Tea

Following the arrest of Telegram founder Pavel Durov in France last summer, some positive changes were reported. The criminal probe is not centered on piracy, but Telegram appeared more responsive. Some reported that the speed at which takedown requests were processed, went from more than 24 hours to less than 20 minutes, for example.

In addition, Telegram updated its terms of service and privacy policy to clarify that, going forward, personal details of alleged infringers, including their IP addresses, would be handed over in response to valid legal requests.

This stricter policy was evident to outsiders as well. Telegram removed accounts of piracy associated websites and services, after initially leaving these untouched for years. That included the official Z-Library channel, which had more than half a million subscribers at its peak.

Although Z-Library’s communication channel didn’t directly link to pirated books, it served as a key information hub, providing updates on new features and access methods. That was enough to warrant a permanent suspension last month.

The Telegram ban was a setback for Z-Library, but the shadow library wasted no time creating a new account and regaining tens of thousands of subscribers. Progress ground to a halt last weekend when the ‘new’ @zlibrary_news account was also suspended for copyright infringement.

“The channel is unavailable due to copyright infringement,” Telegram reports.

In addition to the main communication channel, one of the most used Z-Library download bots on Telegram was also taken offline. The @1lib account had more than 20,000 monthly users, who presumably used it as a handy tool to download books for free.

According to a Z-Library representative posting on X, Telegram took action in response to complaints from a major publisher. Many other ‘personal’ bots are unaffected and remain online for the time being.

Between early November and December 2024, Palo Alto Networks researchers discovered new Linux malware called Auto-color. We chose this name based on the file name the initial payload renames itself after installation.

The malware employs several methods to avoid detection, such as:

• Using benign-looking file names for operating
• Hiding remote command and control (C2) connections using an advanced technique similar to the one used by the Symbiote malware family
• Deploying proprietary encryption algorithms to hide communication and configuration information

Once installed, Auto-color allows threat actors full remote access to compromised machines, making it very difficult to remove without specialized software.

This article will cover aspects of this new Linux malware, including installation, obfuscation and evasion features. We will also discuss its capabilities and indicators of compromise (IoCs), to help others identify this threat on their systems too.

• There are many risks associated with selling items on online marketplaces that individuals and organizations should be aware of when conducting business on these platforms.
• Many of the general recommendations related to the use of these platforms are tailored towards purchasing items; however, there are several threats to those selling items as well.
• Recent phishing campaigns targeting sellers on these marketplaces have leveraged the platforms’ direct messaging feature(s) to attempt to steal credit card details for sellers’ payout accounts.
• Shipment detail changes, pressure to conduct off-platform transactions, and attempted use of “friends and family” payment options are commonly encountered scam techniques, all of which seek to remove the seller protections usually afforded by these platforms.
• There are several steps that sellers can take to help protect themselves and their data from these threats. Being mindful of the common scams and threats targeting sellers can help sellers identify when they may be being targeted by malicious buyers while it is occurring so that they can take defensive actions to protect themselves.

This is pretty interesting:

The results highlight significant differences in browser security: while Google Chrome and Samsung Internet exhibited lower threat indices, Mozilla Firefox demonstrated consistently higher scores, indicating greater exposure to risks. These observations a slightly contradict widespread opinion.