RE: https://infosec.exchange/@WPalant/115633275489771501
It seems that I should start looking for a replacement for this laptop after all. Any recommendations, any other company with good Linux-compatible hardware that can be repaired?
RE: https://infosec.exchange/@WPalant/115633275489771501
It seems that I should start looking for a replacement for this laptop after all. Any recommendations, any other company with good Linux-compatible hardware that can be repaired?
Chenille dans un bec de rougequeue à front blanc

🚨 New Ransomware Group: Booba Project
Dark Web: http://7t3zi3e7ki6iseun77ofqtr6wmbpgnpc2ada6gstcxp54lw6q2zb7jad[.]onion

🚨 Opera GX flaw let malicious sites auto-install mods and steal data from visited pages
Researchers found a flaw in Opera GX that allowed a malicious website to silently install a GX Mod without clicks or approval prompts.
The issue turned Opera GX’s cosmetic mod system into a universal CSS injection path, letting attacker-controlled CSS follow the victim across websites.
In a proof of concept, researchers reconstructed a signed-in user’s full Gmail address from a single visit by leaking page data piece by piece through CSS requests.
Opera says there is no evidence the flaw was exploited in the wild and patched the issue in Opera GX version 130.0.5847.89.
No CVE was assigned, but Opera’s bug bounty team rated it P1 and paid the maximum $5,000 award.
“Just styling” is a lot less harmless when it can follow you across the browser.
🚨 Ousaban banking Trojan campaign targets Spain and Portugal
FortiGuard Labs identified an Ousaban campaign using phishing PDFs, server-side geofencing, and multi-stage malware delivery to target users in Spain and Portugal.
Victims are shown a fake corrupted document with an “Atualizar” prompt that leads to a malicious webpage.
The page checks location, language, timezone, VPN indicators, and device/browser traits before delivering a VBS downloader.
The infection chain uses a steganographic image with an appended ZIP, drops the payload to C:\SysMain_5874288, and sets persistence with a “Financeiro” Run registry value.
Once active, Ousaban monitors banking activity, resolves daily-changing DDNS C2 hosts, and supports screenshots, remote control, clipboard injection, and keylogging.
IOCs:
Domains:
faturanova[.]xyz
facture-in[.]pages[.]dev
facture-arsys[.]duckdns[.]org
faturanova[.]duckdns[.]org
controlfacturas[.]site
IPs:
213[.]159[.]64[.]191
162[.]33[.]179[.]46
91[.]92[.]240[.]140
78[.]40[.]209[.]32
PDF SHA-256:
6bc2e11b0917f47d0557288c4f0cb20bd7589185943b989a969fdc6d3704ee73
540ee1936e61d2344b5ebc93485589a351ec2f113a9b4940ae16f3baa4807392
e2f0c2d4c1552cd81fa012043e4a5ac832582b639b7b6b7eccc0c4802d7a8ad8
9d07a83cf89685651ea8992047ae694c24f6ddef193044357debd15ce07a64fe
4c9fdc2823da505ef339d43c6ad38499b7e3447736733e42b5ab6b1afcfd42aa
5e06af187b45476ade0d953e834fced6197d0a33ac60c2575877660e26ab15e8


6 years of research: "The only trait that consistently predicted objections to remote work was narcissism—the tendency to be self-centered & entitled. The higher the opinions of themselves leaders expressed, the more they coveted power and status—& the more they favored return-to-office mandates."
https://www.sciencedirect.com/science/article/pii/S0749597826000300
Worship me at the office altar: Why narcissistic leaders resist remote work
Marissa S. Shandell, Courtney E. Elliott, Adam M. Grant>My passion is infographics.

Kind of bummed that this petition against a monstrous AI data center has not yet broken 6,000 signatures.
“One of the world’s largest AI data centres is being planned next to Auchtertool village in Fife, Scotland. The height of six double decker buses and length of 100 football pitches. An estimated 20% of Scotland’s energy will be consumed by this.”
https://www.change.org/p/stop-the-proposed-ai-data-centre-near-auchtertool-fife