Aryeh Goretsky

Cracker Barrel Outrage Was Almost Certainly Driven by Bots, Researchers Say Doesn't that make more sense than lots of people caring about Cracker Barrel?

gizmodo.com/cracker-barr...

Game publishers take note.

Asterix and Obelix weren't something common in the US when I was growing up. I did read some Tintin books, though, as a kid.

So, I stumbled across a coordinated influence/platform manipulation operation on #reddit:
infosec.exchange/@goretsky/11...

Bighorn sheep.

Also bighorn sheep, but blurry because zoomed in.

Went to the park today and saw bighorn sheep doing bighorn sheep things.

Well, TFA says 'sparse post quantum ratchet' but I think they chose that initialism on purpose.

When in Rome… you know.

You know, I try to go one day, just one single day, without thinking about the Roman Empire… and then this has to show up in my feed.

"just upload a scanned image of your drivers license no big deal"

From the antivirus community on Reddit: My discord account Explore this post and more from the antivirus community

Some advice for @discord.com
users I put together on the emerging hack story on #Reddit's r/antivirus group: redd.it/1nxg9ik

H/T @intcyberdigest.bsky.social + @vxundergroundre.bsky.social + @theverge.com!

Phishing email saying that a payment is due for cloud storage.

Looking through a rarely-used email account, found this phish.

#ESETresearch has identified two campaigns targeting Android users in the 🇦🇪. The campaigns, which are still ongoing, distribute previously undocumented spyware impersonating #Signal and #ToTok via deceptive websites. www.welivesecurity.com/en/eset-rese... 1/6

It's been uneventful from an antivirus software perspective.

#ESETresearch has observed #Gamaredon exploiting CVE-2025-8088 (#WinRAR path traversal) in an ongoing spearphishing campaign. This vulnerability allows arbitrary file write via crafted RAR archives. 1/6

I didn't specifically check for that; I have mainly been going compatibility checking with my employer's software on the side just to see if I could exercise any bugs.

Add a ThinkPad X1e Gen 3 to the list.

Good way to get some additional storage into (and use out of) older ThinkPads, etc.

Tested update to 25H2 on #Lenovo #ThinkPad P43s, T480, X1 Yoga Gen 4, X9 15 Aura Ed Gen 1 + X13 Gen 1 running Windows 11 24H2.

Updates all went smoothly.

Two exciting panels featuring #ESETresearch’s Righard Zwienenberg at #VB2025 in Berlin @virusbtn - from stories of the past to debates about the future of vulnerability handling. Here's what to expect 👇1/3

#ESETresearch’s Robert Lipovský will present at Labscon 2025: “ The Curse of Salt Typhoon: FamousSparrow goes after the US financial sector“. Join him in Scottsdale, AZ, September 19 at 12:00 PM MST 1/5

Gamaredon X Turla collab ESET researchers reveal how the notorious APT group Turla collaborates with fellow FSB-associated group known as Gamaredon to compromise high‑profile targets in Ukraine.

#ESETresearch has discovered the first known cases of collaboration between Gamaredon and Turla, in Ukraine. Both groups are affiliated with the FSB, Russia’s main domestic intelligence and security agency. www.welivesecurity.com/en/eset-rese...
1/3

It's mid-September, which means it's also the anniversary of my entering the information security field in 1989. Yep, 36 years. How time flies.🕰️

Started at #McAfee, and coming up on a career milestone at @esetofficial.bsky.social soon!

More on that in a couple of months. ;)

#ESETresearch has discovered #HybridPetya ransomware on VirusTotal: a UEFI-compatible copycat of the infamous Petya/NotPetya malware. HybridPetya is capable of bypassing UEFI Secure Boot on outdated systems. www.welivesecurity.com/en/eset-rese... 1/8

Congratulations to my colleague M.D. on their 20th anniversary at @esetofficial.bsky.social!

Root cause for why Windows 11 is breaking or corrupting SSDs may have been found The root cause behind why Windows 11 24H2 appeared to be breaking NVMe SSDs may have finally been found.

The root cause behind why Windows 11 24H2 appeared to be breaking NVMe SSDs may have finally been found. #Windows11 #SSD #DataCorrupt

GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes ESET researchers have identified a new threat actor targeting Windows servers with a passive C++ backdoor and a malicious IIS module that manipulates Google search results.

#ESETresearch uncovers GhostRedirector, a threat actor compromising Windows servers with a C++ Backdoor named Rungan and Gamshen, a native IIS malware www.welivesecurity.com/en/eset-rese... 1/6

I just used a macro program to have Ctrl+Alt+- generate a —, and Ctrl+Alt+= to generate a ≠. Positioning seems to work well for me and doesn't interrupt flow of typing, plus it leaves Win-key chords open for various MS apps.

#ESETResearch has discovered the first known AI-powered ransomware, which we named #PromptLock. The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts on the fly, which it then executes 1/7

#ESETresearch’s very own Peter Kálnai along with Matěj Havránek will present at #VB2025 @virusbtn.bsky.social: “DeceptiveDevelopment and 🇰🇵 North Korean IT workers: from primitive crypto theft to sophisticated AI-based deception.” Join them in Berlin, September 25 at 14:30 CEST. 1/3

Ransomware Chaos Special thanks to Joe Budano, CEO Indyme for sharing his story.   For more information on Tech San Diego - visit us at www.techsd.org for more information on ESET.com - Note I bookmark their blog to k...

I was a guest commentator on the techsd.org T3: Talking Tech Talent podcast, which interviewed the CEO of a company hit hard by ransomware.

Listen in at: audioboom.com/posts/876294...

Image of a scam being distributed on Discord using musician Drake as bait.

It seems crypto scammers have switched from #MRBeast to a new target, #Drake, on @discord.com.

Watch out for buffdrake[.]com and similar scam domains seeking to empty out your wallet💸.