news
Security Leftovers
-
ExpressVPN releases redesigned app on Linux, but Windows 11 users face a longer wait [Ed: This seems like sponsored chaff]
Developers at ExpressVPN have chosen to build the new apps on the Qt cross-platform framework. While the Linux version of the app is available now, ExpressVPN is still beta testing its new software for Mac and Windows.
-
Security Week ☛ GhostPoster Firefox Extensions Hide Malware in Icons
The malware hijacks purchase commissions, tracks users, removes security headers, injects hidden iframes, and bypasses CAPTCHA.
-
France24 ☛ France probes 'foreign interference' after passenger ship hit by remote-control malware
France is investigating whether an organised group linked to a “foreign power” may have been involved in the malware infection of a passenger ship that would allow it to be controlled remotely. The malware discovery onboard the Italian-owned Fantastic was made when the ship was docked in the southern French port of Sète.
-
Hacker News ☛ React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors
The security vulnerability known as React2Shell is being exploited by threat actors to deliver malware families like KSwapDoor and ZnDoor, according to findings from Palo Alto Networks Unit 42 and NTT Security.
"KSwapDoor is a professionally engineered remote access tool designed with stealth in mind," Justin Moore, senior manager of threat intel research at Palo Alto Networks Unit 42, said in a statement.
"It builds an internal mesh network, allowing compromised servers to talk to each other and evade security blocks. It uses military-grade encryption to hide its communications and, most alarmingly, features a 'sleeper' mode that lets attackers bypass firewalls by waking the malware up with a secret, invisible signal."
-
Security Week ☛ New $150 Cellik RAT Grants Android Control, Trojanizes Surveillance Giant Google Play Apps
The malware provides full device control and real-time surveillance capabilities like those of advanced spyware.