What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-12-22 15:22:32 | NotPetya\'s Cost to FedEx: $400 Million and counting (lien direct) | As Federal Express continues to recover from the devastating NotPetya malware outbreak, the cost of the attack on the company continues to grow, topping $400 million in just the last six months. FedEx said it is still recovering from the destructive wiper malware attack and reported a $100 million hit to its financial results in the second...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/512318212/0/thesecurityledger -->» | FedEx NotPetya | ||
 |
2017-12-12 12:50:51 | Security Professionals say nothing has changed since WannaCry and NotPetya (lien direct) | >Given the severe devastation WannaCry and NotPetya caused to organisations around the world, you would have thought investment and interest into beefing up defences would have increased? Well not according to the latest research by AlienVault. Having surveyed 233 IT professionals globally about how their roles have changed following these high-profile attacks, just 16% of ... | NotPetya Wannacry | ||
 |
2017-12-11 14:00:00 | The Impact of NotPetya and WannaCry (lien direct) |
Another wake up call
Every time there is a major security incident many people claim it to be the “wake up call” the incident has needed. Surely, it stands to reason that if a big enough incident occurs, people will stand up, take notice, and take the necessary steps needed to make sure it doesn’t happen again.
To test out this hypothesis, we conducted a survey on Spiceworks. For those unfamiliar, Spiceworks has a large and vibrant technology community – one that extends beyond security, but is often made up of technology professionals that have varying degrees of security responsibility in their jobs.
In other words, the Spiceworks community are the ‘do-ers’, the ones at the coalface – so they represent perhaps one of the best section of technologists to ask.
Getting things done
One would expect that in the aftermath of such high-profile and devastating attacks, IT projects would be green lit and the money would start flowing.
The reality is a lot more subdued, with only 14% of respondents stating their cyber security budgets have increased, and only a fifth (20%) have been able to implement changes or projects that were previously put on hold.
The flip side
While budget may not be as free-flowing as one may assume, it doesn’t mean that companies have been completely negligent. 65% of respondents stated they are more up-to-date with patching than they were previously, and half say they are using threat intelligence more regularly to stay ahead of emerging threats. With a further 58% claiming to have carried out a review of their organizations cyber security posture following the attacks.
 
This is encouraging, as it means companies are not completely ignoring the challenges they face – and are leveraging existing investments to help get their companies in a better position.
Although, as the attacks have shown, prevention alone isn’t enough and it would also be prudent for organizations to focus their efforts on threat detection and response.
A makeover?
For IT professionals, 22% said their family and friends are more interested in hearing about their work, and 27% believe most people in their organization listen to their IT advice more than they did before.
Unfortunately, it hasn’t translated to great financial rewards with 10% have experienced an increase in job offers, or managed to negotiate a pay increase following the attacks.
Incident Apathy?
IT Security remains a challenging environment within which to work where resilience is the key to success. The sheer number of incidents that are reported on an almost daily basis may also be a contributing factor towards organizational apathy towards incidents.
While attacks cannot be prevented, and IT Security may be a cost that organizations have to bear as a price of doing business in the digital age. It doesn’t necessarily mean that there are no options.
Many security fundamentals can be implemented with little capital needed to source new products. Rather the |
NotPetya Wannacry | ||
 |
2017-10-31 08:00:15 | NotPetya tops list of worst ransomware attacks (lien direct) | NotPetya, WannaCry and other ransomware have caused unprecedented damage to businesses, infrastructure and users, say threat researchers | NotPetya Wannacry | ||
 |
2017-10-30 08:33:54 | NotPetya Attack Had Significant Impact on Merck Revenue (lien direct) | American pharmaceutical giant Merck reported last week that the recent NotPetya malware attack caused losses of hundreds of millions of dollars in revenue. | NotPetya | ||
|
2017-10-27 21:28:25 | NotPetya Infection Left Merck Short of Key HPV Vaccine (lien direct) | The NotPetya malware infection shut down pharmaceutical giant Merck’s production of the pediatric vaccine GARDASIL last June, forcing the company to borrow the drug from a stockpile maintained by the U.S. Centers for Disease Control and Prevention to meet demand. The NotPetya malware infection shut down pharmaceutical giant Merck &...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/480193766/0/thesecurityledger -->» | NotPetya | ||
 |
2017-10-26 14:43:41 | Following The Bad Rabbit (lien direct) | On October 24th, media outlets reported on an outbreak of ransomware affecting various organizations in Eastern Europe, mainly in Russia and Ukraine. Identified as “Bad Rabbit”, initial reports about the ransomware drew comparisons with the WannaCry and NotPetya (EternalPetya) attacks from earlier this year. Though F-Secure hasn’t yet received any reports of infections from our […] |
NotPetya Wannacry | ||
|
2017-10-26 09:36:43 | \'Bad Rabbit\' Attack Infrastructure Set Up Months Ago (lien direct) | The infrastructure used by the Bad Rabbit ransomware was set up months ago and an increasing amount of evidence links the malware to the NotPetya attack launched in late June, which some experts believe was the work of a Russian threat actor. | NotPetya | ||
 |
2017-10-25 20:44:32 | CSE Malware ZLab – Preliminary analysis of Bad Rabbit attack (lien direct) | >We at the CSE Cybsec ZLab have conducted a preliminary analysis of the Bad Rabbit ransomware discovering an interesting aspect of the attack. This is just the beginning of a complete report that we will release in the net days, but we believe our findings can be useful for the security community. This malware remembers the notorious NotPetya […] | NotPetya | ||
 |
2017-10-25 14:48:39 | BadRabbit: New strain of ransomware hits Russia and Ukraine (lien direct) | BadRabbit is self-propagating and has many similarities to the June 2017 Petya / NotPetya outbreak. | NotPetya | ||
|
2017-10-25 09:03:01 | Bad Rabbit Linked to NotPetya, but Not as Widespread (lien direct) | The Bad Rabbit ransomware attack that hit Russia and Ukraine on Tuesday has been linked to the recent NotPetya outbreak, but the number of infections appears to be far smaller. | NotPetya | ||
 |
2017-10-25 04:57:55 | Le malware Bad Rabbit débarque en Europe (lien direct) | Décidément, c'est compliqué pour Gérard et Monique. Un nouveau malware au doux nom de BadRabbit (vilain lapin) est en train de mettre à feu et à sang la Russie, l'Ukraine, la Turquie, mais aussi l'Europe avec l'Allemagne. Fonctionnant comme un fork de Petya (Petrwrap, NotPetya, exPetr et GoldenEye), Bad Rabbit s'attaque aux réseaux des entreprises > Lire la suite Cet article merveilleux et sans aucun égal intitulé : Le malware Bad Rabbit débarque en Europe ; a été publié sur Korben, le seul site qui t'aime plus fort que tes parents. | NotPetya | ||
 |
2017-10-25 01:36:57 | Le ransomware Bad Rabbit crée le désordre en Russie et Ukraine (lien direct) | Le malware a infecté plus de 200 organisations. Il a été diffusé par un site piégé en se fait passer pour programme d'installation d'Adobe Flash. Mais son mode de propagation est moins virulent que ses prédécesseurs WannaCry ou NotPetya.  |
NotPetya Wannacry | ||
 |
2017-10-24 23:08:18 | BadRabbit: a closer look at the new version of Petya/NotPetya (lien direct) |
BadRabbit, a new version of NotPetya, also has an infector allowing for lateral movements. However, unlike NotPetya, it does not use EternalBlue and uses a website to drop its payload. We take a closer look at this new ransomware variant.
Categories:
Malware
Threat analysis
Tags: badrabbit ransomwareNotPetyaNotPetya ransomwareransomware
(Read more...)
|
NotPetya | ||
|
2017-10-24 21:53:05 | BadRabbit ransomware strikes Eastern Europe (lien direct) |
A new strain of malware by the authors of NotPetya called the BadRabbit ransomware is spreading through Eastern Europe, offering a fake Flash update to drop the infection.
Categories:
Cybercrime
Malware
Tags: bad rabbitBadRabbitnot petyapetyaPetya ransomwareransomware
(Read more...)
|
NotPetya | ||
 |
2017-10-24 20:39:57 | Bad Rabbit – A New Ransomware Outbreak Targeting Ukraine and Russia. (lien direct) | >On October 14th, the Ukrainian Security Service warned that a new large scale cyber-attack, similar to notPetya, might take place sometime between October 13 and 17. The attack arrived a few days later than expected; today (October 24th, 2017) the anticipated ransomware attack broke in Europe. Ukraine was the main target for this malware, with […] | NotPetya | ||
|
2017-10-24 16:33:57 | \'Bad Rabbit\' Ransomware Attack Hits Russia, Ukraine (lien direct) | Several major organizations in Russia and Ukraine were hit in the past few hours by a ransomware named “Bad Rabbit.†The incident reminds of the massive attack involving NotPetya malware, which ended up costing companies millions of dollars. | NotPetya | ||
 |
2017-10-24 16:25:00 | \'Bad Rabbit\' Ransomware Attacks Rock Russia, Ukraine - and Beyond (lien direct) | Attack employs new version of infamous NotPetya ransomware used in June attacks on Ukraine targets. | NotPetya | ||
|
2017-10-14 15:23:53 | Security Service of Ukraine of a new wave of large-scale NotPetya-like attack (lien direct) | >The Security Service of Ukraine warning their citizens of a new “large-scale” cyber attack similar to NotPetya that could take place between Oct 13 and 17 In June the NotPetya ransomware compromised thousands of businesses and organizations worldwide, most of them in Ukraine. Now, the Ukrainian authorities warning their citizens of a new “large-scale” cyber attack similar to NotPetya. The Ukrainian Secret […] | NotPetya | ||
 |
2017-10-14 00:24:19 | Ukraine Police Warns of New NotPetya-Style Large Scale CyberAttack (lien direct) | Remember NotPetya?
The Ransomware that shut down thousands of businesses, organisations and banks in Ukraine as well as different parts of Europe in June this year.
Now, Ukrainian government authorities are once again warning its citizens to brace themselves for next wave of "large-scale" NotPetya-like cyber attack.
According to a press release published Thursday by the Secret Service of
|
NotPetya | ||
|
2017-09-28 06:15:55 | WannaCry an example of pseudo-ransomware, says McAfee (lien direct) | The global WannaCry and NotPetya attacks were both examples of pseudo-ransomware, according to McAfee researchers | NotPetya Wannacry | ||
 |
2017-09-27 11:00:42 | What Do Recent Attacks Mean for OT Network Security? (lien direct) | Cyberattacks such as WannaCry, NotPetya and Industroyer wreaked havoc on organizations, but they provided lessons for security your OT network. | NotPetya Wannacry | ||
 |
2017-09-27 10:35:33 | Another Banking Trojan Adds Support for NSA\'s EternalBlue Exploit (lien direct) | A third banking trojan has added support for EternalBlue, an exploit supposedly created by the NSA, leaked online by the Shadow Brokers, and the main driving force behind the WannaCry and NotPetya ransomware outbreaks. [...] | NotPetya Wannacry | ||
|
2017-09-26 09:01:25 | McAfee Labs Report sees cyberattacks target healthcare and social media users (lien direct) | McAfee Inc. today released its McAfee Labs Threats Report: September 2017, which examines the rise of script-based malware, suggests five proven threat hunting best practices, provides an analysis of the recent WannaCry and NotPetya ransomware attacks, assesses reported attacks across industries, and reveals growth trends in malware, ransomware, mobile malware, and other threats in Q2 ... | NotPetya Wannacry | ★★ | |
|
2017-09-25 16:50:28 | Is CCleaner the Tip of an Iceberg of Supply Chain Hacks? And Alexa: did China hack us Last Night? (lien direct) | In the latest Security Ledger podcast, Paul speaks with Michael Gorelik of the firm Morphisec about the hack of security software vendor CCleaner – a hack that Gorelik’s firm discovered. CCleaner, he says, may just be the tip of the iceberg when it comes to supply chain hacks. And: “Alexa: have we been hacked by China?”...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/461342024/0/thesecurityledger -->»
Related StoriesIs CCleaner the Tip of an Iceberg of Supply Chain Hacks? And Alexa: did China hack us Last Night? - EnclosureReport: 1.9b Records Lost in First Half of 2017, topping 2016FedEx: NotPetya Cost $300m, Wrecked Q1 Earnings
|
CCleaner FedEx NotPetya | ||
|
2017-09-25 05:04:35 | NotPetya attack cost up to £15m, says UK ad agency WPP (lien direct) | Advertising giant was one of many companies hit in June 2017 by malware distributed through Ukrainian accounting software | NotPetya | ||
|
2017-09-23 15:50:29 | Retefe banking Trojan leverages EternalBlue exploit to infect Swiss users (lien direct) | Cyber criminals behind the Retefe banking Trojan have improved it by adding a new component that uses the NSA exploit EternalBlue. ETERNALBLUE is the alleged NSA exploit that made the headlines with DOUBLEPULSAR in the WannaCry attack and NotPetya massive attacks. ETERNALBLUE targets the SMBv1 protocol and it has become widely adopted in the community of malware developers. Investigations on WannaCry, for […] | NotPetya Wannacry | ||
|
2017-09-21 09:46:32 | $300 million: the total cost for TNT after NotPetya (lien direct) | The NotPetya cyber attack has reportedly cost TNT division about $300m (£221m). The company was one of several to have its computer systems severely disrupted by the ransomware outbreak in June. Company executives also acknowledged TNT had yet to fully restore all its IT operations and was expected to do so only at the end ... | NotPetya | ★★★ | |
|
2017-09-21 05:29:26 | (Déjà vu) FedEx announces $300m in lost business and response costs after NotPetya attack (lien direct) | FedEx is the last firm in order of time that disclosed the cost caused by the massive NotPetya, roughly $300m in lost business and response costs. The malware compromised systems worldwide, most of them in Ukraine, the list of victims is long and includes the US pharmaceutical company Merck, the shipping giant Maersk, the Ukraine's central […] | FedEx NotPetya | ||
|
2017-09-20 02:19:33 | FedEx: NotPetya Cost $300m, Wrecked Q1 Earnings (lien direct) | FedEx, the worldwide package delivery giant, said in a regulatory filing on Tuesday that the NotPetya ransomware outbreak in late June has cost it an estimated $300 million dollars and forced the company to miss its fiscal first quarter earnings. The company said in its quarterly “8K” report to the U.S. Securities and Exchange...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/460060256/0/thesecurityledger -->»Related StoriesEquifax Executives Depart Amid Growing BacklashBeset by Lawsuits, Scams, Investigations, Equifax names Source of BreachBluetooth Flaw affects Billions of Devices and has a Name: BlueBorne | FedEx NotPetya Equifax | ||
|
2017-09-18 10:39:09 | CSE CybSec ZLAB Malware Analysis Report: NotPetya (lien direct) | I’m proud to share with you the first report produced by Z-Lab, the Malware Lab launched by the company CSE CybSec. Enjoy the Analysis Report NotPetya. As most of you already know I have officially presented my new Co a couple of months ago, CybSec Enterprise is its name and we already started to work on […] | NotPetya | ||
|
2017-09-07 13:00:31 | Security Specialists Discuss Identity and Access Management in the Age of Ransomware (lien direct) | Security teams should follow identity and access management (IAM) best practices to avoid widespread ransomware attacks such as WannaCry and NotPetya. | NotPetya Wannacry | ||
 |
2017-08-30 03:00:17 | One in 10 UK Companies Lack an Incident Response Plan, Says Survey (lien direct) | The damage wrought by the WannaCry and NotPetya malware outbreaks highlights the importance of organizations taking steps to strengthen their digital security defenses. But in the shadow of such high-profile attacks, the state of organizations’ security postures remains unclear. Do most companies understand the importance of their information and data assets, for example, and do […]… Read More | NotPetya Wannacry | ||
 |
2017-08-28 11:00:17 | Top Take Away From WannaCry And NotPetya Attacks – Don\'t Forget The Security Fundamentals (lien direct) | The ISBuzz Post: This Post Top Take Away From WannaCry And NotPetya Attacks – Don't Forget The Security Fundamentals | NotPetya Wannacry | ||
|
2017-08-25 01:53:36 | Easy-to-Use Apps Allow Anyone to Create Android Ransomware Within Seconds (lien direct) | "Ransomware" threat is on the rise, and cyber criminals are making millions of dollars by victimizing as many people as they can-with WannaCry, NotPetya and LeakerLocker being the ransomware threats that made headlines recently.
What's BAD? Hacker even started selling ransomware-as-a-service (RaaS) kits in an attempt to spread this creepy threat more easily, so that even a non-tech user can
|
NotPetya Wannacry | ||
|
2017-08-21 09:03:02 | NotPetya highlights cyber risk in shipping industry (lien direct) | Malware attack has shown that the shipping industry is vulnerable to cyber attacks, with Danish shipping giant Maersk reporting potential cost of up to $300m | NotPetya | ||
|
2017-08-17 14:50:12 | NotPetya Attack Costs Big Companies Millions (lien direct) | Some of the big companies hit by the NotPetya malware in late June have reported losing hundreds of millions of dollars due to the cyberattack. | NotPetya | ||
 |
2017-08-16 17:33:36 | Maersk Shipping Reports $300M Loss Stemming from NotPetya Attack (lien direct) | A.P. Moller -Maersk said June's NotPetya wiper malware attacks would cost the world's largest shipping container company $300M USD in lost revenue. | NotPetya | ||
|
2017-08-16 13:00:00 | GlobeImposter Ransomware on the Rise (lien direct) |
Ah, the summer anthem. That quintessential song that defines summertime as much as hot nights, barbeques, and beach vacations. Whether it’s the Beach Boys’ “I Get Around” (1964), Springsteen’s “Dancing in the Dark” (1984), or Pearl Jam’s “Last Kiss” (1999), the summer anthem is transcendent, yet perfectly emblematic of its time.
If InfoSec had a 2017 summer anthem, we might be hearing Taylor Swift or Drake singing about ransomware. Wouldn’t that be catchy? That’s because global ransomware campaigns like WannaCry and NotPetya have largely defined the summer season this year, and now, there’s a new ransomware remix topping the charts—GlobeImposter 2.0.
Originally detected in March 2017, GlobeImposter 2.0 targets Windows systems and is being distributed through malicious email attachments (MalSpam). In recent weeks, we’ve seen a surge in activity in the Open Threat Exchange (OTX) around GlobeImposter and its many variants. Thus, it’s important to understand how the ransomware initiates, spreads, and evades detection.
GlobeImposter Ransomware at a Glace
Distribution Method: Malicious email attachment (MalSpam)
Type: Trojan
Target: Windows systems
Variants: many (see below)
How GlobeImposter Works
The recent GlobeImposter attacks have largely been traced to MalSpam campaigns—emails carrying malicious attachments. In this case, the email messages appear to contain a .zip attachment of a payment receipt, which, in reality, contains a .vbs or .js malware downloader file.
Sample email subject lines include:
Receipt#83396
Receipt 21426
Payment-421
Payment Receipt 222
Payment Receipt#97481
Payment Receipt_8812
Receipt-351
Payment Receipt_03950
Once the attachment is downloaded and opened, the downloader gets and runs the GlobeImposter ransomware. You can get a list of known malicious domains from the GlobeImposter OTX pulse here. Note that some of the known malicious domains are legitimate websites that have been compromised.
Like other pieces of ransomware, GlobeImposter works to evade detection while encrypting your files. After encryption is complete, an HTML ransom note is dropped on the desktop and in the encrypted folders for the victim to find, including instructions for purchasing a decryptor. There are no known free decryptor tools available at this time.
You can read a detailed analysis of a sample of GlobeImposter at the Fortinet blog, here and at Malware Traffic Analysis, here.
GlobeImposter Variants on the Rise
What’s striking about the recent uptick in GlobeImposter ransomware activity is the near-daily release of new variants of the ransomware. Lawrence Abrams at BleepingComputer has a nice rundown of new GlobeImposter variants and file e |
NotPetya Wannacry APT 32 | ||
|
2017-08-16 11:30:51 | NotPetya attack cost up to $300m, says Maersk (lien direct) | Danish shipping line Maersk estimates that the NotPetya cyber attack in June cost the company up to $300m | NotPetya | ||
|
2017-08-11 14:10:58 | Ukrainian Man Arrested, Charged in NotPetya Distribution (lien direct) | Ukranian police arrested a suspect alleged to have distributed the NotPetya/ExPetr malware that ultimately infected 400 computers. | NotPetya | ||
|
2017-08-11 09:21:18 | Cyberspies Are Using Leaked NSA Hacking Tools to Spy On Hotels Guests (lien direct) | An infamous Russian-linked cyber-espionage group has been found re-using the same leaked NSA hacking tool that was deployed in the WannaCry and NotPetya outbreaks-this time to target Wi-Fi networks to spy on hotel guests in several European countries.
Security researchers at FireEye have uncovered an ongoing campaign that remotely steals credentials from high-value guests using Wi-Fi networks
|
NotPetya Wannacry | ||
|
2017-08-11 03:45:11 | Ukraine Police Arrest Man for Spreading NotPetya Ransomware in Tax Evasion Scheme (lien direct) | Ukrainian authorities have arrested a 51-year-old man from Nikopol, Dnipropetrovsk region, on accusations of distributing a version of the NotPetya ransomware. [...] | NotPetya | ||
 |
2017-08-10 15:50:00 | (Déjà vu) Ukraine police make arrest in NotPetya ransomware case (lien direct) | A 51-year-old Ukrainian national was arrested in connection with the ransomware attack | NotPetya | ||
|
2017-08-10 14:15:13 | Ukrainian Man Arrested For Distributing NotPetya Ransomware And Helping Tax Evaders (lien direct) | Ukrainian authorities have arrested a 51-year-old man accused of distributing the infamous Petya ransomware (Petya.A, also known as NotPetya) - the same computer virus that massively hit numerous businesses, organisations and banks in Ukraine as well as different parts of Europe around 45 days ago.
However, the story is not as simple as it seems, which portrayed this man as a criminal. I
|
NotPetya | ||
|
2017-08-10 07:00:45 | 68% of Infosec Pros Felt Enterprise Security Lacking after WannaCry/NotPetya Attacks, Reveals Survey (lien direct) | The WannaCry and NotPetya attacks caused disruption on a global scale in the spring and early summer of June 2017. Following those malware campaigns, businesses around the world should have heard the alarms and responded by tightening their security systems in an effort to mitigate against similar attacks in the future. But reality doesn’t always […]… Read More | NotPetya Wannacry | ||
|
2017-08-09 09:09:50 | More pseudo-ransomware attacks are probably on the way (lien direct) | In a new report examining cybersecurity trends for the quarter, it sounds like “ransomware†- emphasis on the air quotes - will remain very much in vogue through 2017. The last few months saw some major malware moments, most notably the WannaCry and NotPetya (a.k.a. ExPetr/Nyetya/Petya) attacks. Kaspersky Labs' quarterly report suggests that the trend ... | NotPetya Wannacry | ||
|
2017-08-04 18:41:04 | The Week in Ransomware - August 4th 2017 - GlobeImposter, NotPetya, and More (lien direct) | It has been a week heavily dominated by GlobeImposter variants being released here and there and smaller ransomware variants with little or no distribution. We also saw news about companies still being affected by the NotPetya attack. [...] | NotPetya | ||
|
2017-08-03 00:15:00 | Ukrainian Firm Facing Legal Action for Damages Caused by NotPetya Ransomware (lien direct) | The Juscutum Attorneys Association, a Ukrainian law firm, is rallying NotPetya victims to join a collective lawsuit against Intellect-Service LLC, the company behind the M.E.Doc accounting software, the point of origin of the NotPetya ransomware outbreak. [...] | NotPetya | ||
|
2017-08-01 14:14:29 | Pharmaceutical Giant Still Feeling NotPetya\'s Sting (lien direct) | Pharmaceutical kingpin Merck reported that operational disruptions continue more than a month after the NotPetya wiper malware attacks. | NotPetya |
To see everything:
Our RSS (filtrered)
