#Tag
Presenting SUDO for DOS!
An implementation of sudo for DOS, to run the given command with full privileges. It can be used to edit important system files, run disk partitioning tools, and so on!
Presenting SUDO for DOS!
An implementation of sudo for DOS, to run the given command with full privileges. It can be used to edit important system files, run disk partitioning tools, and so on!
📱Smishing Slows, Quishing Quickens 🎣
Sick of smishing and those pesky parking/toll texts? Don’t get caught by crafty, counterfeit court QR codes — it’s a scan-and-scam! 💳 🚨
North American cell phone users are being hit with yet another wave of smishing campaigns that now include quishing elements. Likely orchestrated by Chinese-speaking threat actors, this latest campaign builds on previous vehicular violations, evolving tactics while impersonating US courts. 🧑⚖️
We’ve recently seen a flurry of SMS messages pushing parking violations — but with a twist: face justice in court… or scan and pay instead!
Delivered as an official-looking image, the actor has begun integrating QR codes into these lures to help mask suspicious phishing URLs, baiting victims into entering personal information, credentials, and ultimately making payments.
For some, this lure may sound better than facing justice for their perceived poor parking. Victims who don't comply are warned that failure to appear or pay could have serious repercussions - a scare tactic designed to push you toward a hasty decision and scanning the QR code! 🫣
We uncovered thousands of these nefarious domains, through their use of Registered Domain Generation Algorithms (RDGAs) and local government impersonation, hosted across a diverse range of hosting providers to evade takedown.
Recent examples:
⛔ ahfgx[.]icu
⛔ euoyq[.]icu
⛔ htpze[.]icu
⛔ mwlaj[.]icu
Friendly reminder - courts don't usually communicate with you via text. That said, we suspect this actor will continue to evolve, expanding their global reach and diversifying lures while improving tradecraft used in smishing and quishing delivery. As for us, we'll take our chances on evading that bench warrant and running from the law. 🏃♂️➡️
#dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #phishing #smishing #quishing
UK MPs have passed an amendment giving the government powers to restrict access to VPNs.
Imposing digital ID checks will turn people away from using a tool that keeps them safe and secure online.
Instead it'll fuel the surveillance-based economy that causes harms.
Sign our petition to protect VPN use in the UK ⬇️
https://action.openrightsgroup.org/tell-government-protect-vpn-use-uk
#vpn #privacy #cybersecurity #onlinesafety #ukpolitics #ukpol
UK MPs have passed an amendment giving the government powers to restrict access to VPNs.
Imposing digital ID checks will turn people away from using a tool that keeps them safe and secure online.
Instead it'll fuel the surveillance-based economy that causes harms.
Sign our petition to protect VPN use in the UK ⬇️
https://action.openrightsgroup.org/tell-government-protect-vpn-use-uk
#vpn #privacy #cybersecurity #onlinesafety #ukpolitics #ukpol
"There is little evidence that young people are using VPNs to bypass digital ID checks imposed by the [UK] Online Safety Act."
Age gating them "will have little impact on children's online safety but will deter adults from using them or force people to hand over personal documents or biometric data."
🗣️ @JamesBaker for ORG.
https://www.independent.co.uk/extras/indybest/gadgets-tech/vpn-ban-uk-b2934934.html
#vpn #privacy #cybersecurity #onlinesafety #ukpolitics #ukpol
From MSNOW: Iran is a superpower in the field of #cyberwarfare.
But the United States government had experts at fighting against Iran's cyber capabilities.
But the Trump Administration fired these experts shortly before Trump decided to attack Iran. They were fired because Trump had doubts about whether they would be politically loyal to him. We are going to see how much of a stupid mistake Trump made, and how much this will damage the American people.
#IranWar #cybersecurity #politics #tech
From MSNOW: Iran is a superpower in the field of #cyberwarfare.
But the United States government had experts at fighting against Iran's cyber capabilities.
But the Trump Administration fired these experts shortly before Trump decided to attack Iran. They were fired because Trump had doubts about whether they would be politically loyal to him. We are going to see how much of a stupid mistake Trump made, and how much this will damage the American people.
#IranWar #cybersecurity #politics #tech
If you’ve thought your old, unused email account is harmless, think again. Those forgotten or ignored accounts are a potential gateway to your digital identity. “Hackers love inactive email accounts because hardly anyone looks at them, and warning messages about unauthorized logins go unnoticed and unread into digital oblivion,” Steffen Zellfelder writes for PCWorld. Read more, including how a little digital housekeeping can prevent you from getting owned (or pwned):
Here is an article by @eff about the issues of #AgeVerification laws, affecting the parts of the US Constitution nationwide. #FirstAmendment #FourthAmendment #PrivacyFirst #CyberSecurity #NoAgeSignals #DigitalRights #DigitalFreedom
Here is an article by @eff about the issues of #AgeVerification laws, affecting the parts of the US Constitution nationwide. #FirstAmendment #FourthAmendment #PrivacyFirst #CyberSecurity #NoAgeSignals #DigitalRights #DigitalFreedom
Breaking, new, by me: Iran-backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker's main U.S. headquarters says the company is currently experiencing a building emergency.
From the story:
"Wiper attacks usually involve malicious software designed to overwrite any existing data on infected devices. But a trusted source with knowledge of the attack who spoke on condition of anonymity told KrebsOnSecurity the perpetrators in this case appear to have used a Microsoft service called Microsoft Intune to issue a ‘remote wipe’ command against all connected devices."
"Intune is a cloud-based solution built for IT teams to enforce security and data compliance policies, and it provides a single, web-based administrative console to monitor and control devices regardless of location. The Intune connection is supported by this Reddit discussion on the Stryker outage, where several users who claimed to be Stryker employees said they were told to uninstall Intune urgently."
https://krebsonsecurity.com/2026/03/iran-backed-hackers-claim-wiper-attack-on-medtech-firm-stryker/
Breaking, new, by me: Iran-backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker's main U.S. headquarters says the company is currently experiencing a building emergency.
From the story:
"Wiper attacks usually involve malicious software designed to overwrite any existing data on infected devices. But a trusted source with knowledge of the attack who spoke on condition of anonymity told KrebsOnSecurity the perpetrators in this case appear to have used a Microsoft service called Microsoft Intune to issue a ‘remote wipe’ command against all connected devices."
"Intune is a cloud-based solution built for IT teams to enforce security and data compliance policies, and it provides a single, web-based administrative console to monitor and control devices regardless of location. The Intune connection is supported by this Reddit discussion on the Stryker outage, where several users who claimed to be Stryker employees said they were told to uninstall Intune urgently."
https://krebsonsecurity.com/2026/03/iran-backed-hackers-claim-wiper-attack-on-medtech-firm-stryker/
Claude Opus 4.6 AI found 22 Firefox vulnerabilities (14 high-severity) in two weeks, helping patch Firefox 148 — nearly 20% of 2025's high-risk bugs. 🧩
Anthropic notes AI excels at bug hunting but struggles with full exploits, marking a shift where AI-assisted analysis joins fuzzing as a key security tool. 🛡️
🔗 https://thehackernews.com/2026/03/anthropic-finds-22-firefox.html
#TechNews #Privacy #Firefox #AI #Security #Anthropic #Claude #Cybersecurity #Vulnerabilities #Mozilla #Browser #OpenSource #Hacking #DevSecOps #FOSS #Opus
Claude Opus 4.6 AI found 22 Firefox vulnerabilities (14 high-severity) in two weeks, helping patch Firefox 148 — nearly 20% of 2025's high-risk bugs. 🧩
Anthropic notes AI excels at bug hunting but struggles with full exploits, marking a shift where AI-assisted analysis joins fuzzing as a key security tool. 🛡️
🔗 https://thehackernews.com/2026/03/anthropic-finds-22-firefox.html
#TechNews #Privacy #Firefox #AI #Security #Anthropic #Claude #Cybersecurity #Vulnerabilities #Mozilla #Browser #OpenSource #Hacking #DevSecOps #FOSS #Opus
@GhostOnTheHalfShell if it's a sophisticated attack like this it's almost always north korea
rough guide to #crypto theft perpetrators based on attack vector:
- scarily sophisticated #cybersecurity breach = north korea
- hiring a guy off linkedIn who turned out to be a malign actor = north korea
- someone opened the wrong PDF = north korea
- sim swap (stolen cell phone number) = amoral american 19 year old boys
- manipulation of smart contract math to extract from a broken market = math nerd in his 20s from europe, israel, or the US
- fake love interest (pig butchering) or other romance scam = vietnamese person enslaved by the chinese mafia in cambodia
This is a bonfire demo instance for testing purposes. This is not a production site. There are no backups for now. Data, including profiles may be wiped without notice. No service or other guarantees expressed or implied.
