A new linux malware, called Auto-Color, was discovered by cybersecurity researchers at Palo Alto Networks' Unit 42, a team specializing in analyzing and uncovering cyber threats. This malware (backdoor) is a tool used by hackers to secretly gain access to computers running the Linux operating system, allowing them to carry out harmful activities while staying hidden.

Auto-Color is designed to be extremely stealthy. For example, it camouflages itself within the system and alters activity logs to make everything appear normal. It’s like an invisible burglar who not only sneaks into your digital “house” but also covers their tracks so you don’t notice their presence. This makes it difficult for security tools to detect and block its actions.

https://unit42.paloaltonetworks.com/new-linux-backdoor-auto-color/

Jailbreaking von Deepseek

#AI #Cybersecurity #Datenexfiltration #DeepSeek #GenAI #Keylogger #künstlicheIntelligenz #LLM @PaloAltoNetworks #Security #Unit42

https://netzpalaver.de/2025/01/31/jailbreaking-von-deepseek/

KI-generierte Malware: Unbegrenzte Möglichkeiten für Kriminelle
#KünstlicheIntelligenz #Malware #ChatGPT #GenerativeKI #KIMalware #LLMs #Unit42 #WormGPT https://sc.tarnkappe.info/a5082e

Threat Alert! Unit 42 reveals a phishing campaign exploiting HubSpot to harvest Microsoft Azure credentials, targeting European companies. With 20,000 users affected, attackers used urgency tactics and fraudulent forms. Stay vigilant!
Learn more about this ongoing threat: https://cyberinsider.com/threat-actors-exploit-hubspot-to-harvest-microsoft-azure-credentials/
#CyberSecurity #Phishing #MicrosoftAzure #HubSpot #Unit42 #newz

Jailbreaking von LLMs

#Cybersecurity #DeceptiveDelight #GenAI #Jailbreaking #LargeLanguageModel #LLM @PaloAltoNtwks #Schwachstelle #Security #Unit42

https://netzpalaver.de/2024/10/25/jailbreaking-von-llms/

Multiple high-profile #opensource projects, including those from #Google, #Microsoft, #AWS, and #RedHat, were found to leak #GitHub authentication tokens through #GitHubActions artifacts in CI/CD.
#PaloAltoNetworks #Unit42 found it affected:
Firebase
OpenSearch Security
Clair
JSON Schemas
TypeScript Repos Automation, TypeScript Bot Test Triggerer, Azure Draft
CycloneDX SBOM (OWASP)
Stockfish
Libevent
Guardian for Apache Kafka
Git Annex
Penrose
Deckhouse
Concrete-ML
https://www.bleepingcomputer.com/news/security/github-actions-artifacts-found-leaking-auth-tokens-in-popular-projects/

Unit 42 researchers uncover critical GitHub Actions vulnerability https://www.developer-tech.com/news/unit-42-researchers-critical-github-actions-vulnerability/ #github #unit42 #security #infosec #hacking #coding #programming #developers #tech #news #technology

Angriff auf Router & Co. – Mirai-Botnetz übernimmt Smart Devices
#Cyberangriffe #ITSicherheit #Malware #BruteForce #DDoS #Fritzbox #IoT #IoTGeräte #IPKamera #Linux #MiraiBotnetz #SmartDevices #Unit42 #V3G4 https://tarnkappe.info/artikel/malware/angriff-auf-router-co-mirai-botnetz-uebernimmt-smart-devices-265561.html

Botnetze übernehmen Millionen von Routern – auch Deinen!
#Cyberangriff #Hacking #AsusRouter #Belkin #Botnetze #DLinkRouter #Fodcha #Gafgyt #IoT #mirai #Mozi #Netgear #RealtekJungleSDK #RedGoBot #Sicherheitsupdates #Unit42 #Zyxel https://tarnkappe.info/artikel/cyberangriff/botnetze-uebernehmen-millionen-von-routern-auch-deinen-264186.html

As always excellent research by #Unit42 about MitM phishing. It explains, amongst other things, how thractors circumvent 2FA.

A strong argument for #Passkey

https://unit42.paloaltonetworks.com/meddler-phishing-attacks/

https://fidoalliance.org/passkeys/

Do I have anyone here working for #Unit42?

Boost if you don't mind to give me some reach. Really appreciate the help!

Moobot Botnetz hat es auf D-Link Router abgesehen
#Hacking #Malware #DLinkRouter #DDoSAttacke #HikvisionKameras #Internetgeschwindigkeit #MiraiBotnetz #Sicherheitsupdates #Unit42 https://tarnkappe.info/artikel/hacking/moobot-botnetz-hat-es-auf-d-link-router-abgesehen-255396.html

PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers - The malware takes aim at PostgreSQL database servers with never-before-seen techniques. https://threatpost.com/pgminer-monero-mining-botnet/162209/ #securityvulnerability #remotecodeexecution #vulnerabilities #databaseservers #malwareanalysis #cloudsecurity #cve-2019-9193 #cryptomining #postgresql #paloalto #malware #pgminer #botnet #monero #unit42 #linux #rce

OilRig APT Drills into Malware Innovation with Unique Backdoor - The RDAT tool uses email as a C2 channel, with attachments that hide data and commands inside imag... more: https://threatpost.com/oilrig-apt-unique-backdoor/157646/ #steganography #helixkitten #c2channel #backdoor #paloalto #malware #oilrig #unit42 #apt34 #email #irán #rdat #apt

Cyberattacks Target Healthcare Orgs on Coronavirus Frontlines - Cybercriminals aren't sparing medical professionals, hospitals and healthcare orgs on the frontlin... more: https://threatpost.com/cyberattacks-healthcare-orgs-coronavirus-frontlines/154768/ #healthcareorganizations #criticalinfrastructure #medicalprofessionals #vulnerabilities #cybercriminal #coronavirus #cyberattack #agenttesla #ransomware #paloalto #phishing #malware #malspam #targets #unit42 #hacks #email

New Mirai Variant ‘Mukashi’ Targets Zyxel NAS Devices - The botnet exploits a vulnerability discovered last month that can allow threat actors to remotely... more: https://threatpost.com/new-mirai-variant-mukashi-targets-zyxel-nas-devices/153982/?utm_source=rss&utm_medium=rss&utm_campaign=new-mirai-variant-mukashi-targets-zyxel-nas-devices #networkattachedstorage #criticalvulnerability #zero-dayvulnerability #paloaltonetworks #vulnerabilities #miraivariant #bruteforce #mukashi #unit42

Cloud Misconfig Mistakes Show Need For DevSecOps - Unit 42 researchers discuss public cloud misconfiguration issues that are leading to breaches of s... more: https://threatpost.com/cloud-misconfig-devsecops/153921/?utm_source=rss&utm_medium=rss&utm_campaign=cloud-misconfig-devsecops #cloudmisconfiguration #cloudinfrastructure #misconfiguration #graboidmalware #cloudsecurity #datacenters #publiccloud #databreach #devsecops #interview #ryanolson #paloalto #videos #breach #unit42 #rsac #rsa