Cybersecurity

On December 31, cybercriminals launched a mass infection campaign, aiming to exploit reduced vigilance and increased torrent traffic during the holiday season. Our telemetry detected the attack, which lasted for a month and affected individuals and businesses by distributing the XMRig cryptominer. This previously unidentified actor is targeting users worldwide—including in Russia, Brazil, Germany, Belarus and Kazakhstan—by spreading trojanized versions of popular games via torrent sites.

In this report, we analyze how the attacker evades detection and launches a sophisticated execution chain, employing a wide range of defense evasion techniques.

title. I know Lemmy is global, so I'll see articles and links to sites that I have never heard of. I assume most content is good, but it's also the internet so there has to be assholes somewhere. any good ways to stay proactive about attacks?

Can anyone verify this report? This seems... Bad.

Between January 14 and February 8, servers belonging to Lawrence Livermore National Laboratory, Los Alamos National Laboratory, Thomas Jefferson National Accelerator Facility, and Fermi Accelerator National Laboratory have been found with Remote Desktop Protocol (RDP) services exposed to the public internet. This grants malicious actors the opportunity to hack into servers hosting sensitive nuclear research data, a golden egg for spy agencies across the globe.

My investigation also revealed government servers directly interfacing with AI products, creating yet another disturbing risk to national security that is extremely difficult to reverse or mitigate.

With the state of government security before this, I don't have a lot of hope these were secure, but at least they weren't exposed directly to the Internet for attack.....