A fake PDF purporting to contain information on "the formation of the leadership council of the Syrian revolution" is circulating. As the Electronic Frontier Foundation's Eva Galperin and Morgan Marquis-Boire report, it's bad news for people who install it.
The latest surveillance malware comes in the form of an extracting file which is made to look like a PDF if you have file extensions turned off. The PDF purports to be a document concerning the formation of the leadership council of the Syrian revolution and is delivered via Skype message from a known friend. The malware installs a remote administration tool called DarkComet RAT, which can capture webcam activity, disable the notification setting for certain antivirus programs, record key strokes, steal passwords, and more. It sends this data back to the same IP address in Syrian IP space that was used in several previous attacks, including the attacks reported by CNN in February, the Xtreme RAT Trojan EFF reported in March, and this sample from March 21st.
Syrian Internet users should be extremely cautious about clicking on suspicious-looking links, or downloading documents over Skype, even if the document purportedly comes from a friend.
Campaign Targeting Syrian Activists Escalates with New Surveillance Malware
Cryptocurrencies and Tor hidden services ushered in a new golden age for markets in illegal goods, especially banned or circumscribed drugs: Bitcoin was widely (and incorrectly) viewed as intrinsically anonymous, while the marketplaces themselves were significantly safer and more reliable than traditional criminal markets, and as sellers realized real savings in losses due to law […]
“With around 400,000 federal employees currently furloughed, more than 80 TLS certificates used by .gov websites have so far expired without being renewed.”
Chrome security engineer and EFF alumna Chris Palmer's State of Software Security 2019 is less depressing than you might think: Palmer calls out the spread of encryption of data in transit and better signaling to users when they're using insecure connections (largely attributable to the Let's Encrypt project); and security design, better programming languages and […]
It’s a rude awakening for that rookie vacationer abroad when they try to plug in their gear for the night. Veteran jet-setters know that outlet shapes can vary wildly from country to country, which necessitates that most boring must-have for any world-traveler: A sackful of clunky power adapters. Awkward problem, elegant solution: The Twist Plus […]
Looking for a career in music behind the boards, either as a music producer or DJ? It’s a good bet that you’re going to be working with Ableton Live. Each new iteration of this powerful workstation gives the user more tools to create, and it’s just as well suited for the task of meticulous track […]
The graveyard of failed startups is littered with concepts that just got lost in translation. At its core, that’s what great front-end design is about: Making an app or website usable, translating its best ideas smoothly to the user. It’s a skill so broad there might be no one book or course that covers it […]