What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-05-16 12:52:48 | Podcast: WannaCry: It\'s The Exploits, Stupid and Parsing The Cyber Executive Order (lien direct) | In-brief: We speak  with Sean Dillon of the firm RiskSense, who helped reverse engineer DoublePulsar, the back door exploit tool used to help spread the WannaCry ransomware. We also chat with John Dickson of The Denim Group about the impact of President Trump’s Cyber Executive Order. Last week was one for the record books. For the first...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/322759738/0/thesecurityledger -->»       Related StoriesFatal Flaw Slows WannaCry Ransomware Spread, but Threats RemainReport: UK Hospitals among Victims of Massive Ransomware AttackMush and Muscle: Mixed Reaction to Trump’s Executive Order on Cyber |
Wannacry | ||
 |
2017-05-16 11:04:30 | Weeks Before WannaCry, Cryptocurrency Mining Botnet Was Using Windows SMB Exploit (lien direct) | A security researcher has just discovered a stealthy cryptocurrency-mining malware that was also using Windows SMB vulnerability at least two weeks before the outbreak of WannaCry ransomware attacks.
According to Kafeine, a security researcher at Proofpoint, another group of cyber criminals was using the same EternalBlue exploit, created by the NSA and dumped last month by the Shadow Brokers,
|
Wannacry | ||
 |
2017-05-16 10:57:35 | Seoul Cyber Experts Warn of More Attacks as North Blamed (lien direct) | More cyberattacks could be in the pipeline after the global havoc caused by the Wannacry ransomware, South Korean cybersecurity experts warned Tuesday as fingers pointed at the North. More than 200,000 computers in 150 countries were hit by the ransomware attack, described as the largest ever of its kind, over the weekend. | Wannacry | ★★★★★ | |
 |
2017-05-16 10:39:48 | WannaCry ransomware cyber-attack \'may have N Korea link\' (lien direct) | You may not have heard of the Lazarus Group, but you may be aware of its work. The devastating hack on Sony Pictures in 2014, and another on a Bangladeshi bank in 2016, have both been attributed to the highly sophisticated group. It is widely believed that the Lazarus Group worked out of China, but on behalf ... | Medical | Wannacry APT 38 | |
 |
2017-05-16 10:35:24 | Why You Should Not Pay WannaCry Ransomware (lien direct) | If you've been infected with WannaCry, you’re probably not getting your files back if you pay. About three days ago, a ransomware campaign named “Wannacry†began. If you looked only at what mainstream media is telling you, this was malware written by genius programmers who know what they are doing and is one of the […]… Read More | Wannacry | ||
|
2017-05-16 10:19:57 | Industrial Systems at Risk of WannaCry Ransomware Attacks (lien direct) | 
|
Wannacry | ★★★★ | |
 |
2017-05-16 10:05:34 | A Cryptocurrency Miner Might Have Saved Your PC From the WannaCry Ransomware (lien direct) | New evidence has revealed that nearly three weeks before the WannaCry ransomware outbreak, at least one cybercrime group was using the same NSA exploits — ETERNALBLUE and DOUBLEPULSAR — to infect computers with malware that mined for the Monero cryptocurrency. [...] | Wannacry | ||
 |
2017-05-16 08:13:45 | Shadow Brokers teases more Windows exploits and cyberespionage data (lien direct) | A group of hackers that previously leaked alleged U.S. National Security Agency exploits claims to have even more attack tools in its possession and plans to release them in a new subscription-based service.The group also has intelligence gathered by the NSA on foreign banks and ballistic missile programs, it said.The Shadow Brokers was responsible for leaking EternalBlue, the Windows SMB exploit that was used by attackers in recent days to infect hundreds of thousands of computers around the world with the WannaCry ransomware program.To read this article in full or to leave a comment, please click here | Wannacry | ||
 |
2017-05-16 08:01:19 | La Corée du Nord serait derrière l\'attaque WannaCry (lien direct) | Des indices techniques pointent vers le groupe de pirates Lazarus, connu pour le cybersabotage de Sony Pictures et qui seraient lié au régime de Pyongyang.  |
Wannacry APT 38 | ★★★★★ | |
|
2017-05-16 07:25:00 | Why WannaCry won\'t change anything (lien direct) | The tally of damage from the WannaCry ransomware attack keeps growing, but it's still not even close to bad enough to force real changes in cybersecurity. According to The New York Times, more than 200,000 machines in more than 150 countries around the world have been infected, but the responses being discussed still center around patches and passwords, updates and antivirus, backups and contingency plans. To read this article in full or to leave a comment, please click here | Wannacry | ||
 |
2017-05-16 07:21:56 | WannaCry? Do your own data analysis., (Tue, May 16th) (lien direct) | In God we trust. All others must bring data. ~Bob Rudis With endless amounts of data, technical detail, and insights on WannaCrypt/WannaCry, and even more FUD, speculation, and even downright trolling, herein is a proposal for you to do your own data-driven security analysis. My favorite book to help you scratch that itch? Data Driven Security: Analysis, Visualization and Dashboards, by Jay Jacobs Bob Rudis. A few quick samples, using WannaCry data and R, the open source programming language and software environment for statistical computing and graphics. If ever you wanted to pick up a bit of immediately useful programming, R is for you. Our good friends over at Team Cymru tweeted out a great GitHubGist WannaCry factsheet, therein are a number of useful resources, many leading to other good reads. I easily tracked down a list of malicious IPs associated with WannaCry. width:686px" /> You can always learn interesting insights from IPs and this situation is no different. In very few lines of R, we can identify and visualize the data for further insight. Ill walk you through it. First, lets pull in the libraries we need to do some IP geolocation, create a word cloud, and make said word cloud more color rich, and make a nice plot. library(rgeolocate) library(wordcloud) library(RColorBrewer) library(plotrix) We need to then read in Maxmind data (GeoLite2-Country) and call Oliver Key and @hrbrmstrs rgeolocate package file - system.file(extdata,GeoLite2-Country.mmdb, package = rgeolocate) Follow that with our malicious WannaCry IP addresses. ips - c(188.166.23.127,91.219.236.222,46.101.166.19,193.23.244.244,62.210.124.124,2.3.69.209, 144.76.92.176,91.121.65.179,146.0.32.144,148.244.38.101,91.219.237.229,50.7.161.218, 149.202.160.69,217.79.179.177,87.7.10.93,163.172.149.155,212.47.232.237,192.42.115.101, 171.25.193.9,81.30.158.223,178.62.197.82,195.22.26.248,79.172.193.32,212.47.244.98, 197.231.221.221,38.229.72.16,5.35.251.247,198.96.155.3,46.101.166.19,128.31.0.39, 213.61.66.117,23.254.167.231) Finally, we pull it all together and receive our first results file. results - maxmind(ips, file, c(continent_name, country_code, country_name width:328px" /> And in one fell swoop, we create a word cloud from our data. wordcloud(results$country_name, max.words = 100, min.freq = 1, random.order = FALSE, rot.per=0.35, colors=brewer.pal(8, Dark2 width:267px" /> Hmm, looks like most of the malicious IPs are in Germany. :-) Prefer to visualize that a different way? No problem, well run a quick count and use plotH to create a scatterplot with histogram-like bars. ct - count(results$country_name) plotH(freq~x,data=ct,ylab=Frequency,xlab=Country,col=blue width:434px" /> Give it a try for yourself. When events such as WannaCry have you frustrated and down, you can at least take data-driven security analysis in your own hands. Resources for this article: WannaCry font-size:15px">|">@holisticinfosec (c) SANS | Guideline | Wannacry | |
|
2017-05-16 05:15:38 | Shadow Brokers, Who Leaked WannaCry SMB Exploit, Are Back With More 0-Days (lien direct) | The infamous hacking collective Shadow Brokers – the one who leaked the Windows SMB exploit in public that led to last weekend's WannaCrypt menace – are back, this time, to cause more damage.
In typically broken English, the Shadow Brokers published a fresh statement (with full of frustration) a few hours ago, promising to release more zero-day bugs and exploits for various desktop and mobile
|
Wannacry | ||
 |
2017-05-16 04:30:05 | Five steps for business after WannaCry cyber attack (lien direct) | WannaCry reveals some important facts about our dependence on the internet and IT | Wannacry | ||
|
2017-05-16 03:56:26 | Apple Releases Dozens of Security Patches for Everything (lien direct) | While Windows users are currently in fear of getting their systems hijacked by the WannaCry ransomware outbreak, Apple users are sitting relaxed, thinking that malware attacks are something that happens to Windows users, and not Apple.
But you are mistaken – Apple products are also not immune to the hack attacks and malware infections, as an ebook can hack your Mac, iPhone, and iPad.
Apple
|
Wannacry | ||
|
2017-05-16 01:04:50 | Google Researcher Finds Link Between WannaCry Attacks and North Korea (lien direct) | So far, nobody had an idea that who was behind WannaCry ransomware attacks?
But now there is a clue that lies in the code.
Neel Mehta, a security researcher at Google, found evidence that suggests the WannaCry ransomware, that infected 300,000 machines in 150 countries over the weekend, is linked to a state-sponsored hacking group in North Korea, known for cyber attacks against South Korean
|
Wannacry | ||
 |
2017-05-15 22:40:55 | WannaCry Threat – 15th May Update (lien direct) | The ISBuzz Post: This Post WannaCry Threat – 15th May Update | Wannacry | ||
 |
2017-05-15 22:08:18 | Apple users advised to update their software now, as new security patches released (lien direct) | Welcome to the post-WannaCryptor world, where every computer user understands the importance of creating secure backups and applying security patches in a timely fashion. | Wannacry | ||
|
2017-05-15 21:56:21 | WannaCry Ransomware: Everything You Need To Know Immediately (lien direct) | By now I am sure you have already heard something about the WannaCry ransomware, and are wondering what's going on, who is doing this, and whether your computer is secure from this insanely fast-spreading threat that has already hacked nearly 200,000 Windows PCs over the weekend.
The only positive thing about this attack is that - you are here - as after reading this easy-to-understandable
|
Wannacry | ||
 |
2017-05-15 21:25:02 | Wanna Cry some more? Ransomware roundup special edition (lien direct) |
A special compilation of security news related to the recent Worldwide outbreak of ransomware which has caused chaos for multiple organizations.
Categories:
Cybercrime
Malware
Tags: malwareransomwarespamWanaCrypt0rWannaCryWannaCryptWCrypt
(Read more...)
|
Wannacry | ||
 |
2017-05-15 21:05:01 | The WannaCry Ransomware Has a Link to Suspected North Korean Hackers (lien direct) |  A Google researcher has identified a telltale chunk of code shared between the ransomware and malware used by suspected DPRK hackers. The post The WannaCry Ransomware Has a Link to Suspected North Korean Hackers |
Wannacry | ★★★★ | |
 |
2017-05-15 21:05:00 | Researchers Investigate Possible Connection Between WannaCry and North Korean Hacker Group (lien direct) | Google, Kaspersky Lab and Symantec all have found common code in the WannaCry malware and that of the nation-state hackers behind the mega breach of Sony. | Wannacry | ||
 |
2017-05-15 19:55:29 | How to know if your SAP systems are affected by WannaCry (lien direct) |  Implement newly released SAP Security Note: 2473454 to confirm your SAP systems are protected.
ResearchPablo Artuso05/15/2017 |
Wannacry | ||
|
2017-05-15 19:35:39 | WikiLeaks Dump Reveals CIA Malware That Can Sabotage User Software (lien direct) | While the world was busy dealing with the WannaCry ransomware outbreak, last Friday, about the time when we were first seeing a surge in WannaCry attacks, WikiLeaks dumped new files part of the Vault 7 series. [...] | Wannacry | ||
 |
2017-05-15 19:22:50 | Critical Update: WannaCry Ransomware (lien direct) | On May 12th, 2017 the ransomware WannaCry disrupted hundreds of organizations in dozens of countries. The ransomware encrypts personal and critical documents and files and demands approximately $300 USD in BitCoin currency for the victim to unlock their files. | Wannacry | ||
 |
2017-05-15 19:00:43 | WannaCry Variants Pick Up Where Original Left Off (lien direct) | Exploits spreading WannaCry ransomware have surfaced after the discovery of a killswitch put a quick halt to the initial global outbreak. | Wannacry | ||
 |
2017-05-15 19:00:14 | WannaCry – New Kill-Switch, New Sinkhole (lien direct) | Check Point Threat Intelligence and Research team has just registered a brand new kill-switch domain used by a fresh sample of the WannaCry Ransomware. In the last few hours we witnessed a stunning hit rate of 1 connection per second. Registering the domain activated the kill-switch, and these thousands of to-be victims are safe from […] | Wannacry | ||
|
2017-05-15 18:43:26 | The WannaCry Ransomware Hackers Made Some Real Amateur Mistakes (lien direct) |  Researchers say the worst ransomware epidemic ever is also poorly run, shoddily coded, and barely profitable. The post The WannaCry Ransomware Hackers Made Some Real Amateur Mistakes |
Wannacry | ★★★ | |
 |
2017-05-15 17:31:00 | Why patching Windows XP forever won\'t stop the next WannaCrypt (lien direct) | Security experts argue there would be unintended consequences were Microsoft to provide critical security updates to old operating systems. | Wannacry | ||
|
2017-05-15 17:16:58 | WannaCryptor aka WannaCry: Key questions answered (lien direct) | WannaCryptor, aka WannaCry, is one of the biggest cybersecurity stories of 2017. We've put together this Q&A, bringing together some of the key points. | Wannacry | ||
|
2017-05-15 17:15:59 | WannaCry Ransomware Attack – Analysis (lien direct) | The ISBuzz Post: This Post WannaCry Ransomware Attack – Analysis | Wannacry | ||
 |
2017-05-15 17:12:08 | Microsoft: WannaCry outbreak reveals why governments shouldn\'t hoard vulnerabilities (lien direct) |  The NSA built the exploit which was used by the WannaCry ransomware to spread. But the NSA only told Microsoft because hackers had stolen the details from them.
Understandably, Microsoft is less than impressed...
David Bisson reports.
|
Wannacry | ★★ | |
|
2017-05-15 16:57:38 | Paying the WannaCry ransom will probably get you nothing. Here\'s why. (lien direct) | Last Friday's massive WannaCry ransomware attack means victims around the world are facing a tough question: Should they pay the ransom?Those who do shouldn't expect a quick response -- or any response at all. Even after payment, the ransomware doesn't automatically release your computer and decrypt your files, according to security researchers. Â Instead, victims have to wait and hope WannaCry's developers will remotely free the hostage computer over the internet. It's a process that's entirely manual and contains a serious flaw: The hackers have no way to prove who paid off the ransom."The odds of getting back their files decrypted is very small," said Vikram Thakur, technical director at security firm Symantec. "It's better for [the victims] to save their money and rebuild the affected computers."To read this article in full or to leave a comment, please click here | Wannacry | ||
|
2017-05-15 16:57:32 | Cyberattacks Ease After Global Pushback, Putin Points Finger at U.S. (lien direct) | The world's biggest ransomware attack leveled off on Monday after wreaking havoc in 150 countries, as Russian President Vladimir Putin called it payback for the US intelligence services. | Wannacry | ★★★★ | |
 |
2017-05-15 16:52:36 | Unnecessary Doxing Of A Researcher (lien direct) | Doxing and ransomware were unfortunate bedfellows this weekend when we saw the unnecessary doxing of a researcher during the massive WannaCry ransomware outbreak. I’m pissed and I’m looking at you The Sun UK, The Daily Mail and The Telegraph. A security researcher using the Twitter handle @MalwareTechBlog became an accidental hero when he managed to […] | Wannacry | ||
 |
2017-05-15 16:30:59 | WannaCry: here\'s what we know now about the outbreak (lien direct) | As the dust settles after Friday's outbreak, things are becoming clearer and it seems this was an unsophisticated use of a sophisticated tool |
Wannacry | ||
 |
2017-05-15 15:55:29 | WannaCry 2.0 ransomware that evades the kill switch, is here to wreak havoc (lien direct) | WannaCry 2.0 ransomware ready for more destruction as it learns to combat the kill switch Never in history has a ransomware brought more than half the world’s computers to a standstill. On Friday, May 12, 2017, the computers around the world were crippled by the biggest ransomware attack known as “WannaCry†(“WanaCrypt0r 2.0†or “WannaCrypt” [...] | Wannacry | ||
 |
2017-05-15 15:35:12 | Ransomware WannaCry – Seuls les négligents ont été touchés (lien direct) |  Plus de 200 000 victimes, des centaines de milliers d'ordinateurs infectés dans 150 pays, une usine Renault fermée en France. La cyberattaque massive du weekend dernier fait la une des journaux dans le monde entier. |
Wannacry | ||
|
2017-05-15 15:33:01 | No Tears for WannaCry: Five Steps Every CISO Should Consider for Protecting Your Organization from Ransomware (lien direct) | Â Over the past few days WannaCry malicious malware variants affect hundreds of organizations across the world. This cyberattack spread primarily by exploiting a vulnerability whose manufacturer had issued a critical security update for over two months ago. While there are certainly reasons why it may take an organization some time to patch vulnerable systems, including the risk of updating live systems, two months should be plenty of time for any organization to take appropriate steps to secure their environment. With the recent malware... | Wannacry | ||
|
2017-05-15 14:27:51 | Matthew Hickey on WannaCry Ransomware Outbreak (lien direct) | Matthew Hickey, founder of HackerHouse and @hackerfantastic on Twitter, talks to Mike Mimoso about Friday's WannaCry ransomware outbreak. | Wannacry | ||
|
2017-05-15 14:23:33 | Updated: Fatal Flaw Slows WannaCry Ransomware Spread, but Threats Remain (lien direct) | In-brief: A fatal flaw in its design slowed the spread of WannaCry, a virulent ransomware program that has infected more than 100,000 organizations and individuals globally. A fatal flaw in its design slowed the spread of WannaCry, a virulent ransomware program that has infected more than 100,000 organizations and individuals globally. But...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/321599596/0/thesecurityledger -->» Related StoriesReport: UK Hospitals among Victims of Massive Ransomware AttackAnalysis of 85K Remote Desktop Hacks Finds Education, Healthcare Top TargetsPersirai Botnet: 120,000 Hacked Cameras Phoning Home To Iran |
Wannacry | ||
|
2017-05-15 13:11:56 | "Patched" WannaCry Ransomware Has No Kill-Switch (lien direct) | After researchers managed to stop the recent WannaCry ransomware outbreak by registering domains that function as kill-switches, a variant of the malware that no longer uses this function has emerged, security researchers warn. | Wannacry | ||
|
2017-05-15 13:00:40 | Someone Created a WannaCry Version That Doesn\'t Use a Kill Switch (lien direct) | On Sunday, someone tried to create a version of the WannaCry ransomware that didn't feature the kill switch domain. Fortunately, the ransomware was never released in the wild, as this appeared to be only a test. [...] | Wannacry | ||
 |
2017-05-15 12:59:04 | WannaCry, Party Like It\'s 2003 (lien direct) | Let’s take a moment to collect what we know about WannaCry (W32/WCry) and what we can learn from it. When looked at from a technical perspective, WCry (in its two binary components) has the following properties. Comprised of two Windows binaries. mssecsvc.exe: a worm that handles spreading and drops the payload. tasksche.exe: a ransomware trojan […] |
Wannacry | ||
 |
2017-05-15 12:45:53 | How I accidentally stopped a global Wanna Decryptor ransomware attack (lien direct) | A British security researcher found and pulled WannaCrypt's kill switch. | Wannacry | ||
|
2017-05-15 12:10:31 | Cyber attack: Fears of surge in ransomware infections as people return to work on Monday (lien direct) | Fears are growing that Monday could see a surge in the number of computers taken over by the devastating WannaCry ransomware hack. As people return to work and connect laptops to their office system, this could potentially spark a new wave of infections. About 200,000 victims in 150 countries or more have so far been ... | Wannacry | ★★★ | |
|
2017-05-15 12:00:01 | Microsoft Warns Governments Against Exploit Stockpiling (lien direct) | Microsoft Says WannaCry Ransomware Outbreak Should be a Wake Up Call for Governments | Wannacry | ||
|
2017-05-15 11:47:07 | Global ransomware attack could be long-awaited wake-up call (lien direct) | A failure by many organisations to take cyber security seriously has long been blamed on the lack of a single significant event to shake things up. Does WannaCry fit the bill? | Wannacry | ||
 |
2017-05-15 11:43:00 | How to defend yourself against the WannaCrypt global ransomware attack (lien direct) | All the malware's attack vectors and infection spreads are not yet known, but we do know how to protect vulnerable systems. | Wannacry | ||
|
2017-05-15 11:31:45 | WannaCry: Evolving History from Beta to 2.0 (lien direct) | The WannaCry malware was responsible for a massive infection beginning that affected organizations and systems around the world. FortiGuard Labs has been monitoring this malware carefully. We have provided an analysis of this attack, along with how to protect your organization here. Â In this blog post I'll briefly describe some of the distinct characteristics of each version of this malware, from beta to the latest 2.0 version, and share some interesting findings. Beta Version: We discovered this beta version around Feb 9th,... | Wannacry | ||
|
2017-05-15 10:30:48 | Flexera Issues New Warning About Future Ransomware Attacks Like WannaCry: Vulnerabilities Are Increasing, And Users Aren\'t Patching As Diligently (lien direct) | The ISBuzz Post: This Post Flexera Issues New Warning About Future Ransomware Attacks Like WannaCry: Vulnerabilities Are Increasing, And Users Aren't Patching As Diligently | Wannacry |
To see everything:
Our RSS (filtrered)
