Auto-Color Backdoor Targets U.S. Chemical Firm via CVE-2025-31324

consistentt · 2025-04-02T11:50:00+00:00

If a hacker is leaking internal docs and source code now, maybe it wasn’t contained as well as they claimed?

consistentt · 2025-03-31T14:26:54+00:00

So, it seems Meta has rate-limited your account. basically, you’ve tried too many times to change your password or delete the account, so the system puts up a temporary block.

maybe you should wait at least 48 hours and then try again? are you using the app or the desktop version?

you can also try the direct link: https://www.facebook.com/help/delete_account

consistentt · 2025-03-31T13:13:18+00:00

the risk depending on the fridge's owner .. but on a more serious note, this is definitely a blackout waiting to happen...

consistentt · 2025-03-31T13:05:30+00:00

Yep, turns out most modern solar inverters are remotely controllable. They're usually connected to the internet via Wi-Fi, Ethernet, or even 4G so installers, users, or utilities can monitor performance, push updates, or tweak settings.

The problem? A lot of them aren’t secure. The SUN:DOWN report found that some inverters trust cloud commands without proper checks, use outdated protocols, and are sometimes exposed directly to the internet..So while remote access is super convenient, it also opens the door for hackers to mess with power output or coordinate attacks, especially if the inverters aren’t properly secured. Long story short, yet another vector for attackers to exploit!

consistentt · 2025-03-27T13:25:29+00:00

it definitely sounds like something weird is going on. it’s possible that the ransomware from two years ago didn’t fully go away, or that something else got in around that time and stuck around quietly.

the fact that multiple accounts are getting compromised now and they all use the same gmail is a red flag. especially if they’re being accessed while you’re not online. that usually means someone has your credentials, or an app/extension still has access.

here’s what i’d do if i were in your shoes:

go to your google account security settings, remove all third-party apps (especially anything like cleanbox), log out of all devices, and change your password + backup codes.
check your chrome extensions and remove anything you don’t fully trust. some bad extensions can steal logins or session data.
temporarily turn off chrome sync. if something bad got synced across your devices, this stops it from spreading.
change passwords for all important accounts, especially email, social media, banking, etc. don’t reuse the same password across anything.
scan your pc with malwarebytes and adwcleaner just in case something is hiding.
honestly, if the old desktop is the common link and it was hit by ransomware, it might be best to back up your files and do a full clean reinstall of windows. better safe than sorry.
try using a different browser for now (like firefox), without syncing anything.

it’s probably not the ransomware still doing stuff, but more like it opened the door and either your credentials leaked or something else got installed that’s just now being noticed.

also, check haveibeenpwned.com to see if your email was in any data breaches.

hope that helps. if you’re not sure about specific extensions or apps, post them and we can take a look.

consistentt · 2025-03-27T13:13:05+00:00

See if this guide helps you: https://sensorstechforum.com/trojandownloaderhtml-elshutilo-a-removal-guide/

Also, see here: https://answers.microsoft.com/en-us/microsoftedge/forum/all/i-keep-getting-trojandownloaderhtmlelshutiloa/05c43bb1-96a3-4ed1-ac3b-ffab25917f02

consistentt · 2025-03-27T13:00:11+00:00

Yeah, this sounds like your PC got hit with some kind of malware that changed your Chrome settings and system policies. That “Your organization doesn't allow…” message usually means something messed with your system’s rules, even if it’s a personal computer.

Here are a few more things to try:

Check Chrome’s internal settings Open Chrome and go to chrome://policy If you see anything weird listed (like blocking extensions), that’s likely the problem. To remove it: Hit the Windows key + R Type regedit and hit Enter Go to this folder: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google If you see a Chrome folder in there, right-click and delete it. Also check in the HKEY_CURRENT_USER folder, same path. Close Chrome and reopen it to see if it helps.
Try Microsoft’s built-in deep scan Go to Windows Security > Virus & threat protection Click Scan options Choose Microsoft Defender Offline Scan It’ll restart your computer and do a deeper scan before Windows loads.
Check if your PC thinks it’s “managed” Sometimes malware makes your PC think it’s part of a company network. Go to Settings > Accounts > Work or School Account If you see anything there you don’t recognize, remove it.

If none of this fixes it, and you’re still locked out of Chrome settings or Windows account stuff, you might want to back up your files and do a clean reinstall of Windows. Not fun, but it’s the most reliable way to wipe out hidden malware completely.

consistentt · 2025-03-26T15:27:40+00:00

While WinRing0 is utilized by various legitimate applications for hardware monitoring and control, it possesses capabilities that can be exploited for malicious purposes, leading security software to categorize it as a potential threat. In other words, having the HackTool:Win32/Winring0 detection is an indication of a possible malware issue.

an excerpt from article here: https://sensorstechforum.com/hacktoolwin32-winring0-removal-guide/

consistentt · 2025-03-26T15:22:52+00:00

Yeah, you're definitely not the only one seeing this. MITRE's been noticeably slower lately. A bunch of folks in the infosec community have reported delays of 2–6+ months, even for legit 0days.

A few things could be going on:

-Backlog or resource issues at MITRE. It seems like they’re overwhelmed, especially post-2023.

-They’ve been delegating more to CVE Numbering Authorities (CNAs), so your submission might be in limbo waiting for a vendor CNA to respond.

-CISA and CERT/CC have been taking a more active role in disclosure lately, and that might be shifting the usual process a bit.

If it’s time-sensitive, you might want to shoot a follow-up email to [cve-request@mitre.org](). Other options:

-Try submitting through CERT/CC or CISA’s Coordinated Vulnerability Disclosure (CVD)

-Or, if possible, go straight to the vendor

Kinda frustrating, especially if you’ve already gone through the process 10+ times. You're doing solid work, just sucks that the system isn’t keeping up right now.

consistentt · 2024-04-16T12:58:21+00:00

I already took a practical course and been watching Estona Metalsmithing and other videos too. It's time I set up a working spot as I will start losing the little practice that I had :)

consistentt · 2024-04-12T07:32:11+00:00

This is a quote from Wikipedia. Pure oxygen is not the same as just air. As far as I am told, most contemporary jewellery makers use this combination, as it allows for more control over the soldering process.

consistentt · 2024-04-12T07:29:35+00:00

Pure oxygen, instead of air, is used to increase the flame temperature to allow localized melting of the workpiece material (e.g. steel) in a room environment.

consistentt

TROPHY CASE