Pretty much yes, unfortunately. Because the process calling your target process is obviously created before, you’d need to proactively log all executions. :/

Sorry, I mistakenly believed that auditctl records the process tree on event generation automatically, but that’s not the case. You’ll need to add a rule that records execve events.

As far as I am aware, auditctl records the whole process tree of an event. You can use ausearch with --pid <pid> or --ppid <pid> to work yourself all the way up the process tree.

The German Nutrition Society (DGE) has shifted to a circle instead of a pyramid:

The portions of the circle refer to volume and not calories. In my opinion this design is superior to pyramids in general because all parts are equally important for a balanced diet, with hydration in the middle.

SponsorBlock exists :)

Is it just me?

PSA: The Syncthing fork repo has very recently been taken by a new maintainer without notice from the old one. However, the new maintainer seems to be in possession of the old PGP keys, which has made a lot of community members cautious/suspicious.

Related forum thread in the Syncthing forums

Or if you dislike all kinds of ads like me, you may also like the NewPipe fork Tubular, which provides SponsorBlock integration.

pysch

psych

Probably it was only added so they could pull this “sike, air in the middle” stunt

TLDR: I can’t say for 100% sure, but there are multiple reasons to believe that this is malware.

Long version: I’m seeing multiple suspicious things here.

• The IPs being connected to are part of some hoster and have some abuse reports: https://www.abuseipdb.com/check-block/217.20.58.98/29

• The domain being resolved is qcloud[.]com, which belongs to Tencent Cloud and definitely not Microsoft.

• Other domains in memory like counter-strike[.]com[.]ua are very new and definitely sound fishy.

• A standalone version of 7zip is being run and extracts the created rar file with the password “infected”. Real alarm bells here.

• A lot of the registry actions look like anti-debugging, which does not sound like something an Illustrator Plugin would do.

Sure thing, the reasons that are most important for me personally are better multi-attach, easier splitting and resize, better plugin ecosystem and it being more modern and actively maintained in general.

I much prefer tmux over screen.

Not only do I not mind you yoinking the text, I want to thank you for your contribution to the cause. If everyone who has signed could get one more person to sign, the initiative would succeed!

FRËËDÖM

Ouch owie my bones

Take a look into borg backup.

Seven countries need to reach the threshold and 1.000.000 signatures are required in total. The seven countries goal has already been reached, so right now only signatures are needed, regardless of the countries they are coming from.

Try a Reddit mirror like RedLib, i.e. https://redlib.privacyredirect.com/