Facebook by default makes all AI conversations public (???)
Now Facebook timelines are filled with people sharing incredibly sensitive information with Meta AI. This ranges from people discussing health problems, admission to tax fraud, people asking how to find young women, and more
To make things even worse, Meta AI allows audio input.
Now Facebook timelines are filled with people sharing incredibly sensitive information with Meta AI. This ranges from people discussing health problems, admission to tax fraud, people asking how to find young women, and more
To make things even worse, Meta AI allows audio input.
🫡33🤣27😁6❤5🤯5🤝2🔥1
vx-underground
Facebook by default makes all AI conversations public (???) Now Facebook timelines are filled with people sharing incredibly sensitive information with Meta AI. This ranges from people discussing health problems, admission to tax fraud, people asking how…
Correction: Facebook users are saying it does not make the Meta AI conversations public. Instead users are somehow sharing it (???)
Users gonna be users, or something.
Users gonna be users, or something.
🤣49🫡12❤2
It's interesting seeing people make shit up on social media. The first attached image is a lie.
tl;dr real hacker, did real and serious damage, "mr soll" didnt do some weird made up bullshit
"Mr. Soll" a/k/a Mr. Soul is a person operating within the "CyberAv3ngers" group. The CyberAv3ngers are a well-known state sponsored group operating within the IRGC-CEC (Islamic Revolutionary Guard Corps, Cyber-Electronic Command). The CyberAv3ngers have been active for several years.
Historically, the CyberAv3ngers have targeted critical infrastructure within the United States and Israel using a malware dubbed "IOCONTROL". Using IOCONTROL CyberAv3ngers targeted ICS/SCADA devices (Industrial Control System/Supervisory Control And Data Acquisition) as well as other devices such as PLCs (Programmable Logic Controllers).
CyberAv3ngers made a significant amount of "noise" in November, 2023, when one of their operations targeted default credentials on PLC devices across the United States. The compromised device would display "You have been hacked, down with Israel. Every equipment ‘made in Israel’ is CyberAv3ngers legal target." The attack often rendered the PLC inoperable using "Crucio ransomware".
"Mr. Soll" did no such action stated in the first attached image — but "Mr. Soll" and/or the CyberAv3ngers have taken offensive cyber approaches for many years. However, CyberAv3ngers will gladly accept this post and declare it as truth as this aligns with IRGC-CEC misinformation campaigns.
tl;dr real hacker, did real and serious damage, "mr soll" didnt do some weird made up bullshit
"Mr. Soll" a/k/a Mr. Soul is a person operating within the "CyberAv3ngers" group. The CyberAv3ngers are a well-known state sponsored group operating within the IRGC-CEC (Islamic Revolutionary Guard Corps, Cyber-Electronic Command). The CyberAv3ngers have been active for several years.
Historically, the CyberAv3ngers have targeted critical infrastructure within the United States and Israel using a malware dubbed "IOCONTROL". Using IOCONTROL CyberAv3ngers targeted ICS/SCADA devices (Industrial Control System/Supervisory Control And Data Acquisition) as well as other devices such as PLCs (Programmable Logic Controllers).
CyberAv3ngers made a significant amount of "noise" in November, 2023, when one of their operations targeted default credentials on PLC devices across the United States. The compromised device would display "You have been hacked, down with Israel. Every equipment ‘made in Israel’ is CyberAv3ngers legal target." The attack often rendered the PLC inoperable using "Crucio ransomware".
"Mr. Soll" did no such action stated in the first attached image — but "Mr. Soll" and/or the CyberAv3ngers have taken offensive cyber approaches for many years. However, CyberAv3ngers will gladly accept this post and declare it as truth as this aligns with IRGC-CEC misinformation campaigns.
❤26🤣15👍6😁3😢1
vx-underground
It's interesting seeing people make shit up on social media. The first attached image is a lie. tl;dr real hacker, did real and serious damage, "mr soll" didnt do some weird made up bullshit "Mr. Soll" a/k/a Mr. Soul is a person operating within the "CyberAv3ngers"…
Furthermore, it is probably worth reminding people that the IRGC-CEC successfully compromised Donald J. Trump's political campaign in 2024.
3 individuals operating under the monikers "Jalili", "Aghamiri", and "Balaghi" successfully compromised aides to the current President of the United States via social engineering.
The United States government issued an official indictment for the individuals believed to be responsible for the compromise.
More information: https://www.documentcloud.org/documents/25177046-24-cr-439-indictment
3 individuals operating under the monikers "Jalili", "Aghamiri", and "Balaghi" successfully compromised aides to the current President of the United States via social engineering.
The United States government issued an official indictment for the individuals believed to be responsible for the compromise.
More information: https://www.documentcloud.org/documents/25177046-24-cr-439-indictment
www.documentcloud.org
24-cr-439 Indictment
👍14❤1😢1
hOw iS maLwARe wRiTteN
I unironically see this question posed by people who can program.
In its simplest form malware is just like any other program written except it has task automation present. Anything after the task automation segment is an auxiliary component and designed to avoid detection.
For example, if we discuss information stealer malware (which is rampant online), it can broken down into a few different "steps".
Step 1. "Land" on the machine. Your first step is getting the program on the machine and getting the user to run the program. More often than not, this is the most difficult part for malware. The most common method is file masquerading — in other words, "ImportantFile.pdf.exe".
To make this file masquerading "Step" more believable to the target, you simply change the files default icon to be that of a PDF file. This is extremely common in programming in general, I'm sure many of you have tried to customize your program.
2. Enumerate files on the machine. This is extremely easy to do and I'm sure any programmer can do this. Most files will be stored in the Documents directory. You use Windows GetEnvironmentVariableW function (or some variant of it) to get the user document directory. Then all you do is iterate through each file in that folder.
3. Examine each file discovered in the directory and/or follow sub-directories. Each file you encounter you should examine the file by determining its file extension. If the file extension is something which may possess something valuable (e.g. .PDF, .TXT, .PNG, .DOCX), then appropriate action should be taken and the next "Step" should be triggered.
4. Data exfiltrating — any file deemed potentially valuable should be uploaded to a remote host you own. You can use any method you want and any host you want. Some malware uses Discord, some use FTPs, some use their own custom infrastructure. If you've ever written code that sends a document somewhere then you can do this.
5. Self-terminate. Your malware has done its job.
Anything else beyond those 5 key "Steps" is used to avoid detection. Additionally, malware developers will spend a great deal of time trying to find unique ways to enumerate files, identify files, or send files to remote hosts. The more unusual you can make your malware the better. Of course more "Steps" may be introduced to steal cookies, cached passwords, etc. Other "Steps" may be to identify where the malware is running (e.g. country, what version of Windows, etc).
Thanks for coming to my Ted Talk
I unironically see this question posed by people who can program.
In its simplest form malware is just like any other program written except it has task automation present. Anything after the task automation segment is an auxiliary component and designed to avoid detection.
For example, if we discuss information stealer malware (which is rampant online), it can broken down into a few different "steps".
Step 1. "Land" on the machine. Your first step is getting the program on the machine and getting the user to run the program. More often than not, this is the most difficult part for malware. The most common method is file masquerading — in other words, "ImportantFile.pdf.exe".
To make this file masquerading "Step" more believable to the target, you simply change the files default icon to be that of a PDF file. This is extremely common in programming in general, I'm sure many of you have tried to customize your program.
2. Enumerate files on the machine. This is extremely easy to do and I'm sure any programmer can do this. Most files will be stored in the Documents directory. You use Windows GetEnvironmentVariableW function (or some variant of it) to get the user document directory. Then all you do is iterate through each file in that folder.
3. Examine each file discovered in the directory and/or follow sub-directories. Each file you encounter you should examine the file by determining its file extension. If the file extension is something which may possess something valuable (e.g. .PDF, .TXT, .PNG, .DOCX), then appropriate action should be taken and the next "Step" should be triggered.
4. Data exfiltrating — any file deemed potentially valuable should be uploaded to a remote host you own. You can use any method you want and any host you want. Some malware uses Discord, some use FTPs, some use their own custom infrastructure. If you've ever written code that sends a document somewhere then you can do this.
5. Self-terminate. Your malware has done its job.
Anything else beyond those 5 key "Steps" is used to avoid detection. Additionally, malware developers will spend a great deal of time trying to find unique ways to enumerate files, identify files, or send files to remote hosts. The more unusual you can make your malware the better. Of course more "Steps" may be introduced to steal cookies, cached passwords, etc. Other "Steps" may be to identify where the malware is running (e.g. country, what version of Windows, etc).
Thanks for coming to my Ted Talk
🤓59❤22👏8👍4😱2❤🔥1😢1😇1
Good morning, afternoon, or evening.
The boys are making some backend infrastructure changes. We'll be moving some data and stuff. Once this is completed we will begin doing updates.
I have probably 400+ papers in queue. Lots of cool stuff.
Malware is cool
The boys are making some backend infrastructure changes. We'll be moving some data and stuff. Once this is completed we will begin doing updates.
I have probably 400+ papers in queue. Lots of cool stuff.
Malware is cool
👍35🎉16❤🔥7🫡6🔥1😢1💯1
I was thicc boi at 280lbs (127kg). Happy to share I've dropped down to 230lbs (104kg).
My goal is 180lbs (81kg).
50lbs (23kg) weight loss in 8 months
My goal is 180lbs (81kg).
50lbs (23kg) weight loss in 8 months
❤🔥111🔥43👏27🤯10🎉10🫡5👍3❤1😢1🤣1
vx-underground
I was thicc boi at 280lbs (127kg). Happy to share I've dropped down to 230lbs (104kg). My goal is 180lbs (81kg). 50lbs (23kg) weight loss in 8 months
Never cared I was getting thicc. Decided to lose weight so my son didn't see fat stinky Dad on computer being yucky.
Now he just sees stinky Dad being yucky
Now he just sees stinky Dad being yucky
❤97🤓19👍4👏2❤🔥1😁1😢1
Idea: CAPTCHA-ware.
Every time the user clicks with the mouse (left / right click) a CAPTCHA takes focus and covers the screen. They must solve the CAPTCHA to continue
Users must either:
1. Learn to navigate using only the keyboard
2. Upload cat pictures to a website
Every time the user clicks with the mouse (left / right click) a CAPTCHA takes focus and covers the screen. They must solve the CAPTCHA to continue
Users must either:
1. Learn to navigate using only the keyboard
2. Upload cat pictures to a website
❤40🤣16😢2😁1💯1