecedented' cybercrime spree, Anthropic says

The company behind the Claude chatbot said it caught a hacker using its chatbot to identify, hack and extort at least 17 companies.

https://www.nbcnews.com/tech/security/hacker-used-ai-automate-unprecedented-cybercrime-spree-anthropic-says-rcna227309

briankrebs , 5 months ago to random

You know how AI is going to achieve the singularity? Humans are going to feed it all their data, secrets, API keys, OAuth tokens and then go "oh shit" too late when they realize they all got taken in the most elaborate social engineering attack ever.

briankrebs , 5 months ago to random

It's long past time for RDP to go die in a dumpster fire.

A Sudden Surge in RDP Probing
On August 21, GreyNoise observed a sharp surge in scanning against Microsoft Remote Desktop (RDP) services. Nearly 2,000 IPs — the vast majority previously observed and tagged as malicious — simultaneously probed both Microsoft RD Web Access and Microsoft RDP Web Client authentication portals. The wave’s aim was clear: test for timing flaws that reveal valid usernames, laying the groundwork for credential-based intrusions.

https://www.greynoise.io/blog/surge-malicious-ips-probe-microsoft-remote-desktop

arstechnica , 6 months ago to random

Why wind farms attract so much misinformation and conspiracy theory
If you think climate change is a hoax, you might believe wind turbines poison groundwater.
https://arstechnica.com/science/2025/08/why-wind-farms-attract-so-much-misinformation-and-conspiracy-theory/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

briankrebs , 6 months ago to random

Drop into any conversation online about securing your cryptocurrency and you will find a great number of people who clearly need help and an almost equal number of people who talk down their noses at people who don't have a clue (and who in their minds maybe even deserve to get robbed).

The truth is, securing your cryptocurrency against theft is not a simple matter, requires a fair bit of preparation and foreknowledge. and is remarkably easy to fuck up, with unseen, massive consequences either immediately or down the road.

My theory is that anyone who has been in the cryptocurrency space for any length of time has been through one or more experiences where they lost some or all of their coin to some scam, rug-pull, phishing scheme or outright physical theft. That's a really expensive way to learn about security, but it has its adherents.

Here's the core truth about owning a lot of cryptocurrency wealth; it makes YOU the bank. The minute anyone knows or suspects you have sizeable amounts of crypto holdings, you become a walking target for phishers, sim-swatters, kidnappers and extortionists, or worse. And ultimately, what gets stolen stays that way, and it is rare that victims ever seen their stolen coin again.

dangillmor , 6 months ago to random

Big maker of electronic locks that go in safes is amazingly bad at its job, and so are a lot of the safe-manufacturing companies that use the locks.

https://www.wired.com/story/securam-prologic-safe-lock-backdoor-exploits/

briankrebs , 6 months ago to random

“Instead of politicians, let the monkeys govern the countries; at least they will steal only the bananas!”
― Mehmet Murat ildan

JD Vance’s team had the army corps of engineers take the unusual step of changing the outflow of a lake in Ohio to accommodate a recent boating excursion on a family holiday, the Guardian has learned.

The request from the US Secret Service was made to “support safe navigation” of the US vice-president’s security detail for an August outing on the Little Miami River, according to a statement by the US army corps of engineers (USACE).

Vance was spotted in the south-western Ohio area on 2 August, his 41st birthday, according to social media posts that noted he was seen canoeing on the river, a tributary that Caesar Creek Lake feeds into.

https://www.theguardian.com/us-news/2025/aug/06/jd-vance-ohio-lake-water-levels

tante , 6 months ago to random

One thing that the current exorbitant investments in "AI" show is that the investor class and big tech corporations do not pay enough taxes: If you have billions to set on fire for spicy autocomplete we should take some or all of those to do something useful with.

briankrebs , 6 months ago to random

WaPo reports Edward "Big Balls" Coristine was injured in a carjacking. Trump and Musk are using the incident to float the idea of taking federal control over Washington, D.C.

https://www.washingtonpost.com/dc-md-va/2025/08/05/trump-doge-worker-washington-dc-crime/

ALT

malwaretech , 6 months ago (edited 6 months ago) to random

[Thread, post or comment was deleted by the author]

briankrebs , 6 months ago to random

Japan, huh? Smells like Norks to me.

I came across your profile on Github and was impressed by your experience in software development.

My name is Haruto Mizuno, and I’m a senior software engineer based in Japan with over 10 years of experience in web, DevOps, and blockchain development. Lately, I’ve been focusing primarily on backend solutions. Alongside a group of talented friends, I run a software agency startup specializing in Web, AI, and Blockchain projects.

We’re currently seeking a business partner who is a U.S. citizen or green card holder with a background in software development. The goal is to form a strategic partnership that allows us to expand our reach within the U.S. market.

This partnership is designed to be flexible and won’t interfere with your full-time job or personal commitments—you can participate according to your own schedule.

The core idea is simple:

You would represent us in job interviews and client meetings.
My team and I would handle all coding and technical communications.
For more details, please see the business overview below.

https://github.com/crowncodeman/bpo-for-usa-developers

If you have any questions, feel free to open an issue on my GitHub repository or hit me on Email, Telegram or Discord.

I look forward to the possibility of working together and achieving great results.

Best regards,

Haruto Mizuno

NanoRaptor , 6 months ago to random

GenX kids will know the pain of needing just the right kind of pencil to rewind.

ALT

bontchev , 7 months ago to random

"Four-year-old girl dies of hunger in Gaza as Israel throttles food supply":

https://edition.cnn.com/2025/07/20/middleeast/gaza-girl-food-crisis-intl

nixCraft , 7 months ago to random

Back in my day, we bought things once and actually owned them. Imagine that! You'd get a CD, a movie, a game, or a piece of software, it was a tangible item with a set price that was all yours. No strings attached.

Now? Everything's a fucking subscription. It's like renting your life, but somehow it ends up being way more expensive in the long run. Go figure.

This is why open source matters a lot. It still gives you freedom and whenever possible please support your favourite FLOSS app 👍

w7voa , 7 months ago to random

Wired - DHS urging local law enforcement to consider a wide range of activities as violent tactics, including skateboarding, riding a bike or livestreaming a police encounter. https://www.wired.com/story/dhs-tells-police-that-common-protest-activities-are-violent-tactics/

malwaretech , 7 months ago to random

[Thread, post or comment was deleted by the author]

briankrebs , 7 months ago to random

In other news, Microsoft is apparently rebranding its Blue Screen of Death (BSOD) to a Black Screen of Death. No more soothing colors for you while you fume at your oversized paperweight.

https://www.nytimes.com/2025/06/27/technology/microsoft-blue-screen-death-windows.html

georgetakei , 7 months ago to random

The budget bill contains tens of billions to fund an army of 10,000 more ICE agents. This is a red alert moment for our democracy.