#securelist — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #securelist, aggregated by home.social.
-
Popular DAEMON Tools software compromised | Securelist
Pulse ID: 69f9fbd805a223c5aa657175
Pulse Link: https://otx.alienvault.com/pulse/69f9fbd805a223c5aa657175
Pulse Author: CyberHunter_NL
Created: 2026-05-05 14:16:56Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #OTX #OpenThreatExchange #SecureList #bot #CyberHunter_NL
-
FakeWallet crypto stealer spreading in the App Store | Securelist
A security firm, Kaspersky, has uncovered a new scam targeting popular crypto wallets in the Apple App Store, which they say is spreading through phishing apps and redirect users to fake wallets.
Pulse ID: 69e621923813273feb056005
Pulse Link: https://otx.alienvault.com/pulse/69e621923813273feb056005
Pulse Author: CyberHunter_NL
Created: 2026-04-20 12:52:34Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Kaspersky #OTX #OpenThreatExchange #Phishing #SecureList #bot #CyberHunter_NL
-
Kaspersky hat die durch ToolShell ausgenutzten Schwachstellen in Microsofts on-premise SharePont-Server intensiver aufgearbeitet.
Da bleibst staunend zurück.
https://securelist.com/toolshell-explained/117045/
#infosec #microsoft #toolshell #sharepoint #BeDiS #kaspersky #securelist -
Title: "💻🔒 #MacOSBackdoor: Stealthy Malware in Cracked Apps Drains Wallets via DNS Records 🚨"
Recent reports from Securelist and BleepingComputer reveal a sophisticated malware campaign targeting macOS users. Authored by Sergey Puzan (Securelist) and Bill Toulas (BleepingComputer), these articles uncover a cunning method where hackers disguise information-stealing malware within cracked macOS applications. This threat primarily affects macOS Ventura users and leverages DNS records to conceal malicious scripts. The malware, disguised as a legitimate app activator, prompts users for admin passwords, thus gaining control over the system.
The malware establishes contact with its command and control (C2) server via a unique URL, generated by combining words from hardcoded lists with random letters, and then fetches a base64-encoded Python script from DNS TXT records. This script not only provides backdoor access but also harvests and transmits critical system information. Further, it ensures persistence across reboots and continuously updates itself.
What's alarming is the malware's capability to replace Bitcoin Core and Exodus wallets with compromised versions that transmit users' sensitive data to the attackers. The ingenuity of hiding the payload in DNS server TXT records marks a new level of sophistication in cyber attacks.
Stay vigilant and avoid cracked software to mitigate such threats!
Tags: #CyberSecurity #Infosec #MalwareAnalysis #MacOS #DNSRecords #PythonScript #APT #Securelist #BleepingComputer #SergeyPuzan #BillToulas
Sources:
- Securelist: Sergey Puzan's Article
- BleepingComputer: Bill Toulas's Article
-
📬WildPressure: Neue Malware für macOS und Windows📬 https://tarnkappe.info/wildpressure-neue-malware-fuer-macos-und-windows/ #Objective-See #WildPressure #DenisLegezo #BlockBlock #Securelist #kaspersky #Malware #Milum