Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
det.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon Server des Unterhaltungsfernsehen Ehrenfeld zum dezentralen Diskurs.

Administered by:

Server stats:

2K
active users

det.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.2

#dnsrecords

0 posts0 participants0 posts today
Public
Lanie Carmelo

#SelfHosting community, how do you get notifications about your projects?

I'm setting up a couple of #BASH #Scripts to back things up and notify me about events on my #RaspberryPi, but I've hit some roadblocks. Here's my situation:

- I know #email is one option, but I'm not set up for it yet. My domain is on porkbun.com, but its nameservers point to vultr.com, where my #WordPress site is hosted. The Vultr server is managed by a friend, so I don't have access to add #DNSRecords for platforms like #Brevo. I've asked him to add the records but am waiting on that.

- I've been using a #Discord webhook, but I've run into issues with rate limiting when scripts send too many messages. Long messages also cause errors.

Now, I'm exploring other ways to send notifications. Does anyone have suggestions for reliable methods or tools that work well in self-hosted setups?

#Linux #Tech #Technology #BASHScripts #SelfHosted #Notifications
@selfhost @selfhosted @linux @selfhosting

Public
🛡 H3lium@infosec.exchange/:~# :blinking_cursor:

Title: "💻🔒 #MacOSBackdoor: Stealthy Malware in Cracked Apps Drains Wallets via DNS Records 🚨"

Recent reports from Securelist and BleepingComputer reveal a sophisticated malware campaign targeting macOS users. Authored by Sergey Puzan (Securelist) and Bill Toulas (BleepingComputer), these articles uncover a cunning method where hackers disguise information-stealing malware within cracked macOS applications. This threat primarily affects macOS Ventura users and leverages DNS records to conceal malicious scripts. The malware, disguised as a legitimate app activator, prompts users for admin passwords, thus gaining control over the system.

The malware establishes contact with its command and control (C2) server via a unique URL, generated by combining words from hardcoded lists with random letters, and then fetches a base64-encoded Python script from DNS TXT records. This script not only provides backdoor access but also harvests and transmits critical system information. Further, it ensures persistence across reboots and continuously updates itself.

What's alarming is the malware's capability to replace Bitcoin Core and Exodus wallets with compromised versions that transmit users' sensitive data to the attackers. The ingenuity of hiding the payload in DNS server TXT records marks a new level of sophistication in cyber attacks.

Stay vigilant and avoid cracked software to mitigate such threats!

Tags: #CyberSecurity #Infosec #MalwareAnalysis #MacOS #DNSRecords #PythonScript #APT #Securelist #BleepingComputer #SergeyPuzan #BillToulas

Sources:

Kaspersky · Cracked software beats gold: new macOS backdoor stealing cryptowalletsBy Sergey Puzan
ExploreLive feeds
About