📬 Rilide-Malware befällt Chromium-Browser und stiehlt Krypto-Coins
#Krypto #Malware #2FA #AuroraStealer #Brave #Chromium #EkipaRAT #GoogleAds #googlechrome #GoogleDrive #KryptoWallet #Kryptowährungen #MaaS #MicrosoftEdge #Opera #Rilide #Trustwave #Vivaldi https://tarnkappe.info/artikel/krypto/rilide-malware-befaellt-chromium-browser-und-stiehlt-krypto-coins-272435.html

Which was worse? Day after day waiting to learn the fate of those who were on the Russian submarine Kursk back in 2000? Or waiting to see what becomes of #Trustwave once Singtel finally announces that it is going to do something - anything - with it?

```
For the digital processing of value-added tax (VAT) returns, the Chinese government has implemented the Golden Tax the Chinese government has implemented the Golden Tax program. Companies operating in China are required to use the #GoldenTax software to file their VAT returns. However, the Golden Tax software is not directly distributed by the distributed by the government, but by two companies, Baiwang and Aisino, which integrate it into their products. It seems that
that the selection of either of these vendors is decided by the companies' Chinese banks.

On June 25, 2020, Singaporean cybersecurity firm #Trustwave published a report [3] revealing that the installation of Chinese VAT management software Aisino Intelligent Tax led to the deployment of what amounts to a backdoor, dubbed "#GoldenSpy" by the vendor. Two hours after the installation of the VAT management software, codes are downloaded and then silently executed. They have persistence mechanisms, communicate at a random frequency with a remote server and allow the execution of arbitrary codes with system administrator privileges without user interaction.
```
https://www.cert.ssi.gouv.fr/uploads/CERTFR-2022-CTI-006.pdf #anssi #InfoSec

```
For the digital processing of value-added tax (VAT) returns, the Chinese government has implemented the Golden Tax program. Companies operating in China are required to use the #GoldenTax software to file their VAT returns. However, the Golden Tax software is not directly distributed by the distributed by the government, but by two companies, Baiwang and Aisino, which integrate it into their products. It seems that
that the selection of either of these vendors is decided by the companies' Chinese banks.

On June 25, 2020, Singaporean cybersecurity firm #Trustwave published a report [3] revealing that the installation of Chinese VAT management software Aisino Intelligent Tax led to the deployment of what amounts to a backdoor, dubbed "#GoldenSpy" by the vendor. Two hours after the installation of the VAT management software, codes are downloaded and then silently executed. They have persistence mechanisms, communicate at a random frequency with a remote server and allow the execution of arbitrary codes with system administrator privileges without user interaction.
```
https://www.cert.ssi.gouv.fr/uploads/CERTFR-2022-CTI-006.pdf #anssi #InfoSec

Android Messenger App Still Leaking Photos, Videos - The GO SMS Pro app has been downloaded 100 million times; now, underground forums are actively sha... https://threatpost.com/android-messenger-app-leaking-photos-videos/161741/ #sensitiveinformation #androidmessengerapp #undergroundforums #vulnerabilities #mobilesecurity #vulnerability #messengerapp #securitybug #newversion #trustwave #gosmspro #privacy #exploit

Bugs in Critical Infrastructure Gear Allow Sophisticated Cyberattacks - Security problems in Schneider Electric programmable logic controllers allow compromise of the har... https://threatpost.com/bugs-critical-infrastructure-gear-attacks/161164/ #criticalinfrastructureattacks #programmablelogiccontrollers #ecostruxuremachineexpert #securityvulnerabilities #criticalinfrastructure #operationaltechnology #schneiderelectric #vulnerabilities #securitybypass #trustwave #utilities #firmware #ot

Microsoft Teams Patch Bypass Allows RCE - An attacker can hide amidst legitimate traffic in the application's update function. https://threatpost.com/microsoft-teams-patch-bypass-rce/158043/ #securityvulnerability #remotecodeexecution #vulnerabilities #remotefileshare #microsoftteams #updatefunction #cloudsecurity #websecurity #patchbypass #trustwave #samba #smb

ASUS Home Router Bugs Open Consumers to Snooping Attacks - The two flaws allow man-in-the-middle attacks that would give an attacker access to all data flowi... more: https://threatpost.com/asus-home-router-bugs-snooping-attacks/157682/ #securityvulnerability #vulnerabilities #totalcompromise #cve-2020-15498 #cve-2020-15499 #firmwareupdate #maninthemiddle #websecurity #homerouter #rt-ac1900p #trustwave #patch #asus #mitm #iot #bug

Crooks Tap Google Firebase in Fresh Phishing Tactic - Cybercriminals are taking advantage of the Google name and the cloud to convince victims into hand... more: https://threatpost.com/crooks-tap-google-firebase-in-fresh-phishing-tactic/155967/ #credentialharvesting #phishingcampaign #googlefirebase #cloudsecurity #websecurity #office365 #trustwave #cloud #email

Hackers Update Age-Old Excel 4.0 Macro Attack - XLS files sent via emails appear password protected but aren’t, opening automatically to install m... more: https://threatpost.com/hackers-update-age-old-excel-4-0-macro-attack/154898/ #microsoftoffice #velvetsweatshop #maliciousfiles #microsoftexcel #bankingtrojan #emailattacks #coronavirus #trustwave #covid-19 #malware #macros #hacks #excel #gozi #xls