fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

8.7K
active users

#Passwords

26 posts19 participants1 post today

This dumb password rule is from Trenord.

- Password must consist of 8-16 characters
- Must contain 3 out of 4 of the following: lowercase characters, uppercase character, digits (0-9), and one or more of the following symbols: @#$%^&*-_+=[]{}|\:',?/`~“();.

dumbpasswordrules.com/sites/tr

dumbpasswordrules.comTrenord - Dumb Password Rules- Password must consist of 8-16 characters - Must contain 3 out of 4 of the following: lowercase characters, uppercase character, digits (0-9), and one or more of the following symbols: @#$%^&*-_+=[]{}|\:',?/`~“();.

Ghost in the Zip | New PXA Stealer and Its Telegram-Powered Ecosystem

SentinelLABS and Beazley Security uncovered a series of infostealer campaigns delivering the Python-based PXA Stealer. The malware, which first appeared in late 2024, has evolved to incorporate sophisticated anti-analysis techniques and a hardened command-and-control infrastructure. Over 4,000 unique victim IP addresses from 62 countries were identified, with South Korea, the United States, and the Netherlands being the most targeted. The stolen data includes passwords, credit card records, and browser cookies. The threat actors, linked to Vietnamese-speaking cybercriminal circles, monetize the stolen data through a subscription-based underground ecosystem that automates resale via Telegram's API. The campaign showcases the growing trend of weaponizing legitimate infrastructure for large-scale information theft and monetization.

Pulse ID: 6890dc25c21f8e90f5941c10
Pulse Link: otx.alienvault.com/pulse/6890d
Pulse Author: AlienVault
Created: 2025-08-04 16:13:25

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

Engadget: Dropbox is pulling the plug on its password manager. “Dropbox is saying goodbye to its password manager after five years of service. This leaves current customers in a lurch, as the company has also announced that users only have a few months to extract all of their data.”

https://rbfirehose.com/2025/08/04/engadget-dropbox-is-pulling-the-plug-on-its-password-manager/

ResearchBuzz: Firehose | Individual posts from ResearchBuzz · Engadget: Dropbox is pulling the plug on its password manager | ResearchBuzz: Firehose
More from ResearchBuzz: Firehose

RAVEN STEALER UNMASKED: Telegram-Based Data Exfiltration

Raven Stealer is a modern information-stealing malware developed in Delphi and C++, designed to extract sensitive data from victim machines. It targets Chromium-based browsers, extracting passwords, cookies, payment details, and autofill information. The malware uses a modular architecture and a built-in resource editor, allowing attackers to embed configuration details directly into the compiled payload. Raven Stealer is packed using UPX, reducing its size and improving evasion against static detection. It executes in a hidden state, leaving no visible traces during runtime. The malware is actively distributed through GitHub repositories and promoted via a Telegram channel, which functions as both a development log and distribution platform. Raven Stealer's use of Telegram for C2-like behavior, paired with a clean user interface and dynamic module support, positions it as a commercially attractive tool within the commodity malware ecosystem.

Pulse ID: 688ca9833437e813c8c6f379
Pulse Link: otx.alienvault.com/pulse/688ca
Pulse Author: AlienVault
Created: 2025-08-01 11:48:19

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

MaaS Appeal: An Infostealer Rises From The Ashes

NOVABLIGHT is a NodeJS-based Malware-as-a-Service (MaaS) information stealer developed by a French-speaking threat group. It's sold as an educational tool but used for credential theft and cryptowallet compromise. The malware features heavy obfuscation, multiple anti-analysis techniques, and various data exfiltration methods. It can disable Windows Defender, sabotage system recovery, and inject malicious code into popular Electron-based applications. NOVABLIGHT employs comprehensive system enumeration, captures screenshots and webcam footage, and steals passwords from various sources. The threat actors use Telegram and Discord for sales and support, with licenses valid for up to a year.

Pulse ID: 688bcc2443b220b3ccb77c5c
Pulse Link: otx.alienvault.com/pulse/688bc
Pulse Author: AlienVault
Created: 2025-07-31 20:03:48

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.