wannacry

Defects in embedded OS Vxworks leaves an estimated 200m devices vulnerable, many of them mission-critical, "forever day" systems

Vxworks is a lightweight, thin OS designed for embedded systems; a new report from Armis identifies critical vulnerabilities (called "Urgent 11") in multiple versions of the OS that they estimate affects 200m systems (Vxworks' make, Wind River, disputes this figure). Read the rest

Android malware uses accelerometer readings to figure out if it was running on a real phone or in emulation

Malware authors have a problem: they want their software to run aggressively when no one is looking at it, but to shut down entirely if the device it's running on is actually in some malware researcher's lab. Read the rest

Wannacry ransomware cost the British National Health Service £92m ($121m)

The Wannacry ransomware epidemic was especially virulent, thanks to its core: a weaponized vulnerability in Windows that the NSA had discovered and deliberately kept a secret so that they could use it to attack their adversaries. Read the rest

The first cyberattack took place nearly 200 years ago in France

France created a national mechanical telegraph system in the 1790s; in 1834, a pair of crooked bankers named François and Joseph Blanc launched the first cyberattack, poisoning the data that went over the system in order to get a trading advantage in the bond market. Read the rest

Epidemic of cryptojacking can be traced to escaped NSA superweapon

The epidemic of cryptojacking malware isn't merely an outgrowth of the incentive created by the cryptocurrency bubble -- that's just the motive, and the all-important the means and opportunity were provided by the same leaked NSA superweapon that powered last year's Wannacry ransomware epidemic. Read the rest

A new, virulent ransomware epidemic is fuelled by yet another leaked NSA cyberweapon

The global epidemic of Wannacry ransomware infections was the result of petty criminals fusing an old ransomware strain with a leaked NSA cyberweapon that was released by The Shadow Brokers, and the result was tens of millions of dollars' worth of economic harm. Read the rest

Hackers hack hackers to steal their hacking tools and deflect blame

Rule #1 of hacking is "attribution is hard" (other contenders: "don't be on fire," "don't get involved in a land-war in Asia" or "there is no security in obscurity"), which is to say, it's really hard to say who hacked you, in part because it's really easy for hackers to make it look like someone else did the deed. Read the rest

Snowden: Public money shouldn't fund software the public isn't allowed to fix

Paul Brown writes, "The FSFE's 'Public Money? Public Code!' campaign wants to convince lawmakers that software created with public funds should be made available to the public under Free Software licences. Read the rest

Our technology is haunted by demons controlled by transhuman life-forms

In my latest Locus column, "Demon-Haunted World," I propose that the Internet of Cheating Things -- gadgets that try to trick us into arranging our affairs to the benefit of corporate shareholders, to our own detriment -- is bringing us back to the Dark Ages, when alchemists believed that the universe rearranged itself to prevent them from knowing the divine secrets of its workings. Read the rest

After Defcon, the FBI arrested the UK national who stopped Wannacry

Update: Here is the indictment. Hutchins is accused of making and selling a keylogger called the "Kronos banking trojan."

Marcus Hutchins is the 23 year old security researcher behind the @MalwareTechBlog Twitter account; he's the guy who figured out that the Wannacry worm had an accidental killswitch built in and then triggered it, stopping the ransomware epidemic in its tracks. Read the rest

Global Wannacry payout: $140,000 -- a superweapon in the hands of dum-dums

The Wannacry worm burned through the world's unpatched IT systems, hitting more than 80 countries in 24 hours, taking down hospitals, airlines, banks and logistics companies, until a hidden killswitch was able to halt its spread. Read the rest

That "ransomware" attack was really a cyberattack on Ukraine

According to Kaspersky, the Petya ransomware that raced around the world this week wasn't ransomware at all, and there is no way to get back your files after it does its work (that's why it was so easy to shut down the email address the ransomware used to negotiate payments and decryption with victims whose computers had been taken over). Read the rest

A new ransomware strain is seemingly using a leaked NSA cyberweapon to race around the planet

Petya is a well-known ransomware app that has attained a new, deadly virulence, with thousands of new infection attempts hitting Kaspersky Lab's honeypots; security firm Avira attributes this new hardiness to the incorporation of EternalBlue -- the same NSA cyberweapon that the Wannacry ransomware used, which was published by The Shadow Brokers hacker group -- into a new Petya strain. Read the rest

New massive ransomware attack paralyzing European banks, airports, government departments

Hot on the heels of the WannaCry attack, a massive, new, ransomware attack has struck Europe, shutting down systems in Ukraine, Britain, and Spain.

From The Telegraph:

The virus is believed to be ransomware - a piece of malicious software that shuts down a computer system and then demands an extortionate sum of money to fix the problem.

It comes just a few weeks after the WannaCry hack which affected more than 150 countries and crippled parts of the NHS.

American and British analysts believe that attack, which unfolded in May, was carried out by North Korea. It remains unclear who is responsible for Tuesday's attack.

From Wired:

It's not yet clear where the wave of attacks originated or who is behind it. "Everyone talked about Ukraine first, but I don't know. It's worldwide," says MalwareHunterteam, a researcher with the MalwareHunterTeam analysis group.

Most troubling, perhaps, is that Petya doesn't appear suffer the same errors that stunted WannaCry's spread. The amateurish mistakes that marked that outbreak limited both the scope and the eventual payouts collected; it even included a "kill switch" that shut it off entirely after just a couple of days.

Image: Christiaan Colen Read the rest

Explaining the WannaCry ransomware attack

SciShow’s Hank Green breaks down the details of this month’s WannaCry ransomware attack. Read the rest

An IoT botnet is trying to nuke Wcry's killswitch

Whoever created the Wcry ransomware worm -- which uses a leaked NSA cyberweapon to spread like wildfire -- included a killswitch: newly infected systems check to see if a non-existent domain is active, and if it is, they fall dormant, ceasing their relentless propagation. Read the rest

Powerful Russian Orthodox cleric summoned to spritz computers with holy water to fight ransomware

Patriarch Kirill of the Russian Orthodox Church is a powerful reactionary figure in the country's toxic political scene, which has welded a tale of thwarted imperial destiny to a thin-skinned fundamentalist theology that can't bear the slightest sign of mockery; he's blamed ISIS on secularism and Pride parades and says that marriage equality literally heralds the imminent apocalypse. Read the rest

Next page

:)