Security researchers have discovered more ransomware under development, namely one paying homage to Voldemort and another featuring Donald Trump, as well as one variant currently targeting servers and yet a different ransomware hitting government agencies and education institutions.Let’s start with the ransomware that has moved past development into actively locking up computers.DXXD ransomware targeting serversOn Bleeping Computer forums, there were reports of servers being hit with DXXD ransomware. After a file has been encrypted, “dxxd” is added to the end of a filename such as myimportantfile.jpgdxxd.To read this article in full or to leave a comment, please click here
Security researchers have discovered more ransomware under development, namely one paying homage to Voldemort and another featuring Donald Trump, as well as one variant currently targeting servers and yet a different ransomware hitting government agencies and education institutions.Let’s start with the ransomware that has moved past development into actively locking up computers.DXXD ransomware targeting serversOn Bleeping Computer forums, there were reports of servers being hit with DXXD ransomware. After a file has been encrypted, “dxxd” is added to the end of a filename such as myimportantfile.jpgdxxd.To read this article in full or to leave a comment, please click here
Meet MailSniper, a new pen tester tool that may be of interest to you if you need to find sensitive data such as passwords, credit card numbers and healthcare data, or need to access databases, or even to discover insider and network architecture information.MailSniper is a penetration testing tool, written in PowerShell, to allow for mass searching through email across every mailbox of an organization’s Microsoft Exchange environment.Beau Bullock, from the penetration testing firm Black Hills Information Security, cited a 2016 Mandiant M-Trends Report (pdf) which claimed organizations are compromised an average of 146 days before detecting a breach. That long of a window gives attackers plenty of time to locate, compromise and exfiltrate sensitive data; pen testers, however, may only have a window of five days or less to do the same thing in order to prove risk to an organization.To read this article in full or to leave a comment, please click here
Meet MailSniper, a new pen tester tool that may be of interest to you if you need to find sensitive data such as passwords, credit card numbers and healthcare data, or need to access databases, or even to discover insider and network architecture information.MailSniper is a penetration testing tool, written in PowerShell, to allow for mass searching through email across every mailbox of an organization’s Microsoft Exchange environment.Beau Bullock, from the penetration testing firm Black Hills Information Security, cited a 2016 Mandiant M-Trends Report (pdf) which claimed organizations are compromised an average of 146 days before detecting a breach. That long of a window gives attackers plenty of time to locate, compromise and exfiltrate sensitive data; pen testers, however, may only have a window of five days or less to do the same thing in order to prove risk to an organization.To read this article in full or to leave a comment, please click here
Unless you are a bad guy intent upon nefarious schemes to exploit technology in order to make money, then you probably have a great amount of respect for security reporter Brian Krebs. The crimes, breaches and attacks he has exposed have been so stunning that it boggles the mind. If cyber thugs have a “most wanted” list, then Krebs is likely at, or very near, the top. Yet what kind of messed up world do we live in if criminals can exploit horribly insecure internet-of-things devices with such success that it can silence the voice of a journalist like Krebs?He most recently ticked off allies of vDOS; Krebs wrote about the DDoS-for-hire company and the two teenagers allegedly behind it were arrested. Although it’s nothing new for his site, KrebsOnSecurity, to come under attack, like it did after his vDOS exposé, nearly two weeks later, Krebs’ site was hit “with the largest DDoS the internet has ever seen. 665 Gbps” (gigabits per second). Some of the POST request attacks included the string “freeapplej4ck,” referring to one of the alleged teenage owners of vDOS.To read this article in full or to leave a comment, please click here
Unless you are a bad guy intent upon nefarious schemes to exploit technology in order to make money, then you probably have a great amount of respect for security reporter Brian Krebs. The crimes, breaches and attacks he has exposed have been so stunning that it boggles the mind. If cyber thugs have a “most wanted” list, then Krebs is likely at, or very near, the top. Yet what kind of messed up world do we live in if criminals can exploit horribly insecure internet-of-things devices with such success that it can silence the voice of a journalist like Krebs?He most recently ticked off allies of vDOS; Krebs wrote about the DDoS-for-hire company and the two teenagers allegedly behind it were arrested. Although it’s nothing new for his site, KrebsOnSecurity, to come under attack, like it did after his vDOS exposé, nearly two weeks later, Krebs’ site was hit “with the largest DDoS the internet has ever seen. 665 Gbps” (gigabits per second). Some of the POST request attacks included the string “freeapplej4ck,” referring to one of the alleged teenage owners of vDOS.To read this article in full or to leave a comment, please click here
If cops are going to do something shady, something as unethical and illegal as violating a citizen’s First Amendment rights to free speech and his Fourth Amendment rights against warrantless seizure, then they definitely don’t want their actions being recorded; yet that is exactly what happened when Connecticut State Police troopers seized a camera belonging to a protestor and the camera continued to film while they conspired on which bogus charges to level against him.In September 2015, Michael Picard was protesting near a DUI checkpoint in West Hartford by holding up a big handwritten sign which read “Cops Ahead: Keep Calm and Remain Silent.” Picard, who was lawfully carrying a handgun, also had a camera which he was using to film the police – public employees on a public street.To read this article in full or to leave a comment, please click here
If cops are going to do something shady, something as unethical and illegal as violating a citizen’s First Amendment rights to free speech and his Fourth Amendment rights against warrantless seizure, then they definitely don’t want their actions being recorded. Yet that is exactly what happened when Connecticut State Police troopers seized a camera belonging to a protestor and the camera continued to film while they conspired on which bogus charges to level against him.In September 2015, Michael Picard was protesting near a DUI checkpoint in West Hartford by holding up a big handwritten sign that read “Cops Ahead: Keep Calm and Remain Silent.” Picard, who was lawfully carrying a handgun, also had a camera that he was using to film the police—public employees on a public street.To read this article in full or to leave a comment, please click here
Chinese researchers from Keen Security Lab of Tencent announced that they could chain multiple vulnerabilities together which allowed them to remotely hack the Tesla Model S P85 and 75D from as far as 12 miles away.The researchers said:
As far as we know, this is the first case of remote attack which compromises CAN Bus to achieve remote controls on Tesla cars. We have verified the attack vector on multiple varieties of Tesla Model S. It is reasonable to assume that other Tesla models are affected.To read this article in full or to leave a comment, please click here
Chinese researchers from Keen Security Lab of Tencent announced that they could chain multiple vulnerabilities together, which allowed them to remotely hack the Tesla Model S P85 and 75D from as far as 12 miles away.The researchers said:
As far as we know, this is the first case of remote attack which compromises CAN Bus to achieve remote controls on Tesla cars. We have verified the attack vector on multiple varieties of Tesla Model S. It is reasonable to assume that other Tesla models are affected.To read this article in full or to leave a comment, please click here
A security researcher going by Minxomat scanned IPv4 addresses and then released a list of nearly 800,000 open FTP servers, meaning no authentication is required to access them. His scan revealed that 4.32% of all FTP servers in the IPv4 address space allowed “anonymous” users to login with no password.“This is a list of all (796,578) FTP servers directly connected to port 21 in the IPv4 address space that allow anonymous logins,” Minxomat wrote on GitHub. “The login must be completed in less than five seconds to qualify for this list.”If an FTP server was meant to be public, he did not include it in the list. In his post describing “mass-analyzing a chunk of the internet,” Minxomat said he set up filters to exclude other results such as “POS system firmware update servers and printers (firmware|printer).”To read this article in full or to leave a comment, please click here
A security researcher going by Minxomat scanned IPv4 addresses and then released a list of nearly 800,000 open FTP servers, meaning no authentication is required to access them. His scan revealed that 4.32 percent of all FTP servers in the IPv4 address space allowed “anonymous” users to log in with no password.“This is a list of all (796,578) FTP servers directly connected to port 21 in the IPv4 address space that allow anonymous logins,” Minxomat wrote on GitHub. “The login must be completed in less than five seconds to qualify for this list.”If an FTP server was meant to be public, he did not include it in the list. In his post describing “mass-analyzing a chunk of the internet,” Minxomat said he set up filters to exclude other results such as “POS system firmware update servers and printers (firmware|printer).”To read this article in full or to leave a comment, please click here
A security researcher going by Minxomat scanned IPv4 addresses and then released a list of nearly 800,000 open FTP servers, meaning no authentication is required to access them. His scan revealed that 4.32 percent of all FTP servers in the IPv4 address space allowed “anonymous” users to log in with no password.“This is a list of all (796,578) FTP servers directly connected to port 21 in the IPv4 address space that allow anonymous logins,” Minxomat wrote on GitHub. “The login must be completed in less than five seconds to qualify for this list.”If an FTP server was meant to be public, he did not include it in the list. In his post describing “mass-analyzing a chunk of the internet,” Minxomat said he set up filters to exclude other results such as “POS system firmware update servers and printers (firmware|printer).”To read this article in full or to leave a comment, please click here
If you write a negative review for a game, is that harassment? It is according to game developer Digital Homicide which is suing 100 Steam users for $18 million.After Digital Homicide developer James Romine filed a lawsuit, an Arizona judge granted a subpoena to obtain the personal “identification and associated data” of 100 anonymous Steam users. Romine alleges that the Steam group of Jane and John Does created a “hate and harassment group, Digital Homicides Poop Games.”To read this article in full or to leave a comment, please click here
If you write a negative review for a game, is that harassment? It is according to game developer Digital Homicide which is suing 100 Steam users for $18 million.After Digital Homicide developer James Romine filed a lawsuit, an Arizona judge granted a subpoena to obtain the personal “identification and associated data” of 100 anonymous Steam users. Romine alleges that the Steam group of Jane and John Does created a “hate and harassment group, Digital Homicides Poop Games.”To read this article in full or to leave a comment, please click here
The World Anti-Doping Agency (WADA) was hacked and confidential medical files of US Olympic athletes Simone Biles, Serena and Venus Williams and Elena Delle Donne were leaked online. The hackers dubbed the dump as “just the tip of the iceberg.”A group claiming to be the Fancy Bears' Hack Team took credit for the attack and accused American Olympic athletes of doping, of using “dirty methods to win.” Furthermore, the hackers claimed that although the US Olympic team had "played well but not fair,” it had “disgraced its name by tainted victories.”To read this article in full or to leave a comment, please click here
The World Anti-Doping Agency (WADA) was hacked and confidential medical files of US Olympic athletes Simone Biles, Serena and Venus Williams and Elena Delle Donne were leaked online. The hackers dubbed the dump as “just the tip of the iceberg.”A group claiming to be the Fancy Bears' Hack Team took credit for the attack and accused American Olympic athletes of doping, of using “dirty methods to win.” Furthermore, the hackers claimed that although the US Olympic team had "played well but not fair,” it had “disgraced its name by tainted victories.”To read this article in full or to leave a comment, please click here
The World Anti-Doping Agency (WADA) was hacked and confidential medical files of U.S. Olympic athletes Simone Biles, Serena and Venus Williams, and Elena Delle Donne were leaked online. The hackers said the dump is “just the tip of the iceberg.”A group claiming to be the Fancy Bears' Hack Team took credit for the attack and accused American Olympic athletes of doping, of using “dirty methods to win.” Furthermore, the hackers claimed that although the U.S. Olympic team "played well but not fair,” it had “disgraced its name by tainted victories.”To read this article in full or to leave a comment, please click here
The World Anti-Doping Agency (WADA) was hacked and confidential medical files of U.S. Olympic athletes Simone Biles, Serena and Venus Williams, and Elena Delle Donne were leaked online. The hackers said the dump is “just the tip of the iceberg.”A group claiming to be the Fancy Bears' Hack Team took credit for the attack and accused American Olympic athletes of doping, of using “dirty methods to win.” Furthermore, the hackers claimed that although the U.S. Olympic team "played well but not fair,” it had “disgraced its name by tainted victories.”To read this article in full or to leave a comment, please click here
Microsoft released 14 security bulletins for September, seven of which are rated critical due to remote code execution flaws. Microsoft in all its wisdom didn’t regard all RCEs as critical. There’s also an “important rated” patch for a publicly disclosed flaw which Microsoft claims isn’t a zero-day being exploited. But at least a 10-year-old hole is finally being plugged.Next month marks a significant change as Microsoft says it intends roll out "servicing changes" that include bundled patches. Unless things change, not all Windows users will be able to pick and choose specific security updates starting in October.To read this article in full or to leave a comment, please click here
Ms. Smith