Негізгі мазмұнға өту

↘ OpenBLD ADA & RIC differences

· 1 мин. оқу
Yevgeniy Goncharov
Maintainer of OpenBLD.net

What's the Difference Between Ada and Ric OpenBLD.net?

  • 🌟 Ada - Adaptive DNS: Harmoniously filters malicious content and ensures seamless internet connectivity whenever possible
  • 🚫 Ric - Strict DNS: Blocks many marketing and tracking resources, which may affect access to certain internet content

I recommend Ada for most OpenBLD.net DNS users. Get-Started.

OpenBLD ADA & RIC differences

Curious to learn more? Dive into the details here Take care of yourself. Peace out! ✌️

↘ OpenBLD H1 2023 Updates & News

· 1 мин. оқу
Yevgeniy Goncharov
Maintainer of OpenBLD.net

What new we have in OpenBLD.net today:

  • New optimized DNS Fronted / Backend engines
  • Updated Geo Localized ecosystem
  • New integrated centralize Cactusd service
  • Optimized works with free video services (rezka, seasonwar), social networks and etc.
  • Integrated new Free SSL feature from ClouDNS
  • Testing Netdata (ML) Powered Anomaly Detection 🔩

What will updated:

  • ⚠️⚠️ On this month bld.sys-adm.in will be converted to ada.openbld.net and them was deprecated.
  • ⚠️ ⚙️ Re-setup your browsers, devices and etc from *.sys-adm.in to ada.openbld.net. Get Started

Be yourself - be focused with OpenBLD.net 😎✌️

↘ Truebot Activity Increased

· 1 мин. оқу
Yevgeniy Goncharov
Maintainer of OpenBLD.net

According to CISA newly identified Truebot malware variants against organizations in the United States and Canada.

The authoring organizations recommend hunting for the malicious activity using the guidance outlined in this CSA...

See more details on CISA

↘ Prevent Malicious WinSCP

· 1 мин. оқу
Yevgeniy Goncharov
Maintainer of OpenBLD.net

Advertising platforms like Google Ads enable businesses to display advertisements to target audiences to boost traffic and increase sales. Malware distributors abuse the same functionality in a technique known as malvertising, where chosen keywords are hijacked to display malicious ads that lure unsuspecting search engine users into downloading certain types of malware.

The following chart represents how the infection starts:

Infection chain

The infection starts once the user searches for “WinSCP Download” on the Bing search engine. A malicious ad for the WinSCP application is displayed above the organic search results. The ad leads to a suspicious website containing a tutorial on how to use WinSCP for automating file transfer:

Donwload WinSCP

See more details on Trendmicro blog

↘ Prevent ThirdEye Infostealer

· 1 мин. оқу
Yevgeniy Goncharov
Maintainer of OpenBLD.net

FortiGuard Labs recently came across files that look suspicious, even during a cursory review. Our subsequent investigation confirmed that the files are malicious and revealed there is more to them than meets the eye: they are a previously unseen infostealer we have named “ThirdEye”. While this malware is not considered sophisticated, it’s designed to steal various information from compromised machines that can be used as stepping-stones for future attacks.

Prevent ThirdEye Infostealer

The ThirdEye infostealer has relatively simple functionality. It harvests various system information from compromised machines, such as BIOS and hardware data. It also enumerates files and folders, running processes, and network information. Once the malware is executed, it gathers all this data and sends it to its command-and-control (C2) server hosted at (hxxp://shlalala[.]ru/general/ch3ckState). And unlike most other malware, it does nothing else.

One interesting string unique to the ThirdEye infostealer family (from which we derived its name) is "3rd_eye", which it decrypts and uses with another hash value to identify itself to the C2.

See more details on FortiGuard Labs