Apple-feed
boosted
Apple-feed
boosted
🧪 NEW BETA RELEASES 🧪
📱 iOS 18.7.2 RC (22H123)
📱 iOS 26.1 RC (23B82)
📱 iPadOS 18.7.2 RC (22H123)
📱 iPadOS 26.1 RC (23B82)
💻 macOS 26.1 RC (25B77)
📺 tvOS 26.1 RC (23J580)
🥽 visionOS 26.1 RC (23N48)
⌚ watchOS 26.1 RC (23S36)
🧪 NEW BETA RELEASES 🧪
📱 iOS 18.7.2 RC (22H123)
📱 iOS 26.1 RC (23B82)
📱 iPadOS 18.7.2 RC (22H123)
📱 iPadOS 26.1 RC (23B82)
💻 macOS 26.1 RC (25B77)
📺 tvOS 26.1 RC (23J580)
🥽 visionOS 26.1 RC (23N48)
⌚ watchOS 26.1 RC (23S36)
Apple-feed
boosted
New.
"BlueNoroff (aka. Sapphire Sleet, APT38, Alluring Pisces, Stardust Chollima, and TA444) has adopted new infiltration strategies and malware sets over time, but it still targets blockchain developers, C-level executives, and managers within the Web3/blockchain industry."
Kaspersky: Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs https://securelist.com/bluenoroff-apt-campaigns-ghostcall-and-ghosthire/117842/ @Kaspersky #cybersecurity #infosec #macOS #Apple #malware
New.
"BlueNoroff (aka. Sapphire Sleet, APT38, Alluring Pisces, Stardust Chollima, and TA444) has adopted new infiltration strategies and malware sets over time, but it still targets blockchain developers, C-level executives, and managers within the Web3/blockchain industry."
Kaspersky: Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs https://securelist.com/bluenoroff-apt-campaigns-ghostcall-and-ghosthire/117842/ @Kaspersky #cybersecurity #infosec #macOS #Apple #malware
Apple-feed
boosted
Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs
BlueNoroff, a financially motivated threat actor, has been conducting two sophisticated campaigns dubbed GhostCall and GhostHire. GhostCall targets macOS devices of tech executives and venture capitalists through fake Zoom-like meetings, while GhostHire targets Web3 developers through fake recruitment processes. Both campaigns utilize various malware chains, including ZoomClutch, DownTroy, CosmicDoor, RooTroy, and SilentSiphon. The attacks involve social engineering, AI-enhanced images, and multi-stage malware deployment across Windows, macOS, and Linux systems. BlueNoroff has expanded its focus beyond cryptocurrency theft to comprehensive data acquisition, enabling supply chain attacks and leveraging established trust relationships for broader impact.
Pulse ID: 69003b85c217870cc5794cc6
Pulse Link: https://otx.alienvault.com/pulse/69003b85c217870cc5794cc6
Pulse Author: AlienVault
Created: 2025-10-28 03:41:57
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BlueNoroff #CyberSecurity #InfoSec #Linux #Mac #MacOS #Malware #OTX #OpenThreatExchange #Rust #SocialEngineering #SupplyChain #Web3 #Windows #Zoom #bot #cryptocurrency #developers #AlienVault
Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs
BlueNoroff, a financially motivated threat actor, has been conducting two sophisticated campaigns dubbed GhostCall and GhostHire. GhostCall targets macOS devices of tech executives and venture capitalists through fake Zoom-like meetings, while GhostHire targets Web3 developers through fake recruitment processes. Both campaigns utilize various malware chains, including ZoomClutch, DownTroy, CosmicDoor, RooTroy, and SilentSiphon. The attacks involve social engineering, AI-enhanced images, and multi-stage malware deployment across Windows, macOS, and Linux systems. BlueNoroff has expanded its focus beyond cryptocurrency theft to comprehensive data acquisition, enabling supply chain attacks and leveraging established trust relationships for broader impact.
Pulse ID: 69003b85c217870cc5794cc6
Pulse Link: https://otx.alienvault.com/pulse/69003b85c217870cc5794cc6
Pulse Author: AlienVault
Created: 2025-10-28 03:41:57
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BlueNoroff #CyberSecurity #InfoSec #Linux #Mac #MacOS #Malware #OTX #OpenThreatExchange #Rust #SocialEngineering #SupplyChain #Web3 #Windows #Zoom #bot #cryptocurrency #developers #AlienVault
Apple-feed
boosted
Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C
The Water Saci campaign has evolved, now utilizing an email-based command and control infrastructure and multi-vector persistence for resilience. The new attack chain employs script-based techniques, including VBS downloaders and PowerShell scripts, to hijack WhatsApp Web sessions and automate malware distribution. It features sophisticated remote control capabilities, allowing real-time management of infected machines as a coordinated botnet. The malware implements extensive anti-analysis measures and targets Portuguese-language systems. Its email-based C&C system uses IMAP connections to retrieve commands, complemented by an HTTP-based polling mechanism for ongoing communication. The campaign shares similarities with the Coyote banking trojan, suggesting possible links within the Brazilian cybercriminal ecosystem.
Pulse ID: 68ff8dd035041c4143f2889b
Pulse Link: https://otx.alienvault.com/pulse/68ff8dd035041c4143f2889b
Pulse Author: AlienVault
Created: 2025-10-27 15:20:48
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Bank #BankingTrojan #Brazil #CandC #Coyote #CyberSecurity #Email #HTTP #InfoSec #Mac #Malware #OTX #OpenThreatExchange #PowerShell #Trojan #VBS #WhatsApp #bot #botnet #AlienVault
Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C
The Water Saci campaign has evolved, now utilizing an email-based command and control infrastructure and multi-vector persistence for resilience. The new attack chain employs script-based techniques, including VBS downloaders and PowerShell scripts, to hijack WhatsApp Web sessions and automate malware distribution. It features sophisticated remote control capabilities, allowing real-time management of infected machines as a coordinated botnet. The malware implements extensive anti-analysis measures and targets Portuguese-language systems. Its email-based C&C system uses IMAP connections to retrieve commands, complemented by an HTTP-based polling mechanism for ongoing communication. The campaign shares similarities with the Coyote banking trojan, suggesting possible links within the Brazilian cybercriminal ecosystem.
Pulse ID: 68ff8dd035041c4143f2889b
Pulse Link: https://otx.alienvault.com/pulse/68ff8dd035041c4143f2889b
Pulse Author: AlienVault
Created: 2025-10-27 15:20:48
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Bank #BankingTrojan #Brazil #CandC #Coyote #CyberSecurity #Email #HTTP #InfoSec #Mac #Malware #OTX #OpenThreatExchange #PowerShell #Trojan #VBS #WhatsApp #bot #botnet #AlienVault
Apple-feed
boosted
iOS 26 Overwrites ‘shutdown.log’ on Reboot, Erasing Forensic Evidence of Pegasus and Predator Spyware https://gbhackers.com/ios-26/ #CyberSecurityNews #cybersecurity #iOS26
iOS 26 Overwrites ‘shutdown.log’ on Reboot, Erasing Forensic Evidence of Pegasus and Predator Spyware https://gbhackers.com/ios-26/ #CyberSecurityNews #cybersecurity #iOS26
#selfhosting
boosted
🚀 Sync-in Server 1.8 is out!
🌍 14 languages supported
⚡ Better for small systems (e.g. Raspberry Pi)
🖼️ 3× faster photo thumbnails
🔍 Full-text search with flexible indexing
📊 Storage quotas incl. external data
🐳 Lighter Docker image
📖 https://sync-in.com/news/sync-in-server-1-8
#release #opensource #foss #selfhosting #selfhosted #security #linux #privacy #logicielslibres #libre #collaboration #mfa #2fa #authentification #cybersecurity #infosec #nodejs #typescript #devops #opensourcecommunity
🚀 Sync-in Server 1.8 is out!
🌍 14 languages supported
⚡ Better for small systems (e.g. Raspberry Pi)
🖼️ 3× faster photo thumbnails
🔍 Full-text search with flexible indexing
📊 Storage quotas incl. external data
🐳 Lighter Docker image
📖 https://sync-in.com/news/sync-in-server-1-8
#release #opensource #foss #selfhosting #selfhosted #security #linux #privacy #logicielslibres #libre #collaboration #mfa #2fa #authentification #cybersecurity #infosec #nodejs #typescript #devops #opensourcecommunity
Apple-feed
boosted
Your iPhone isn't as secure as you think!
Learn to defend against Pegasus spyware, zero-click exploits, and advanced threats targeting Apple devices.
From FileVault to firmware locks - master iOS and Mac security before attackers do.
https://hackersarise.thinkific.com/courses/mac-security
#infosec #ios #macos #apple #cybersecurity #technology #pegasus #malware
Your iPhone isn't as secure as you think!
Learn to defend against Pegasus spyware, zero-click exploits, and advanced threats targeting Apple devices.
From FileVault to firmware locks - master iOS and Mac security before attackers do.
https://hackersarise.thinkific.com/courses/mac-security
#infosec #ios #macos #apple #cybersecurity #technology #pegasus #malware
Apple-feed
boosted
"At a high level, when you compose a message with these tools, the companies can usually see the contents of those messages and receive at least a temporary copy of the text on their servers.
When receiving messages, things get trickier. When you use an AI like Gemini or a feature like Apple Intelligence to summarize or read notifications, we believe companies should be doing that content processing on-device. But poor documentation and weak guardrails create issues that have lead us deep into documentation rabbit holes and still fail to clarify the privacy practices as clearly as we’d like.
We’ll dig into the specifics below as well as potential solutions we’d like to see Apple, Google, and other device-makers implement, but first things first, here’s what you can do right now to control access:"
#Google #Apple #GoogleGemini #AppleIntelligence #AI #GenerativeAI #Android #iOS #Privacy #CyberSecurity
"At a high level, when you compose a message with these tools, the companies can usually see the contents of those messages and receive at least a temporary copy of the text on their servers.
When receiving messages, things get trickier. When you use an AI like Gemini or a feature like Apple Intelligence to summarize or read notifications, we believe companies should be doing that content processing on-device. But poor documentation and weak guardrails create issues that have lead us deep into documentation rabbit holes and still fail to clarify the privacy practices as clearly as we’d like.
We’ll dig into the specifics below as well as potential solutions we’d like to see Apple, Google, and other device-makers implement, but first things first, here’s what you can do right now to control access:"
#Google #Apple #GoogleGemini #AppleIntelligence #AI #GenerativeAI #Android #iOS #Privacy #CyberSecurity
Aral Balkan
boosted
🔒 Signal users beware! Phishing messages posing as “Security Support ChatBot” are targeting accounts, urging users to share verification codes. Don’t fall for it—Signal never asks for codes via chat. Always verify contacts & report suspicious requests. #CyberSecurity #PhishingAlert
👉 https://cyberinsider.com/signal-users-targeted-by-fake-support-messages-for-account-hijacks/ #newz
🔒 Signal users beware! Phishing messages posing as “Security Support ChatBot” are targeting accounts, urging users to share verification codes. Don’t fall for it—Signal never asks for codes via chat. Always verify contacts & report suspicious requests. #CyberSecurity #PhishingAlert
👉 https://cyberinsider.com/signal-users-targeted-by-fake-support-messages-for-account-hijacks/ #newz