Toggle light / dark theme

The Quantum Era: Accelerating Quantum Computing Roadmap/Resource: Navigating Rapid Technological Progress

Quantum technologies have transitioned from theoretical physics to practical application more swiftly than many expected. Quantum computers represent a paradigm shift in computation. Quantum computing is becoming increasingly feasible, thanks to recent advancements that make it simpler to build and more effective at scaling. Quantum computing, sensing, encryption, and networking are set to provide exponential computational capabilities while concurrently disrupting cybersecurity frameworks.

Quantum computing will empower computers to analyze vast amounts of data and perform calculations at unprecedented speeds. It will only take a few seconds to download libraries.

NetNut proxy network disrupted, 2 million infected devices cut off

A joint operation involving Google has disrupted NetNut, a residential proxy network that gave access to millions of compromised Android devices, including smart TVs and streaming boxes.

Also known as Popa, the NetNut botnet allowed cybercriminals and espionage groups to hide behind legitimate home internet addresses when launching attacks.

According to the Google Threat Intelligence Group (GTIG), the residential proxy botnet is estimated to comprise at least two million compromised devices.

ARToken PhaaS exposes EvilTokens’ Microsoft 365 phishing toolkit

A new phishing-as-a-service (PhaaS) platform dubbed “ARToken” appears to operate as an affiliate of the EvilTokens phishing platform, giving researchers a glimpse into an extensive toolkit designed to compromise Microsoft 365.

Cisco Talos researchers discovered the platform while investigating phishing infrastructure used in an incident response engagement and identified a React-based management panel called “ARToken Panel” that exposed more than 80 API endpoints.

Reverse engineering the client-side JavaScript code revealed previously undocumented capabilities that extend well beyond what you would normally find in a phishing platform.

Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures

The current version moves that screening to the operator’s server, so the exact rules are hidden. Either way, visitors outside Spain or Portugal get a Spanish “access denied” notice instead of malware.

Clear the check, and the download starts. A script downloads an image that looks like a PDF icon but hides a ZIP file inside, a trick called steganography. The script unpacks Ousaban from that ZIP, runs it, then deletes the image, the ZIP, and itself to leave less behind. Once running, Ousaban adds a registry entry named Financeiro (Portuguese for “finance”) so it starts up with Windows.

Ousaban’s command server, the machine that controls it, is deliberately hard to find. It carries a Pastebin link that points to one server address, but Fortinet says that address is a decoy.

New ChocoPoC malware targets researchers via trojanized PoC exploits

Multiple weaponized proof-of-concept (PoC) exploits on GitHub were found delivering a Python-based remote access trojan (RAT) named ChocoPoC that can execute commands and steal sensitive data in a campaign believed to target cybersecurity researchers.

Hiding malware in PoC exploits for various vulnerabilities is not new, as there are examples of threat actors posing as real security researchers and taking advantage of trending vulnerabilities to target vulnerability and penetration testers or low-skilled hackers.

However, ChocoPoC stands out for not embedding the malware directly in the exploit file but for adding malicious Python packages to the PoC’s dependency list.

/* */