MastodonTech.de

The New OilHackers turn <a href="https://mastodon.thenewoil.org/tags/ScreenConnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#ScreenConnect</a> into <a href="https://mastodon.thenewoil.org/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a> using <a href="https://mastodon.thenewoil.org/tags/Authenticode" class="mention hashtag" rel="nofollow noopener" target="_blank">#Authenticode</a> stuffing<a href="https://www.bleepingcomputer.com/news/security/hackers-turn-screenconnect-into-malware-using-authenticode-stuffing/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/hackers-turn-screenconnect-into-malware-using-authenticode-stuffing/</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://mastodon.thenewoil.org/tags/ConnectWise" class="mention hashtag" rel="nofollow noopener" target="_blank">#ConnectWise</a>

OTX BotBe Careful With Fake Zoom Client DownloadsA deceptive email containing a fake Zoom meeting invitation has been identified. Clicking the 'join' button leads to a website prompting users to install a purported Zoom client update. The downloaded executable, 'Session.ClientSetup.exe', is actually malware that installs an MSI package. This package deploys ScreenConnect, a remote access tool, allowing attackers to gain unauthorized access to the victim's computer. The malware establishes persistence by installing itself as a service and connects to a command and control server at tqtw21aa.anondns.net on port 8041. Users are advised to exercise caution when receiving unexpected Zoom invitations or update prompts.Pulse ID: 6841b92a2822d337bdf7bf39 Pulse Link: <a href="https://otx.alienvault.com/pulse/6841b92a2822d337bdf7bf39" rel="nofollow noopener" translate="no" target="_blank">https://otx.alienvault.com/pulse/6841b92a2822d337bdf7bf39</a> Pulse Author: AlienVault Created: 2025-06-05 15:35:06Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/DNS" class="mention hashtag" rel="nofollow noopener" target="_blank">#DNS</a> <a href="https://social.raytec.co/tags/ELF" class="mention hashtag" rel="nofollow noopener" target="_blank">#ELF</a> <a href="https://social.raytec.co/tags/Email" class="mention hashtag" rel="nofollow noopener" target="_blank">#Email</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Malware</a> <a href="https://social.raytec.co/tags/NET" class="mention hashtag" rel="nofollow noopener" target="_blank">#NET</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/ScreenConnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#ScreenConnect</a> <a href="https://social.raytec.co/tags/Zoom" class="mention hashtag" rel="nofollow noopener" target="_blank">#Zoom</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener" target="_blank">#AlienVault</a>

The New Oil<a href="https://mastodon.thenewoil.org/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#CISA</a> warns of <a href="https://mastodon.thenewoil.org/tags/ConnectWise" class="mention hashtag" rel="nofollow noopener" target="_blank">#ConnectWise</a> <a href="https://mastodon.thenewoil.org/tags/ScreenConnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#ScreenConnect</a> bug exploited in attacks<a href="https://www.bleepingcomputer.com/news/security/cisa-warns-of-connectwise-screenconnect-bug-exploited-in-attacks/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/cisa-warns-of-connectwise-screenconnect-bug-exploited-in-attacks/</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a>

Pyrzout :vm:Fake Social Security Statement emails trick users into installing remote tool <a href="https://www.malwarebytes.com/blog/news/2025/04/fake-social-security-statement-emails-trick-users-into-installing-remote-tool" rel="nofollow noopener" translate="no" target="_blank">https://www.malwarebytes.com/blog/news/2025/04/fake-social-security-statement-emails-trick-users-into-installing-remote-tool</a> <a href="https://social.skynetcloud.site/tags/ThreatIntelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#ThreatIntelligence</a> <a href="https://social.skynetcloud.site/tags/ScreenConnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#ScreenConnect</a> <a href="https://social.skynetcloud.site/tags/Molatori" class="mention hashtag" rel="nofollow noopener" target="_blank">#Molatori</a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#News</a> <a href="https://social.skynetcloud.site/tags/SSA" class="mention hashtag" rel="nofollow noopener" target="_blank">#SSA</a>

Deutschland<a href="https://www.europesays.com/de/59942/" rel="nofollow noopener" translate="no" target="_blank">https://www.europesays.com/de/59942/</a> Connectwise Screenconnect: Hochriskante Codeschmuggel-Lücke | heise online <a href="https://pubeurope.com/tags/Alert" class="mention hashtag" rel="nofollow noopener" target="_blank">#Alert</a> <a href="https://pubeurope.com/tags/ConnectWise" class="mention hashtag" rel="nofollow noopener" target="_blank">#ConnectWise</a> <a href="https://pubeurope.com/tags/Deutschland" class="mention hashtag" rel="nofollow noopener" target="_blank">#Deutschland</a> <a href="https://pubeurope.com/tags/Germany" class="mention hashtag" rel="nofollow noopener" target="_blank">#Germany</a> <a href="https://pubeurope.com/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#IT</a> <a href="https://pubeurope.com/tags/Science" class="mention hashtag" rel="nofollow noopener" target="_blank">#Science</a> <a href="https://pubeurope.com/tags/Science" class="mention hashtag" rel="nofollow noopener" target="_blank">#Science</a>&Technology <a href="https://pubeurope.com/tags/Screenconnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#Screenconnect</a> <a href="https://pubeurope.com/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://pubeurope.com/tags/Sicherheitsl%C3%BCcken" class="mention hashtag" rel="nofollow noopener" target="_blank">#Sicherheitslücken</a> <a href="https://pubeurope.com/tags/Sicherheitsupdates" class="mention hashtag" rel="nofollow noopener" target="_blank">#Sicherheitsupdates</a> <a href="https://pubeurope.com/tags/Technik" class="mention hashtag" rel="nofollow noopener" target="_blank">#Technik</a> <a href="https://pubeurope.com/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#Technology</a> <a href="https://pubeurope.com/tags/Wissenschaft" class="mention hashtag" rel="nofollow noopener" target="_blank">#Wissenschaft</a> <a href="https://pubeurope.com/tags/Wissenschaft" class="mention hashtag" rel="nofollow noopener" target="_blank">#Wissenschaft</a>&Technik

IT NewsThis Week in Security: Wyze, ScreenConnect, and Untrustworthy Job Postings - For a smart home company with an emphasis on cloud-connected cameras, what could p... - <a href="https://hackaday.com/2024/02/23/this-week-in-security-wyze-screenconnect-and-untrustworthy-job-postings/" rel="nofollow noopener" translate="no" target="_blank">https://hackaday.com/2024/02/23/this-week-in-security-wyze-screenconnect-and-untrustworthy-job-postings/</a> <a href="https://schleuss.online/tags/hackadaycolumns" class="mention hashtag" rel="nofollow noopener" target="_blank">#hackadaycolumns</a> <a href="https://schleuss.online/tags/securityhacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityhacks</a> <a href="https://schleuss.online/tags/screenconnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#screenconnect</a> <a href="https://schleuss.online/tags/spyware" class="mention hashtag" rel="nofollow noopener" target="_blank">#spyware</a> <a href="https://schleuss.online/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#news</a> <a href="https://schleuss.online/tags/wyze" class="mention hashtag" rel="nofollow noopener" target="_blank">#wyze</a>

BSI WID Advisories Feed<a href="https://social.adlerweb.info/tags/BSI" class="mention hashtag" rel="nofollow noopener" target="_blank">#BSI</a> WID-SEC-2024-0468: [UPDATE] [kritisch] <a href="https://social.adlerweb.info/tags/ConnectWise" class="mention hashtag" rel="nofollow noopener" target="_blank">#ConnectWise</a> <a href="https://social.adlerweb.info/tags/ScreenConnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#ScreenConnect</a>: Mehrere SchwachstellenEin entfernter Angreifer kann mehrere Schwachstellen in ConnectWise ScreenConnect ausnutzen, um Informationen offenzulegen oder um Sicherheitsmaßnahmen zu umgehen.<a href="https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0468" rel="nofollow noopener" translate="no" target="_blank">https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0468</a>

securityaffairs<a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#CISA</a> orders federal agencies to fix <a href="https://infosec.exchange/tags/ConnectWise" class="mention hashtag" rel="nofollow noopener" target="_blank">#ConnectWise</a> <a href="https://infosec.exchange/tags/ScreenConnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#ScreenConnect</a> bug in a week <a href="https://securityaffairs.com/159511/hacking/cisa-connectwise-screenconnect-known-exploited-vulnerabilities-catalog.html" rel="nofollow noopener" translate="no" target="_blank">https://securityaffairs.com/159511/hacking/cisa-connectwise-screenconnect-known-exploited-vulnerabilities-catalog.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a>

IT NewsRansomware associated with LockBit still spreading 2 days after server takedown - Enlarge (credit: Getty Images) Two days after an international... - <a href="https://arstechnica.com/?p=2005464" rel="nofollow noopener" translate="no" target="_blank">https://arstechnica.com/?p=2005464</a> <a href="https://schleuss.online/tags/screenconnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#screenconnect</a> <a href="https://schleuss.online/tags/connectwise" class="mention hashtag" rel="nofollow noopener" target="_blank">#connectwise</a> <a href="https://schleuss.online/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#ransomware</a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://schleuss.online/tags/lockbit" class="mention hashtag" rel="nofollow noopener" target="_blank">#lockbit</a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener" target="_blank">#biz</a>&it

Andrew 🌻 Brandt 🐇<a href="https://cyberplace.social/@GossiTheDog" class="u-url mention" rel="nofollow noopener" target="_blank">@GossiTheDog</a> We all knew slash was dangerous. Guns N' Roses outside shoulda told ya. <a href="https://infosec.exchange/tags/Connectwise" class="mention hashtag" rel="nofollow noopener" target="_blank">#Connectwise</a> <a href="https://infosec.exchange/tags/ScreenConnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#ScreenConnect</a>

Digital Trust Center🚨Kritieke kwetsbaarheden in ConnectWise ScreenConnect🚨Er zijn kwetsbaarheden verholpen in de remote desktop softwareapplicatie ScreenConnect. De meest kritieke kwetsbaarheid geeft een ongeauthenticeerde kwaadwillende de mogelijkheid om een nieuw admin-account aan te maken en willekeurig code uit te voeren. Het advies is om de beschikbare beveiligingsupdates zo snel mogelijk te (laten) installeren. Meer informatie ⤵️<a href="https://www.digitaltrustcenter.nl/nieuws/kritieke-kwetsbaarheden-in-connectwise-screenconnect" rel="nofollow noopener" translate="no" target="_blank">https://www.digitaltrustcenter.nl/nieuws/kritieke-kwetsbaarheden-in-connectwise-screenconnect</a><a href="https://social.overheid.nl/tags/cyberalert" class="mention hashtag" rel="nofollow noopener" target="_blank">#cyberalert</a> <a href="https://social.overheid.nl/tags/screenconnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#screenconnect</a> <a href="https://social.overheid.nl/tags/dreigingsbericht" class="mention hashtag" rel="nofollow noopener" target="_blank">#dreigingsbericht</a>

Security Onion 🧅Quick <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a> analysis: <a href="https://infosec.exchange/tags/ICEDID" class="mention hashtag" rel="nofollow noopener" target="_blank">#ICEDID</a> variant with <a href="https://infosec.exchange/tags/BACKCONNECT" class="mention hashtag" rel="nofollow noopener" target="_blank">#BACKCONNECT</a>, <a href="https://infosec.exchange/tags/ANUBIS" class="mention hashtag" rel="nofollow noopener" target="_blank">#ANUBIS</a> <a href="https://infosec.exchange/tags/VNC" class="mention hashtag" rel="nofollow noopener" target="_blank">#VNC</a>, <a href="https://infosec.exchange/tags/COBALTSTRIKE" class="mention hashtag" rel="nofollow noopener" target="_blank">#COBALTSTRIKE</a> & <a href="https://infosec.exchange/tags/SCREENCONNECT" class="mention hashtag" rel="nofollow noopener" target="_blank">#SCREENCONNECT</a> pcap from 2023-10-18Thanks to <a href="https://infosec.exchange/@malware_traffic" class="u-url mention" rel="nofollow noopener" target="_blank">@malware_traffic</a> for sharing this <a href="https://infosec.exchange/tags/pcap" class="mention hashtag" rel="nofollow noopener" target="_blank">#pcap</a>!More details: <a href="https://blog.securityonion.net/2023/11/quick-malware-analysis-icedid-variant.html" rel="nofollow noopener" translate="no" target="_blank">https://blog.securityonion.net/2023/11/quick-malware-analysis-icedid-variant.html</a><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/infosecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosecurity</a> <a href="https://infosec.exchange/tags/ThreatHunting" class="mention hashtag" rel="nofollow noopener" target="_blank">#ThreatHunting</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#IncidentResponse</a>

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#screenconnect