SecurityForCommunity

Do not get robbed while using Python! ?? Urgent: WhiteSnake InfoStealer Found in PyPI Packages Targeting Windows Users ?? ?? Attention all in the IT field! Researchers identified that several Python Package Index (PyPI) packages are infected with a dangerous malware known as WhiteSnake InfoStealer. ?? This sophisticated malware, found in packages like nigpal, figflix, telerer, and several others, employs encoded scripts to unleash its payload. When these packages are installed, they activate WhiteSnake Stealer, targeting Windows systems. This malware is not only capable of stealing sensitive information but also executes commands via a C&C server using the Tor protocol. ??? Linux users aren't safe either. They are targeted by a Python script designed to harvest information from compromised systems. ??? At Security for Community, we're detecting stolen information and create notifications for the victims. We hope you will not be hacked and notified by us. ???? Stay vigilant and informed. Ensure your systems are secure, and be cautious with package installations. Share this post to alert your network! ?? For more details, check out the full article here: HackerNews https://lnkd.in/gHaHeRzK #CyberSecurity #WhiteSnakeMalware #PythonSecurity #InfoSec #MalwarePrevention #infostealer

The top malware type is Information Stealers. The stolen information is used to start Ransomware attacks, BEC attacks, and many more. SecurityForCommunity will work to alleviate those risks, starting with stolen information, including but not limited to credentials, session cookies (to bypass MFA), critical files, and financial information. Thanks to ANY.RUN - Interactive Malware Analysis Service team for the stats and services. #ransomware #businessemailcompromise #rat #loader #backdoor

"Check out the link in the description below!" is the hook for social engineering attacks. Threat actors using YouTube to distribute malware. Previously, it was reported that threat actors used YouTube to provide details of cracked software for their audience. If you want to use the software for free, check out the link in the description below! Using cracked software is not legal but allures people, which hides the downloaded malware behind it. Thanks to Cara Yi-Ping Lin from Fortinet, for the post that shows that the method also used to distribute Lumma information stealer malware, which targets sensitive information, including user credentials, session cookies, financial information, etc. Check out the link for the details below! :) https://lnkd.in/gYaqSHur #lumma #socialengineering #youtube #malware #informationstealer

When you are compromised by an information stealer malware, it will not be enough to change the password or even have multi-factor authentication. Stay tuned for our notifications! Information-stealing malware is actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and allow continuous access to Google services even after a password reset. Here is what to do: - (Not this one!)When the user changes the password but lets Google remain signed in, in which case the token can only be used once as the token was already used once to let the user remain signed in. - (This one instead) If the user signs out of the browser, then the token will be revoked and deleted from the browser's local storage, which will be regenerated upon logging in again. See the Hacker News article for details: https://lnkd.in/g8r2_xeN

Are we underrating DNS security? Why is it important? Think of DNS security like a city's mail system ??. Just as the postal service ensures letters ?? and packages ?? reach the correct address, DNS directs internet traffic ?? to the right servers. If the postal system is compromised, misdelivery or theft can occur, leading to chaos or loss ??. Similarly, with compromised DNS, users can be misdirected to fraudulent sites, leading to data breaches or malware infection ????. Just like a city relies on a trustworthy and efficient mail system, the internet relies on secure DNS to keep online activities running safely and correctly. Thanks to Quad9 DNS, and John Todd for their free DNS security services. Looks like 9.9.9.9 will be the first address to go. Check out their services for more #security, #privacy, and #performance: https://lnkd.in/gCAd69F9 To understand risks better in DNS security, here is a very good source from Cyber Security News https://lnkd.in/fAPtYQQ

Here is a great example of how we are vulnerable. We depend on both "secure" and "less secure" organizations. It is important to support organizations with a lack of cybersecurity resources and expertise to make the weakest link stronger. #Securityforcommunity aims to make security services more accessible. Stay tuned for our new security programs! #nonprofit #cybersecurity

Thanks to #cisa for providing resources for supporting cybersecurity of families and #smbs Secure Yourself & Your Family: https://lnkd.in/g3-NX5qz Secure Your Business: https://lnkd.in/g4RGUdm9 #smbsecurity #personalsecurity

Dual ransomware attacks are not new but are on the rise. But how that happens? We see victims who are attacked by different ransomware types within less than 48 hours. The used ransomware includes but not limited to AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum and Royal according to FBI report. These attacks are not new but increased 153% from September 2022 to September 2023 according to NCC Group's report. There are two main theories: 1. Ransomware affiliates utilize several ransomware types to attack a single victim. Here is some supporting news: Europol and Ukraine's National Police arrested a ransomware ringleader who was utilizing LockerGoga, MegaCortex, Hive, and Dharma ransomware for their operations. https://lnkd.in/gx8bBUaD 2. Initial Access Brokers (IABs) selling the same unauthorized network access to several ransomware actors who are utilizing that same access coincidentally around the same time. Here is some supporting news: An automotive supplier was attacked by three different ransomware (LockBit, Hive, BlackCat) within two months. https://lnkd.in/gUyFg2bA What do you think about it? Alternative 1 or 2, or something else? https://lnkd.in/gQ2hWh7p

?? Empowering Human Rights Through Cybersecurity At SecurityForCommunity, we firmly believe that cybersecurity is not just about protecting systems and data; it's about safeguarding fundamental human rights. In today's digital age, where our lives are intricately woven with technology, ensuring the security of our online spaces is synonymous with upholding human rights. ??? The Connection Between Cybersecurity and Human Rights Without robust cybersecurity measures, the foundation of human rights is at risk. Privacy, freedom of expression, and the right to information are all vulnerable without adequate protection from cyber threats. As we navigate an increasingly digital world, the importance of cybersecurity in preserving these rights cannot be overstated. This is why, at SecurityForCommunity, we are committed to breaking down barriers. We want to make cybersecurity tools and services more accessible to individuals and companies worldwide. We believe that everyone, regardless of their background or resources, should have the means to protect themselves in the digital realm. ?? Securing Human Rights Through Cybersecurity - It Starts With Accessibility! #SecurityForCommunity #CybersecurityForHumanRights #DigitalSafety #AccessibilityMatters