Sean Kalinich

There is a new bit of malware targeting iOS users via iMessage from what appears to be a new APT (Advanced Persistent Threat) group. The campaign appears to have been in play since some time in 2019. The malware, according to researchers, leverages iMessage to send the targeted user an attachment that then runs with Root Privileges on the device. The result is a complete takeover of the device in question.

The arguments for and against AI as a threat all seem to be centered on the point of AGI (Artificial General Intelligence). This is the point where the reasons skills of AI are on par with the average human brain. When reached it would mark an evolution in AI. The people saying AI is a threat are trying to slow down progress towards this, while those arguing it is harmless all say we are nowhere near that stage. I have argued that this point is irrelevant in terms of assessing the dangers of a blind rush to build and shove AI into everything.

Google’s Chrome (and derivatives) is one of the more popular browsers on the market. It reached the height of popularity via a well-orchestrated marketing push, dissatisfaction with Microsoft, and being one of the faster and more secure browsers (at the time). However, the popularity of the browser and some less than stellar security policies in the Chrome Web Store have made it a nice target for attackers.
Goggle recently removed a total of 32 malicious extensions from the store with downloads possibly totaling 75 million.

Remember how the EU regulators said the Microsoft Activision deal was pro competition and pro-consumer? Well, I wonder what they might be thinking now as news is dropping saying that both Microsoft and Activision are considering pulling games out of the UK in order to push the buyout through. The deal all on its own is far from pro-competition and standing on licensing agreements that affect 1% of the market defied logic, but now we see the lengths that Microsoft is willing to go to in order to get their way.

The group behind BlackCat ransomware seem to be following some good business practices as they have launched a new variant with improved performance (faster encryption) and detection evasion. First identified in February of 2023 the new variant has been given some extra attention after an update to this flavor was seen in April. BlackCat is notable as being the first ransomware written in Rust identified in the wild.

For the second of our game reviews, since returning to covering games, we decided to look at the Microsoft flagship game RedFall. If you have heard of this game, it has probably been in a negative light. Most reviews have already come in and they are not good. Everything from calling the writing and plot “Woke” to buggy graphics, enemy AI, and terrible stylized artwork. So, with this list of negatives already in place, why even bother? Well, I am a glutton for punishment, I like terrible games (at times) and it was free on Game Pass… incidentally I also thought it might be funny to see if this game was as bad as everyone said and add something to the pool of snark surrounding it. For this review we will be covering the Game Pass PC version and playing it on the Xbox One Series X.

RedFall by Akrane Austin was not a well-received game. It has been pretty much panned by everyone that played it. The complaints range from a bad story line and plot to bad graphics, game lag and terrible AI (you can read our review to see our thoughts). Well, it seems that the developers at Arkane Austin were not happy with the game either and were hoping that Microsoft would step in and alter the course before launch.

A couple of days ago an email was sent to me about a new tool kit being sold on the darker side of the internet. The claim what that this new tool could kill the processes behind “any” AV, EDR, or XDR running on Windows 7 and newer. The same email included a link to what was supposed to be proof of its efficacy. I opened the link in a sandbox on a controlled VM just to be sure the link was not malicious all on its own. What I saw was nothing all that new, although it was a bit worrying.

This one goes in both the “failure of imagination” and “this is why we can’t have nice things” category. It seems that Gigabyte, for some reason, decided to embed an insecure update function into the UEFI BIOS of their motherboards, then shipped roughly 7 million of them to customers. The fatal flaw? Well, this is an update function that runs on startup. It writes a file to disk, reaches out to update servers over open HTTP then downloads any updates and installs them.

The RomCom backdoor malware appears to have a new campaign running. The new campaign is using impersonation attacks for different software packages (some real, some not). The goal is to trick the unwary into downloading, and hopefully launching malicious payloads. This type of campaign leverages ad services like Google Ads as a “trusted” platform using ads for software that is either often sought after or currently very popular, like ChatGPT, PDF readers, Remote Management software, etc. They are also, at times, leveraged as links in targeted or blanket phishing and social engineering attacks to get the malware on the targeted systems.

Page 1 of 217