Understanding how to buy bitcoins and pay ransomware authors for decryption keys is hard enough, yet some cybercriminals now expect their victims to do it in under an hour if they want all of their files back.A new ransomware program dubbed Jigsaw encrypts users' files and then begins to progressively delete them until the victim pays the equivalent of $150 in Bitcoin cryptocurrency.The ransomware deletes one file after the first hour has passed and then increases the number of files it deletes in every 60-minutes cycle. If no payment has been made within 72 hours, all remaining files will be deleted.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords
"Try anything funny and the computer has several safety measures to delete your files," the program's creators warn in their ransom message that's accompanied by a picture of the Jigsaw killer's mask from the horror film series Saw.To read this article in full or to leave a comment, please click here
Security experts have devised a method that allows users to recover data from computers infected with the Petya ransomware program without paying money to cybercriminals.Petya appeared on researchers' radar last month when criminals distributed it to companies through spam emails that masqueraded as job applications. It stood out from other file-encrypting ransomware programs because it overwrites a hard disk drive's master boot record (MBR), leaving infected computers unable to boot into the operating system.The program replaces the drive's legitimate MBR code, which normally starts the operating system, with code that encrypts the master file table (MFT) and shows a ransom note. The MFT is a special file on NTFS volumes that contains information about all other files: their name, size and mapping to hard disk sectors.To read this article in full or to leave a comment, please click here
Security experts have devised a method that allows users to recover data from computers infected with the Petya ransomware program without paying money to cybercriminals.Petya appeared on researchers' radar last month when criminals distributed it to companies through spam emails that masqueraded as job applications. It stood out from other file-encrypting ransomware programs because it overwrites a hard disk drive's master boot record (MBR), leaving infected computers unable to boot into the operating system.The program replaces the drive's legitimate MBR code, which normally starts the operating system, with code that encrypts the master file table (MFT) and shows a ransom note. The MFT is a special file on NTFS volumes that contains information about all other files: their name, size and mapping to hard disk sectors.To read this article in full or to leave a comment, please click here
Website hosting platform Wordpress.com will automatically enable HTTPS for all the custom domain names that its users have associated with their websites.Run by Automattic, WordPress.com allows users to easily create and manage websites based on the hugely popular WordPress content management system. Users of the free service get a subdomain under wordpress.com to use as an address for their website, but paid plans allow hosting a custom domain.Implementing HTTPS for wordpress.com subdomains was fairly easy and Automattic did this in 2014. However, turning on encryption for hosted websites with custom domain names requires individual certificates for each of those domains, which posed management and cost-related problems.To read this article in full or to leave a comment, please click here
Website hosting platform Wordpress.com will automatically enable HTTPS for all the custom domain names that its users have associated with their websites.Run by Automattic, WordPress.com allows users to easily create and manage websites based on the hugely popular WordPress content management system. Users of the free service get a subdomain under wordpress.com to use as an address for their website, but paid plans allow hosting a custom domain.Implementing HTTPS for wordpress.com subdomains was fairly easy and Automattic did this in 2014. However, turning on encryption for hosted websites with custom domain names requires individual certificates for each of those domains, which posed management and cost-related problems.To read this article in full or to leave a comment, please click here
Over the past two and a half years, cybercriminals have managed to steal over $2.3 billion from thousands of companies worldwide by using little more than carefully crafted scam emails.Known as business email compromise (BEC), CEO fraud or whaling, this type of attack involves criminals impersonating an organization's chief executive officer, or some other high-ranking manager, and instructing employees via email to initiate rogue wire transfers.According to an alert issued earlier this week by the FBI, between October 2013 and February 2016, 17,642 organizations from the U.S. and 79 other countries have fallen victim to BEC attacks. The combined losses amount to over $2.3 billion, the agency said.To read this article in full or to leave a comment, please click here
Over the past two and a half years, cybercriminals have managed to steal over $2.3 billion from thousands of companies worldwide by using little more than carefully crafted scam emails.Known as business email compromise (BEC), CEO fraud or whaling, this type of attack involves criminals impersonating an organization's chief executive officer, or some other high-ranking manager, and instructing employees via email to initiate rogue wire transfers.According to an alert issued earlier this week by the FBI, between October 2013 and February 2016, 17,642 organizations from the U.S. and 79 other countries have fallen victim to BEC attacks. The combined losses amount to over $2.3 billion, the agency said.To read this article in full or to leave a comment, please click here
Adobe Systems released a security update for Flash Player to fix 24 critical vulnerabilities, including one that hackers have been exploiting to infect computers with ransomware over the past week.The company advised users Thursday to upgrade to the newly released Flash Player 21.0.0.213 on Windows and Mac and Flash Player 11.2.202.616 on Linux. The Flash Player Extended Support Release was also updated to version 18.0.0.343.As usual, the Flash Player build bundled with Google Chrome on all platforms, Microsoft Edge and Internet Explorer for Windows 10 and IE for Windows 8.1 will be upgraded automatically through the update mechanisms of those browsers.To read this article in full or to leave a comment, please click here
Adobe Systems released a security update for Flash Player to fix 24 critical vulnerabilities, including one that hackers have been exploiting to infect computers with ransomware over the past week.The company advised users Thursday to upgrade to the newly released Flash Player 21.0.0.213 on Windows and Mac and Flash Player 11.2.202.616 on Linux. The Flash Player Extended Support Release was also updated to version 18.0.0.343.As usual, the Flash Player build bundled with Google Chrome on all platforms, Microsoft Edge and Internet Explorer for Windows 10 and IE for Windows 8.1 will be upgraded automatically through the update mechanisms of those browsers.To read this article in full or to leave a comment, please click here
Modern cars contain tens of specialized computers that control everything from infotainment functions to steering and brakes. The pressing need to protect these computers from hackers will likely open up a new market for car-related software security products.Karamba Security, a start-up based in Ann Arbor, Michigan, is one of the companies that has stepped up to answer this demand. The company's anti-malware technology, unveiled Thursday, is designed to protect externally accessible electronic control units (ECUs) found in connected cars.These controllers, like those that handle handle telematics, infotainment and on-board diagnostics, can be accessed via Wi-Fi, Bluetooth or even the Internet, so they can serve as entry points for hackers into a car's network.To read this article in full or to leave a comment, please click here
Modern cars contain tens of specialized computers that control everything from infotainment functions to steering and brakes. The pressing need to protect these computers from hackers will likely open up a new market for car-related software security products.Karamba Security, a start-up based in Ann Arbor, Michigan, is one of the companies that has stepped up to answer this demand. The company's anti-malware technology, unveiled Thursday, is designed to protect externally accessible electronic control units (ECUs) found in connected cars.These controllers, like those that handle handle telematics, infotainment and on-board diagnostics, can be accessed via Wi-Fi, Bluetooth or even the Internet, so they can serve as entry points for hackers into a car's network.To read this article in full or to leave a comment, please click here
Security researchers have recently observed a large application-layer distributed denial-of-service attack using a new technique that could foil DDoS defenses and be a sign of things to come for Web application operators.The attack, which targeted a Chinese lottery website that used DDoS protection services from Imperva, peaked at 8.7Gbps. In a time when DDoS attacks frequently pass the 100Gbps mark, 8.7Gbps might not seem much, but it's actually unprecedented for application-layer attacks.DDoS attacks target either the network layer or the application layer. With network-layer attacks, the goal is to send malicious packets over different network protocols in order to consume all of the target's available bandwidth, essentially clogging its Internet pipes.To read this article in full or to leave a comment, please click here
Security researchers have recently observed a large application-layer distributed denial-of-service attack using a new technique that could foil DDoS defenses and be a sign of things to come for Web application operators.The attack, which targeted a Chinese lottery website that used DDoS protection services from Imperva, peaked at 8.7Gbps. In a time when DDoS attacks frequently pass the 100Gbps mark, 8.7Gbps might not seem much, but it's actually unprecedented for application-layer attacks.DDoS attacks target either the network layer or the application layer. With network-layer attacks, the goal is to send malicious packets over different network protocols in order to consume all of the target's available bandwidth, essentially clogging its Internet pipes.To read this article in full or to leave a comment, please click here
Security researchers have recently observed a large application-layer distributed denial-of-service attack using a new technique that could foil DDoS defenses and be a sign of things to come for Web application operators.The attack, which targeted a Chinese lottery website that used DDoS protection services from Imperva, peaked at 8.7Gbps. In a time when DDoS attacks frequently pass the 100Gbps mark, 8.7Gbps might not seem much, but it's actually unprecedented for application-layer attacks.DDoS attacks target either the network layer or the application layer. With network-layer attacks, the goal is to send malicious packets over different network protocols in order to consume all of the target's available bandwidth, essentially clogging its Internet pipes.To read this article in full or to leave a comment, please click here
Apple has reportedly fixed a vulnerability that could have allowed hackers to bypass the passcode on iPhone 6s and 6s Plus running iOS 9.3.1 in order to access the address book and photos.The bypass technique was discovered by researchers from German security firm Evolution Security and takes advantage of Siri's integration with apps like Twitter or Facebook and the new 3D Touch feature that's only available on the iPhone 6s and 6s Plus models.On a locked device, attackers can call up Siri and ask to search for items that contain @ tags using Twitter, Facebook or Yahoo. Then they can locate a string like an email address and use the 3D Touch hard push to bring out the context menu for it.To read this article in full or to leave a comment, please click here
Apple has reportedly fixed a vulnerability that could have allowed hackers to bypass the passcode on iPhone 6s and 6s Plus running iOS 9.3.1 in order to access the address book and photos.The bypass technique was discovered by researchers from German security firm Evolution Security and takes advantage of Siri's integration with apps like Twitter or Facebook and the new 3D Touch feature that's only available on the iPhone 6s and 6s Plus models.On a locked device, attackers can call up Siri and ask to search for items that contain @ tags using Twitter, Facebook or Yahoo. Then they can locate a string like an email address and use the 3D Touch hard push to bring out the context menu for it.To read this article in full or to leave a comment, please click here
Security researchers have found that a patch released by IBM three years ago for a critical vulnerability in its own Java implementation is ineffective and can be easily bypassed to exploit the flaw again.The broken patch was discovered by researchers from Polish firm Security Explorations who found the vulnerability and reported it to IBM in May 2013. IBM issued a fix in a July 2013 update for its Java development kit.IBM maintains its own implementation of the Java virtual machine and runtime. This version of Java is included in some of the company's enterprise software products, as well as in the IBM Software Developer Kit, which is available for platforms like AIX, Linux, z/OS and IBM i.To read this article in full or to leave a comment, please click here
Google has released one of the largest Android monthly security updates, fixing a total of 39 vulnerabilities — 15 rated critical, including four that can lead to a complete device compromise.The patches, which are included in new firmware images that were released Monday for the company's Nexus devices, will also be published to the Android Open Source Project over the next 24 hours.They include a fix for a vulnerability that Google warned about two weeks ago and which is already being exploited by a publicly available rooting application. Tracked as CVE-2015-1805, the privilege escalation flaw was originally fixed in the Linux kernel in April 2014, but it didn't become clear until February this year that it also affects Android.To read this article in full or to leave a comment, please click here
Security researchers have expanded and improved a three-year-old attack that exploits the compression mechanism used to speed up browsing in order to recover sensitive information from encrypted Web traffic.The attack, known as BREACH, takes advantage of the gzip/DEFLATE algorithm used by many Web servers to reduce latency when responding to HTTP requests. This compression mechanism leaks information about encrypted connections and allows man-in-the-middle attackers to recover authentication cookies and other sensitive information.The BREACH (Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext) attack was first presented at the Black Hat USA security conference in August 2013 by security researchers Angelo Prado, Neal Harris and Yoel Gluck. While it theoretically affects all SSL/TLS ciphers, their version of the attack was most effective against connections encrypted with stream ciphers, such as RC4.To read this article in full or to leave a comment, please click here
Doors that provide access into secure areas in airports, hospitals, government facilities and other organizations can easily be opened by hackers due to a vulnerability into a popular brand of networked door controllers.The flaw exists in the widely used VertX and Edge lines of door controllers from HID Global, one of the world's largest manufacturers of smartcards, card readers and access control systems.HID's VertX and Edge controllers can be remotely managed over the network and have a service called discoveryd (discovery daemon) that listens to UDP probe packets on port 4070, according to Ricky Lawshae, a researcher with Trend Micro's newly acquired DVLabs division.To read this article in full or to leave a comment, please click here
Lucian Constantin