news
Security Leftovers
-
Hacker News ☛ Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool
"[VShell] acts as a RAT (Remote Access Trojan), allowing its abusers to execute arbitrary commands and download or upload files," Rizzo said. "SNOWLIGHT and VShell pose a significant risk to organizations due to their stealthy and sophisticated techniques," Sysdig said. "This is evidenced by the employment of WebSockets for command-and-control, as well as the fileless VShell payload."
-
Windows TCO / Windows Bot Nets
-
India Times ☛ Cyberattacks pose potentially crippling consequences for national stability: Amitabh Kant
As India transitions to smart meters and more digital grid, increasing cyberattacks pose potentially crippling consequences for national stability and everyday life, G20 Sherpa Amitabh Kant said on Tuesday. In 2024, the banking, financial services and insurance sectors witnessed a huge surge in the sophistication and diversity of cyberattacks and the average cost of data breaches reached almost $2.8 million in India, Kant said, adding that last year, Indian businesses faced over 3,000 cyber attacks per week.
-
SEC ☛ Form 8-K [...] Date of Report (date of earliest event reported): April 12, 2025; DAVITA INC.
On April 12, 2025, DaVita Inc. (the “Company” or “we”) became aware of a ransomware incident that has encrypted certain elements of our network. Upon discovery, we activated our response protocols and implemented containment measures, including proactively isolating impacted systems. We are actively working to assess and remediate the incident with the assistance of third-party cybersecurity professionals and have notified law enforcement of the matter.
-
Security Week ☛ Kidney Dialysis Services Provider DaVita Hit by Ransomware
Kidney dialysis services provider DaVita said it fell victim to a ransomware attack over the weekend that disrupted some of its operations, according to a filing with the Securities and Exchange Commission (SEC).
-
The Register UK ☛ Chinese spies backdoored US orgs via open source RAT
The attacker, dubbed UNC5174, uses a mix of custom and open source malware, including its own SNOWLIGHT dropper and a new open source, in-memory backdoor VShell, according to a report penned by the Sysdig Threat Research Team and shared with The Register ahead of its Tuesday publication.
-
Threat Source ☛ Year in Review: The biggest trends in ransomware
This week, our Year in Review spotlight is on ransomware—where low-profile tactics led to high-impact consequences.
Ransomware operators often prioritized stealth over complexity for initial access. They also focused on slipping past defenses with minimal noise—uninstalling security tools, creating new firewall rules for remote access, and using common, freely available tools.
-
Cyble Inc ☛ DOGE BIG BALLS Ransomware: Inside A Complex Cyber Threat
Cyble researchers have uncovered ransomware called DOGE BIG BALLS, a ransomware that not just stands out but also presents its technical prowess for audacious psychological manipulation.
-
-
Confidentiality
-
The Register UK ☛ SSL/TLS certificates will last 47 days max by 2029
CA/Browser Forum – a central body of web browser makers, security certificate issuers, and friends – has voted to cut the maximum lifespan of new SSL/TLS certs to just 47 days by March 15, 2029.
-
-
Integrity/Availability/Authenticity
-
Chris ☛ Checking TLS Certificates with OpenSSL from Terminal
Thus, while tls certificates can usually be checked very easily in our web browser of choice, it is still useful to know how to do it in the terminal. The openssl command is not the most friendly, but here’s the incantation. To print the certificate, we need to attempt to connect with openssl in its client mode.
-
CoryDoctorow ☛ Pluralistic: Tesla accused of hacking odometers to weasel out of warranty repairs
The suit was filed by a California driver who bought a used Tesla with 36,772 miles on it. The car's suspension kept failing, necessitating multiple servicings, and that was when the plaintiff noticed that the odometer readings for his identical daily drive were going up by ever-larger increments. This wasn't exactly subtle: he was driving 20 miles per day, but the odometer was clocking 72.35 miles/day. Still, how many of us monitor our daily odometer readings?
In short order, his car's odometer had rolled over the 50k mark and Tesla informed him that they would no longer perform warranty service on his lemon. Right after this happened, the new mileage clocked by his odometer returned to normal. This isn't the only Tesla owner who's noticed this behavior: Tesla subreddits are full of similar complaints: [...]
-