101010.pl is one of the many independent Mastodon servers you can use to participate in the fediverse.
101010.pl czyli najstarszy polski serwer Mastodon. Posiadamy wpisy do 2048 znaków.

Server stats:

488
active users

#eset

1 post1 participant0 posts today

#ClickFix went from virtually non-existent to the second most common attack vector blocked by #ESET, surpassed only by #phishing. This novel social engineering technique accounted for nearly 8% of all detections in H1 2025. #ESETresearch
ClickFix lures users by displaying bogus error messages followed by quick fix instructions, including copy-pasting malicious code. Running the code in the victim’s command line interpreter delivers malware such as #RATs, infostealers, and cryptominers.
Between H2 2024 and H1 2025, ESET’s detection for ClickFix, HTML/FakeCaptcha, skyrocketed by 517%. Most detections in ESET telemetry were reported from Japan (23%), Peru (6%), and Poland, Spain, and Slovakia (>5% each).
What makes #ClickFix so effective? The fake error message looks convincing; instructions are simple, yet the copied command is too technical for most users to understand. Pasting it into cmd leads to compromise with final payloads, including #DarkGate or #LummaStealer.
While #ClickFix was introduced by cybercriminals, it’s since been adopted by APT groups: Kimsuky, Lazarus; Callisto, Sednit; MuddyWater; APT36. NK-aligned actors used it to target developers, steal crypto and passwords from Metamask and #macOS Keychain.
#ClickFix uses psychological manipulation by presenting fake issues and offering quick solutions, which makes it dangerously efficient. It appears in many forms – error popups, email attachments, fake reCAPTCHAs – highlighting the need for greater vigilance online.
Read more in the #ESETThreatReport:
🔗 welivesecurity.com/en/eset-res

In May 2025, #ESET participated in operations that largely disrupted the infrastructure of two notorious infostealers: #LummaStealer and #Danabot.
As part of the Lumma Stealer disruption effort, carried out in conjunction with Microsoft, BitSight, Lumen, Cloudflare, CleanDNS, and GMO Registry, ESET supplied technical analysis and statistical information.
Danabot was targeted by the #FBI and #DCIS, alongside #OperationEndgame led by #Europol and #Eurojust. ESET participated together with several other companies. We provided the analysis of the malware’s backend infrastructure and identified its C&C servers.
Before these takedowns, both infostealers were on the rise: in H1 2025, Lumma Stealer detections grew by 21%, while Danabot’s numbers increased by more than 50%.
For a time, Lumma Stealer was the primary payload of HTML/FakeCaptcha trojan, used in the #ClickFix social engineering attacks that we also cover in this issue of the #ESETThreatReport. In recent months, we have seen Danabot being delivered via ClickFix as well.
For more details on these two operations and on the ClickFix attacks, read the latest #ESETThreatReport: welivesecurity.com/en/eset-res

After years of dominance in #ESET’s top #infostealer statistics, the era of #AgentTesla has come to an end. It finished H1 2025 in fourth place, its numbers having decreased by 57%. The reason? It is no longer under active development.
The threat actors behind Agent Tesla have reportedly lost access to the servers with the malware’s source code. A successor appeared almost immediately – another #MaaS threat, known as #SnakeStealer or #SnakeKeylogger, has claimed the number one spot.
Recommended as a suitable replacement directly in Agent Tesla’s Telegram channel, SnakeStealer now takes up almost a fifth of all infostealer detections registered by ESET telemetry. Between H2 2024 and H1 2025, its detections more than doubled.
If you want to find out more information about this changing of the guard in the infostealer threat landscape, head on over to #ESETThreatReport: welivesecurity.com/en/eset-res

Zazwyczaj donoszę Wam (oczywiście uprzejmie) o wyciekach, kradzieżach, szpiegostwie i innych bezpiecznikowych katastrofach. Ale dziś? Mamy dwie gigantyczne wygrane w wojnie z cyberprzestępcami - i to z polskim akcentem! 🦫

W nowym odcinku opowiadam o spektakularnym rozbiciu LummaStealera i ciosie wymierzonym w Danabota - dwóch złośliwych bestiach, które przez lata truły życie firmom i zwykłym użytkownikom na całym świecie. Jak działały? Jak je rozpracowano? Jakie miało to konsekwencje?

I co najważniejsze - jak w ogóle wygląda "fraud-as-a-service" od kuchni, łącznie z cenami, dokumentacją i obsługą klienta 24/7?

Odcinek przygotowany przy współpracy z ESET i DAGMA Bezpieczeństwo IT🦾

Zapraszam 👇
youtu.be/fcTdhBq4U88

youtu.be- YouTubeEnjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

Backupy trzeba robić dobrze. Bo inaczej będzie źle.

Przed skutkami ransomware mają nas chronić kopie zapasowe, ale te nie zawsze są aktualne i bywają… celem ataków ransomware. Najlepiej byłoby zrobić bezpieczne kopie na chwilę przed atakiem i cóż… w pewnym sensie jest to możliwe.

W Polsce niebawem przybędzie firm, które wejdą do tzw. krajowego systemu cyberbezpieczeństwa. Stanie się tak za sprawą nowelizacji Ustawy o Krajowym Systemie Cyberbezpieczeństwa, która zaimplementuje unijną dyrektywę NIS2. Te akty prawne sprawią, że dla wielu firm analiza ryzyka i proaktywne podejście do bezpieczeństwa nie będą już tylko opcją. Będą obowiązkowe, a ich zaniedbanie będzie wiązać się z karami. Jednak nawet dla mniejszych podmiotów, które pozostaną poza tym systemem, cyberbezpieczeństwo będzie niezwykle istotne. Choćby dlatego, że w przypadku tych mniejszych podmiotów jeden atak może dosłownie zaorać firmę. Zwłaszcza atak jednego, konkretnego rodzaju.
Ransomware na szczycie listy ryzyk
Minęło już sporo czasu od wielkich i głośnych ataków ransomware’u takich jak Petya czy WannaCry, które były widoczne w skali całego świata. Z tego powodu niektórzy błędnie sądzą, że ransomware to stary problem. Niestety od tego czasu znacznie zwiększyła się liczba rodzin oprogramowania ransomware. Pojawiło się więcej grup przestępczych działających w ramach bardziej rozproszonego modelu RaaS. Oznacza to, że jedna grupa przestępcza ma dziesiątki lub setki podwykonawców dokonujących ataków w zamian za prowizję. Można powiedzieć, że rynek ransomware’u bardzo się zoptymalizował pod kątem wydajności.
Niedawny atak na EuroCert, instytucję generalnie ważną dla bezpieczeństwa, był efektem ransomware’u. Stosunkowo niewiele czasu minęło od pierwszego ataku ransomware’u na [...]

#ARTYKUŁSPONSOROWANY #DagmaBezpieczeństwoIT #ESET #ESETRansomwareRemediation #RR

niebezpiecznik.pl/post/backupy

NieBezpiecznik.plBackupy trzeba robić dobrze. Bo inaczej będzie źle.

The #FBI and #DCIS disrupted #Danabot. #ESET was one of several companies that cooperated in this effort. welivesecurity.com/en/eset-res
#ESETresearch has been involved in this operation since 2018. Our contribution included providing technical analyses of the malware and its backend infrastructure, as well as identifying Danabot’s C&C servers. Danabot is a #MaaS #infostealer that has also been seen pushing additional malware – even #ransomware, such as #LockBit, #Buran, and #Crisis – to compromised systems.
We have analyzed Danabot campaigns all around the world and found a substantial number of distinct samples of the malware, as well as identified more than 1,000 C&Cs.
This infostealer is frequently promoted on underground forums. The affiliates are offered an administration panel application, a backconnect tool for real-time control of bots, and a proxy server application that relays the communication between the bots and the C&C server.
IoCs are available in our GitHub repo. You can expect updates with more details in the coming days. github.com/eset/malware-ioc/tr

#ESETresearch, in collaboration with #Microsoft, BitSight, Lumen, Cloudflare, CleanDNS, and GMO Registry, has helped disrupt #LummaStealer – a notorious malware-as-a-service infostealer. welivesecurity.com/en/eset-res
This disruption operation targeted Lumma Stealer’s C&C infrastructure, rendering much of the exfiltration network inoperative. ESET processed tens of thousands of Lumma samples to extract C&C servers and affiliate IDs. Infostealers are often precursors to major cyberattacks.
Between June 2024 and May 2025, ESET tracked 3,353 unique Lumma Stealer C&C domains, which is an average of around 74 new domains per week. The malware evolved constantly, with updates to encryption, protocols, and Steam-profile- and Telegram-based dead-drop resolvers.
#Microsoft’s Digital Crimes Unit, with the help of ESET and other partners, seized Lumma Stealer’s infrastructure and control panel. #ESET continues monitoring for possible resurgence.
IoCs available on our GitHub: github.com/eset/malware-ioc/tr

Join #ESETresearch and our very own @matthieu_faou during #Northsec conference in Montreal for “Weaponizing XSS: Cyberespionage tactics in webmail exploitation” talk. Learn how XSS vulnerabilities let attackers inject malicious scripts into webmails.
#ESET team spent 2 years studying these vulnerabilities in webmail portals, finding zero-day flaws in Roundcube & MDaemon. Discover how Russia-aligned Sednit, GreenCube, and Belarus-aligned Winter Vivern exploited XSS flaws in Roundcube, Zimbra,MDaemon & Horde to steal emails from high-value targets.
Don't miss the presentation on May 15 at 13:45 Montreal time. #CyberSecurity #Infosec nsec.io/session/2025-weaponizi

Replied in thread

@prealpinux @linux Ad essere precisi, #ESET consiglia l'installazione di una distribuzione #Linux come una "buona opzione" tout court, aggiungendo poi "soprattutto per l’hardware più vecchio". Dall'articolo di PI, invece, sembra che l'opzione Linux sia suggerita *solo* in relazione all'hardware datato (una sorta di soluzione di ultima istanza). #softwarelibero #opensource

eset.com/de/about/presse/press

www.eset.comSecurity-Fiasko? 32 Millionen Computer in Deutschland laufen noch mit Windows 10 | ESET