Kingphisher

Pete Hegseth gave me a free espresso here.

Keep this thing away from @swiftonsecurity.com

This is some shit I would've done in 6th grade and side-eyed my crush to see if she was laughing

Indian court orders blocking of Proton Mail | TechCrunch The ruling, which has yet to take effect, was ordered under India's online blocking laws.

techcrunch.com/2025/04/29/i...
Dictatorship is not reserved for the US, apparently!

Signed.

Sign your names or you're a toaster, American cyber pros. https://www.eff.org/press/releases/eff-leads-prominent-security-experts-urging-trump-administration-leave-chris-krebs

SF is beautiful. Lots of good stuff on the pier too!

Oblivion Remastered is such a treat. My first experience with The Elder Scrolls was Skyrim, then ESO. Oblivion captures that fantasy vibe so much better than both.

Wanna do some smishing, then thrunt with my Jython

From the cybersecurity community on Reddit Explore this post and more from the cybersecurity community

www.reddit.com/r/cybersecur...

From the anyrun team:

Slow day for NYT huh

Helpful or not? Let me know!

Proton66 Infrastructure: Linked to mass scanning and exploitation attempts targeting organizations globally, associated with the ransomware operator Mora_001.

Russian Campaigns: Observed using legitimate Microsoft OAuth workflows for phishing, impersonating officials from various countries to gain access to sensitive information.

North Korean and Iranian Espionage Campaigns: Multiple campaigns leveraging ClickFix to deliver malware, targeting organizations linked to Ukraine and arms manufacturers.

Emerging threats and geopolitics:

Increased Activity from China-linked Threat Actors: Canada warned of heightened cyber activity targeting critical infrastructure, particularly network edge routers.

FOG Ransomware: Distributed via LNK files in phishing attacks, it includes a ransom note referencing the U.S. Department of Government Efficiency (DOGE).

SpyMax Variant: Targets Chinese-speaking individuals, disguised as official applications, allowing extensive control over infected devices.

SuperCard X Campaign: An Android malware campaign utilizing NFC-relay techniques to authorize fraudulent POS payments and ATM withdrawals, leveraging social engineering tactics.

ClickFix Technique: Used in various phishing campaigns, including one impersonating Booking[.]com to install AsyncRAT. Attackers trick victims into executing malicious commands.

PteroLNK Malware: Linked to the Gamaredon Group, this VBScript malware uses advanced obfuscation and dynamic payload construction, primarily targeting Ukrainian military themes.

Malware, vulns, campaigns:
XorDDoS Malware: Observed in global DDoS attacks, featuring a new sub-controller for managing multiple controllers simultaneously. It spreads via SSH brute-force attacks targeting Linux devices.

Blue Shield of California: Exposed 4.7 million individuals' health information due to a misconfiguration in Google Analytics.

Onsite Mammography: Notified over 350,000 patients of a data breach involving unauthorized access to sensitive health information.

Laboratory Services Cooperative: Disclosed a breach affecting 1.6 million individuals, compromising various personal and health-related data.

Ahold Delhaize USA: Confirmed data theft from a November 2024 cyberattack, with the INC Ransom ransomware gang claiming responsibility.

Paradies Shops: Agreed to a $6.9 million settlement over a 2020 ransomware attack that compromised personal information of 76,000 employees.

Cybersecurity news of the week, April 24th 2025!

Breaches:
Baltimore City Public Schools: Disclosed a data breach following a ransomware attack, affecting sensitive information of current and former employees and students.

Crazy how CVEs and stuff still drop when Oblivion Remastered just came out today. We're not expected to like...work...this week right?

Duplicate, we knew about this critical RCE 6 years ago.

Government waste for thee not for me

The image sorta makes it look like DT is the lab leak