Tea

The Federal Regional Court of the 1st Region (TRF-1) has overturned a trial ruling and reinstated an injunction imposed by the Administrative Council for Economic Defense (Cade) on Apple, as part of an investigation into alleged abuse of dominant position in the app distribution market for iOS devices. According to the ruling, the company will have 90 days to implement the changes mandated by the antitrust authority.

Open directories often expose more than just files--they provide a window into how malicious campaigns operate. In this case, we identified a threat actor impersonating the Electronic Frontier Foundation (EFF) to target the online gaming community. The exposed directory contained decoy documents alongside the malware used in this operation: Steal and Pyramid C2.

Further analysis linked 11 additional servers to the campaign through shared SSH keys, indicating a broad network footprint. Code comments found within malicious Python and PowerShell scripts suggest the work of a Russian-speaking developer. The tactics and malware observed align with financially motivated cybercrime activity. Hunt had already identified both C2 servers weeks earlier as part of routine scanning, but the open directory provided the link between the malware and this operation.

This post examines the role of the decoy documents and phishing attempts in the activity and explores how code analysis revealed additional infrastructure.

In early December 2024, Microsoft Threat Intelligence detected a large-scale malvertising campaign that impacted nearly one million devices globally in an opportunistic attack to steal information. The attack originated from illegal streaming websites embedded with malvertising redirectors, leading to an intermediary website where the user was then redirected to GitHub and two other platforms. The campaign impacted a wide range of organizations and industries, including both consumer and enterprise devices, highlighting the indiscriminate nature of the attack.

We're adding new tools to help everyone, from new users to experienced redditors, join conversations and share in communities.

• Post check: Before a user posts, they can now check if their content may be in conflict with a community's rules.
• Post Recovery: If a post is removed due to community rules, a prompt will appear that provides an easy way to repost the content to an alternative subreddit.
• Clear Community Info: We'll now show users a community's posting requirements (like account age or Karma) before they post.
• Community Suggestions: When creating a post, we'll suggest relevant communities based on the content.
• Post Insights: Redditors can now see how well their posts are doing, including views, upvotes, shares, and more.

We're adding new tools to help everyone, from new users to experienced redditors, join conversations and share in communities.

• Post check: Before a user posts, they can now check if their content may be in conflict with a community's rules.
• Post Recovery: If a post is removed due to community rules, a prompt will appear that provides an easy way to repost the content to an alternative subreddit.
• Clear Community Info: We'll now show users a community's posting requirements (like account age or Karma) before they post.
• Community Suggestions: When creating a post, we'll suggest relevant communities based on the content.
• Post Insights: Redditors can now see how well their posts are doing, including views, upvotes, shares, and more.

The Israeli army is developing an AI language model using millions of intercepted conversations between Palestinians, which could accelerate the process of incrimination and arrest, a joint investigation reveals.