 |
Post As3EqwfFGqfew8c01o by [email protected] |
 |
More posts by [email protected] |
|
Post #As2wHBxH907ClCqaZs by [email protected] |
|
0 likes, 1 repeats |
|
|
|
Called it. Wrote this back in Sept. 2024, about a clever Windows Powershell phi… |
|
|
|
Post #As2wLRGWA8mFP2sAaG by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@briankrebs I am the easiest one to fool |
|
|
|
Post #As2whs4ZAsj0umylZg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs who needs macros when you can make people paste things to the run d… |
|
|
|
Post #As2wtzNJqkxN2QWqZM by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs orgs really need to disable this https://m.majorgeeks.com/content/p… |
|
|
|
Post #As2wxohjSv6f6Mtzn6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@scott nice! thanks for that. |
|
|
|
Post #As2yoHNaCItz333cC8 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs it is incredibly widespread, I see it come by quite often. |
|
|
|
Post #As2zPmtC0Wf3UMjBku by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@briankrebs this and AITM phishing seem to be the 2 most frequent entry points … |
|
|
|
Post #As2zk5DDaoA46llwci by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@briankrebs since the beginning of this year, 95% of the incidents I've rev… |
|
|
|
Post #As30fGq72EeMfyEYuu by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs The first principle is that you must not fool yourself and you are … |
|
|
|
Post #As356oxagPe68P7lQW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs been seeing a lot of this lately. I thought the same thing but neve… |
|
|
|
Post #As35NzaiPV9U1rc288 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs Sorry if I missed it in your article, but how does this impact user… |
|
|
|
Post #As39eErVni4zqCTHLE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs why am I not surprised at this?I wounder if the #malware is clever … |
|
|
|
Post #As39k0WI2Poz63INxw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@ai6yr @briankrebs OFC this targets #TechIlliterates and the only effective mea… |
|
|
|
Post #As39puVDK6QoAhbh6O by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@scott @briankrebsHow do you run anything without the run command on Windows ve… |
|
|
|
Post #As3A1iwq6lTFoMA5my by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@kkarhan @ai6yr @briankrebs @tails_live @tails @torproject While I don't se… |
|
|
|
Post #As3AcRJYdG0DpuINBg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@f @ai6yr @briankrebs I think it's less of a "#political" questio… |
|
|
|
Post #As3AfM5eVpQWVCBK8u by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@rdela @briankrebs seriously. All those readmes that say just cooy this one lin… |
|
|
|
Post #As3Ak6weFWVYyhEnZ2 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@Suiseiseki @briankrebs sorry there are shitty people who make it so we can'… |
|
|
|
Post #As3BWrGJLXr8WngAls by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs I wrote this up here (https://mstdn.party/@nitpicking/114089792225… |
|
|
|
Post #As3EqwfFGqfew8c01o by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs Don't get John Hammon'd by this scam. :P#johnhammond |
|
|
|
Post #As3I7DALz8bSbzbuVM by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs ouch! |
|
|
|
Post #As3IEhJGJHQi7zLZoG by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@briankrebs I disabled the Run dialog at my clients (which is mildly inconvenie… |
|
|
|
Post #As3IxXZhLoP8y0PxOC by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@gunthr @briankrebs Malware doesn't need elevated permissions to do bad thi… |
|
|
|
Post #As3MtGDAMi4Zm15phY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs my wife in not a dev but did fall for this. |
|
|
|
Post #As3Sy38yycQKPznr04 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@briankrebs I have never seen this.Must be because I refuse to use Windows.#Lin… |
|
|
|
Post #As3T4Yqs05z8UoR5rE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@kkarhan People might be more receptive to your message if it didn't come a… |
|
|
|
Post #As3TDameBfLj5sld1U by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jernej__s @briankrebs Ah, gotcha. So it's downloading and running malware … |
|
|
|
Post #As3UQR5Xe3TCk9IEfQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@SpaceLifeForm @briankrebs and yet Linux users will happily:$ curl script | sud… |
|
|
|
Post #As3USBnZSmrRtyivI0 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@cerement @SpaceLifeForm @briankrebs so true haha. If Linux become mainstream, … |
|
|
|
Post #As3USeO3Akg6ZE0S2K by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@[email protected] They started to do this on Cloudflare because it�… |
|
|
|
Post #As3d1asizoVxSrWl0q by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@cerement @briankrebs Doubtful that newbies even know what curl and pipe are. |
|
|
|
Post #As3glQAlRa85QzVc6S by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs Back in the day (when Brian Krebs was still in high school) the p… |
|
|
|
Post #As3kKcq4dtnAiSJFTM by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs This technique is called ClickFix. McAfee first wrote about it in J… |
|
|
|
Post #As3qR64bSiuGqaZgNU by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@funes @briankrebs Safe to assume a decent malware solution (e.g. Malware Bytes… |
|
|
|
Post #As3qR6BL3gIJBTj3sO by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@ralfmaximus @funes IDK is the answer to all your questions. Probably Windows n… |
|
|
|
Post #As3rkJvWHNwZGl3XOK by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@ralfmaximus @briankrebs these attacks are mostly fileless and don't instal… |
|
|
|
Post #As5iRkmvfsU5nz1u0u by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@psykus yes websites are generally allowed to copy into the clipboard, I think … |
|
|
|
Post #As5rPDi4aSeQDscoHA by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@briankrebs [ Thinks to self ] " Oh, sure... Just paste something into Win… |
|
|
|
Post #AsHOBMAnl3TDdxcQXw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@leeloocreate a file with .bat extension that contains the commands you want to… |
|
|
|
Post #AsHOBMIFJNQQ136N9M by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@hajovonta @scott @briankrebsYou still need some way to run that bat file. I do… |
|
|
|
Post #AsHOBMNuyHxiIdktzU by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@leeloo you can double-click your files on your Desktop.@scott @briankrebs |
|
|
|
Post #AsHOBMUIaZ4AcQjzw8 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@hajovonta @scott @briankrebsThat's a horribly inefficient UI, and basicall… |
|
|
|
Post #AsHOBMZyFTbSu1OWmG by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@leeloo I know. The point is, it's a terrible idea to disable the Run field… |
|
|
|
Post #AsHOBMfzt4QLCiDLAe by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@hajovonta @scott @briankrebsOh, then I understood your replies completely back… |
|
|
|
Post #AsHOBMlJZIg3TChaSW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@leeloo I think the main way of running programs in Windows is to create shortc… |
|
|
|
Post #AsHOBMrLCtUvltWOqu by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@hajovonta @scott @briankrebs I would think quick launch is the main way of lau… |
