Posts

Showing posts from May, 2017

The NSA’s leaked Windows hack caused more damage than just WannaCry

Image
When the ShadowBrokers first published the code for EternalBlue — an NSA exploit targeting Windows’ file-sharing protocol — researchers knew it was a bad bug. But most had no idea of the scale of the damage that would be caused by the vulnerability. Much of that damage has only become visible in recent days, as a ransomware program dubbed “WannaCry” locked up computers from the UK’s National Health Service to the Russian Ministry of the Interior. Some of the damage caused by EternalBlue was harder to spot, caused by more discreet malware designed to infect and monetize computers without leaving a trace. As researchers look for clues as to WannaCry’s origins, more of those programs are coming to light, and giving us more information about the sheer scale of the damage caused by Eternal Blue. [Read more here...]

Massive database containing over 560 million passwords discovered

Image
Looks like it’s time to change passwords again. Security researchers have discovered a massive database of login credentials — over 560 million emails and passwords — put together by an unknown person. All of the information is insecure. The database was discovered by the Kromtech Security Research Center, who ran the information with Troy Hunt. Most of the information is already on Hunt’s Have I Been Pwned site, which allows users to see if their accounts have been compromised in previous data breaches. [Read more here...]

How to Accidentally Stop a Global Cyber Attacks

Image
So finally I’ve found enough time between emails and Skype calls to write up on the crazy events which occurred over Friday, which was supposed to be part of my week off (I made it a total of 4 days without working, so there’s that). You’ve probably read about the WannaCrypt fiasco on several news sites, but I figured I’d tell my story.

I woke up at around 10 AM and checked onto the UK cyber threat sharing platform where i had been following the spread of the Emotet banking malware, something which seemed incredibly significant until today. There were a few of your usual posts about various organisations being hit with ransomware, but nothing significant…yet. I ended up going out to lunch with a friend, meanwhile the WannaCrypt ransomware campaign had entered full swing. [Read more here...]

Fake WhatsApp.com URL gets users to install adware

Image
Next time someone links you to whatsapp.com, make sure you take a second look. There’s some adware currently circulating around the web by tricking users to visit a ‘шһатѕарр.com’ domain instead. Yes, those are different URLs – the fake URL uses characters from the Cyrillic alphabet. [Read more here...]

Is Microsoft to blame for the largest ransomware attacks in internet history?

Image
Friday saw the largest global ransomware attack in internet history, and the world did not handle it well. We’re only beginning to calculate the damage inflicted by the WannaCry program — in both dollars and lives lost from hospital downtime — but at the same time, we’re also calculating blame. There’s a long list of parties responsible, including the criminals, the NSA, and the victims themselves — but the most controversial has been Microsoft itself. The attack exploited a Windows networking protocol to spread within networks, and while Microsoft released a patch nearly two months ago, it’s become painfully clear that patch didn’t reach all users. Microsoft was following the best practices for security and still left hundreds of thousands of computers vulnerable, with dire consequences. Was it good enough? [Read more here...]

The WannaCry ransomware has mysterious ties to North Korea

Image
Researchers at Kaspersky Lab have uncovered new evidence linking the WannaCry ransomware code to North Korea. In a post today, the group detailed a segment of code used in both an early WannaCry variant and a February 2015 sample attributed to the Lazarus Group, a Kaspersky-tracked actor tied to the North Korean government. The overlap was first spotted by Google researcher Neal Mehta, and Kaspersky believes the similarity goes far beyond shared code. “We strongly believe the February 2017 sample was compiled by the same people,” Kaspersky writes, “or by people with access to the same source code as the May 2017 WannaCry encryptor used in the May 11th wave of attacks.” [Read more here...]

Renault shut down several French factories after cyberattack

Image
As the massive WannaCry ransomware attack spread to over 100 countries this weekend, French automaker Renault halted production in several of its factories on Saturday, according to a spokesperson

Speaking to Automotive News, the spokesperson confirmed that the company shut down production in its Sandouville factory, saying that “proactive measures have been put in place, including the temporarily suspension of industrial activity at some sites," but declined to provide a full list of affected sites. Renault’s partner company Nissan was also affected: a UK spokesperson confirmed that files at its Sunderland factory were impacted on Friday night, but wouldn’t confirm reports that production was halted. A Renault spokesperson toldReuters that the company expects that “nearly all plants” will reopen on Monday. [Read more here...]

WannaCry 2.0 Just Arrive With No Kill-Switch!

Image
If you are following the news, by now you might be aware that a security researcher has activated a "Kill Switch" to stop WannaCry ransomware from spreading further, but it's not over, criminals have just launched WannaCry 2.0 with no 'kill-switch' functionality.
WannaCry has already infected over 200,000 computers across 99 countries worldwide only in past two days, and now this latest version can take over other hundreds of thousands of unpatched computers without any disruption. [Read more here...]

Protect Against WannaCry: Microsoft Issues Patch for Unsupported Windows Versions

Image
In the wake of the largest ransomware attack in the history that had already infected over 114,000 Windows systems worldwide since last 24 hours, Microsoft just took an unusual step to protect its customers with out-of-date computers.

Microsoft has just released an emergency security patch update for all its unsupported version of Windows, including Windows XP, Vista, Windows 8, Server 2003 and 2008 Editions. [Read more here...]

Registering a single web address may have stopped a global malware attack

Image
Over the past 24 hours, a ransomware program called WannaCry has shut down more than 75,000 computers across 99 countries, including a string of hospitals in the United Kingdom and critical gas and water utilities in Spain. But despite the massive scale of the attack, stopping new infections from the attack seems to have been as simple as registering a single web address. This morning, researchers announced they had found a kill switch in the code of the ransomware program — a single domain which, when registered, would prevent any infections from taking place. It’s still unclear whether registering that domain will stop every strain of the infection, but it should severely limit the global spread of the attack. [Read more here...]

UK hospitals hit with massive ransomware attack

Image
A massive ransomware attack has shut down work at 16 hospitals across the United Kingdom. According to The Guardian, the attack began at roughly 12:30PM local time, freezing systems and encrypting files. When employees tried to access the computers, they were presented with a demand for $300 in bitcoin, a classic ransomware tactic. [Read more here...]

President Trump fires FBI Director James Comey

Image
President Trump has dismissed FBI Director James Comey, according to a statement today by the White House. According to press secretary Sean Spicer, the move came at the request of Department of Justice, although the timing of the move is unclear. Comey had recently come under fire in the press for making inaccurate statements to the Senate Judiciary Committee, although it’s unclear whether today’s news is related to those concerns. [Read more here...]

Amazon lowers free shipping minimum back to $25

Image
Amazon has lowered its free shipping minimum back down to $25, the latest policy change amid a free-shipping battle with Walmart. The change seems to have been made sometime last week, but it went unreported until today. BestBlackFriday alerted us to the change. This is the second time this year that Amazon has lowered its free shipping minimum. In February, Amazon lowered the minimum from $49 to $35. Now that it’s down to $25, the minimum has returned to the place it sat at for more than a decade, before Amazon starting raising it back in 2013. [Read more here...]

Apple and Microsoft still haven’t saved the tablet market

Image
The tablet market continues to shrink worldwide, with the beginning of 2017 marking the 10th straight quarter where shipments declined year over year. The research firm IDC says that first quarter 2017 shipments were at 36.2 million, down 8.5 percent from the same time last year. First quarter shipments peaked back in 2014, when 50.4 million tablets were sent out globally. [Read more here..]

Uber is under criminal investigation for building software to avoid regulators

Image
Uber is facing a criminal probe from the US Justice Department over a piece of software it used to evade law enforcement and transportation regulators, according to Reuters. The program, known internally at Uber as “Greyball,” was first disclosed by a March report in The New York Times. Uber used the software tool to hide cars from regulators who were attempting to conduct sting operations on drivers in areas the company was not yet licensed to operate, such as Portland, Oregon.

Greyball was a multi-step defense, in Uber’s eyes, from those eager to “violate its terms of service.” The company claims it was developed as a way to cut down on fraud and protect drivers from violent taxi union protestors, and it claimed at the time that it still uses Greyball primarily for this purpose. “This program denies ride requests to users who are violating our terms of service,” Uber said in a statement back in March. “Whether that’s people aiming to physically harm drivers, competitors looking to di…

Qualcomm is trying to stop Apple from selling the iPhone in the US

Image
The ongoing feud between Apple and Qualcomm has escalated to a whole new height as the chipmaker is now purportedly seeking to block all iPhone imports to the US. Qualcomm is preparing to ask the International Trade Commission to formally forbid the Cupertino giant from importing its flagship handset – which is widely known to be mass-produced in Asia – from landing on American soil, Bloomberg reports. [Read more here...]

The Google Docs spam attacks played off Google’s most fundamental weakness

Image
If you saw a Google Docs email from someone you knew, you’d open it, right? And if, having clicked through, Google asked you to log in again, would you think something was wrong? For countless Gmail users, the answer was no. Yesterday, a sophisticated phishing attackswept through the network, masquerading as a Google Docs permission request. Every time someone followed the prompts, the app would gain access to the user’s contact list and blast out a new round of emails, causing a ripple effect of compromised accounts. According to Google, the attack affected less than 0.1 percent of Gmail users, but that’s still as many as 1 million people. And while the scheme can look simple, it was actually a string of linked spoofs, each made possible by Google’s reassuring presence on a fundamentally open system, and raising serious questions about how the company structures its products. [Read more here...]

WhatsApp is DOWN

Image
Why? WhatsApp is down. We repeat – WhatsApp. Is. Down.

And people all over the world are currently unable to send messages to their friends. Website Down Detector shows that the problem is mainly widespread in Europe – although people in Brazil, Mexico and the US have been affected too. [Read more here...]

China forces online news sites to hire government-approved staff

Image
The Chinese government has announced new rules that place tighter restrictions on online news outlets. Reuters reports that the regulations, announced on Tuesday, require all blogs, websites, apps, and other news platforms to hire editorial staff that have been approved by national or local government authorities. All staff must also receive training and accreditation from the central government. According to The Wall Street Journal, the rules appear to only apply to domestic online news outlets. The rules, which will go into effect on June 1st, extend longstanding restrictions on traditional media outlets to news sites. Chinese censors have exerted tight control over the media and internet, and President Xi Jinping has sought to consolidate the government’s control in recent years. Several Chinese online news services were shut down last year for publishing independently-reported news, rather than government statements. [Read more here...]

Apple’s earnings show modest growth, but iPhone sales are flat

Image
Apple sold 50.76 million of its iconic iPhones during the first three months of 2017. That helped the company generate $52.9 billion in revenue, a 4.5 percent increase from the same period last year. The number of iPhones snapped up by consumers was essentially flat, shrinking by 1 percent over the second quarter of last year. But the average sale price per smartphone climbed, helping power the company to more than $11 billion in net profit. When asked about flat iPhone sales, Apple CEO Tim Cook pointed to rumors of a new iPhone 8 with a radical design overhaul as the culprit. “We're seeing what we believe to be a pause in purchases of iPhone, which we believe is due to the earlier and much more frequent reports about future iPhones," he said on an earnings call this afternoon. “That part is clearly going on... We are seeing that in full transparency." [Read more here...]

Nissan thinks installing a Faraday cage in your armrest will prevent distracted driving

Image
Distracted driving is obviously a problem, and lots of software and phone companies have attempted to solve it. Samsung, for example, just released an auto-reply app that’ll send people a response when a phone owner is driving or biking. Now car manufacturers are attempting to fix the issue, too. Nissan thinks integrating a Faraday cage directly into a car’s armrest could be the magic fix. The compartment, known as the Nissan Signal Shield, would block all cellular, Bluetooth, and Wi-Fi connections. You could still play music through a USB or auxiliary cord, though, although I presume your music would have to be locally saved. Just opening the armrest would restore connectivity. Right now, this is just a concept idea for the new Nissan Juke model. [Read more here...]

GM will rent the Chevy Bolt to Uber and Lyft drivers

Image
Maven, General Motors’ car-sharing spinoff, is launching a new product aimed at drivers in the gig economy. For $229 a week, someone who’s interested in driving for Uber, Lyft, Instacart, GrubHub, or a handful of other on-demand services, but doesn’t own a vehicle, can rent a Chevy Bolt through a new service called Maven Gig. The weekly price includes insurance, maintenance, and electric vehicle charging. Maven is officially partnering with Uber, Lyft, GrubHub, Instacart, and Roadie, but expects that list to grow over time. The program is live in San Diego and will launch in San Francisco and Los Angeles later this year. [Read more here...]

10 Things That Make YOU Instantly LESS Attractive To Women

Image

What is Intel Optane?

Image