SEC News

What's new arround internet

Last one

Src	Date (GMT)	Titre	Description	Tags	Stories	Notes
	2018-02-27 12:15:03	A Dozen Connecticut State Agencies Targeted by WannaCry Ransomware (lien direct)	Government officials have revealed that WannaCry ransomware affected more than 100 computers at a dozen Connecticut state agencies. According to Connecticut’s Department of Administrative Services (DAS), state officials detected the digital attack against 160 computers at 12 state agencies on 23 February. Jeffrey Beckham, a spokesperson for the agency, says that IT personnel worked on […]… Read More		Wannacry
	2018-02-18 14:29:02	Germany\'s defense minister: Cyber security is going to be the main focus of this decade. (lien direct)	On Saturday, Germany defense minister Ursula von der Leyen told CNBC that cyber attacks are the greatest challenge threatening global stability. The cybersecurity is a pillar of modern states, the string of recent massive attacks including NotPetya and WannaCry is the demonstration that we are all potential targets. Cyber attacks could hit governments, private companies and citizens in every […]		NotPetya Wannacry
	2018-02-16 15:14:03	The Destructive nature of North Korean Cyber-Attacks (lien direct)	Attacks like WannaCry and NotPetya were highly destructive on a scale never seen before. The disruption has still left some organisations suffering from the financial repercussions. The reach of the attacks shocked many within the cyber industry and just this month, Ciaran Martin, the head of the National Cyber Security Centre, warned UK organisations to ...		NotPetya Wannacry	★★
	2018-02-16 14:00:00	Things I Hearted this Week 16th Feb 2018 (lien direct)	Rolling in the bounty We hear a lot about bug bounties and how some people are potentially making a lucrative living off it. HackerOne has paid out over $24m in bounties in the last five years. That’s some serious cash, considering how far that translates into local currencies. So, they asked some of their top hackers how they spent their money. How hackers spend their bounties \| HackerOne SIM hijacking, the aftermath In last week’s roundup there was a story about SIM swapping and how T-mobile USA was sending texts to customers stating they may be victims of fraud. We often cover such stories, shake our heads and tut loudly before moving on. But Motherboard got in touch with nine victims of SIM hijacking and told their stories. It’s quite a wake-up call to the real-life impact scams and fraud can have on individuals. ‘I Lived a Nightmare:’ SIM Hijacking Victims Share Their Stories \| Motherboard Cryptocurrencies Not entirely security related news, but hey if everyone is referring to it as ‘crypto’ I can include it here right? Joseph Steinberg considers what the future holds for Bitcoin, which sits at the head of the table of cryptocurrencies today, while other currencies are nipping at its heels. Will Bitcoin become the MySpace of Cryptocurrencies? \| Joseph Steinberg Another cryptocurrency theft Italian Cryptocurrency Exchange BitGrail Lost $170 Million Worth of Nano to Hackers \| InterestingEngineering Mining stuff There are lessons to be learned from government websites serving cryptocurrency miners \| Virus Bulletin Could Bitcoin break the NHS? Latest crypto-jack attack ‘the first of many’, say experts \| Express AI recognition Chinese police are wearing sunglasses that can recognize faces. No, that’s not a plot of a movie, but what’s actually happening. Railway police in Zhengzhou, a central Chinese city, are the first in the country to use facial-recognition eyewear to screen passengers during the Lunar New Year travel rush. The devices have allegedly already helped nab seven fugitives related to major criminal cases such as human trafficking and hit-and-runs, and 26 others who were traveling with fake identities. While that may be well and good, there are some issues with facial recognition. Joy Ruolamwini, a researcher at the M.I.T. media lab, has shown how real-life biases can creep into A.I. The result is that for a white man, facial		NotPetya Wannacry
	2018-02-15 23:18:00	Lurk, le pirate russe derrière Wannacry (lien direct)	Retour sur le ransomware Wannacry. Un pirate Russe a avoué être derrière cette attaque, lui et son... Cet article Lurk, le pirate russe derrière Wannacry est diffusé par Data Security Breach.		Wannacry
	2018-02-15 14:00:00	North Korean Cyber-Attacks and Collateral Damage (lien direct)	WannaCry was incredibly destructive. The attackers made about $150,000 - but the total damage caused by WannaCry has been estimated in the billions of dollars. There is strong evidence linking WannaCry to a group of hackers known as ‘Lazarus’, reportedly operating out of the DPRK (North Korea). Whilst WannaCry is perhaps the most famous attack by Lazarus, it isn’t the only ‘collateral damage’ caused by the DPRK’s cyber actions. Below we disclose new details on three attacks that have spread out of control. Two likely originating from the DPRK - and one targeting the DPRK. The Voice of Korea and the Rivts Virus This section describes a piece of malware that may have been created within the DPRK as part of a test project - and accidentally leaked out onto the wider internet. A simple file-infector We triage many millions of malicious files automatically every day in an effort to ensure our customers are covered from new threats. One malware family we regularly see, called Rivts by antivirus vendors, was originally created in 2009 but still continues to spread. Rivts is a file-infecting worm - it spreads across USB drives and hard drives attaching itself to files to spread further. The new files we see everyday are the result of new files being infected with the original worm from 2009 - not new developments by the attacker. Overall, it’s a fairly boring file infector (or “virus”). But there was one very strange thing that caught our eye. North Korean Software As part of its initial infection process, Rivts checks for the presence of system files normally found on Windows XP to infect first. But it seems to expect two pieces of uncommon software in the Windows System folder: Below are the details of these two files, nnr60.exe and hana80.exe: Whilst the DPRK is well known for developing its own Linux based operating system, and there is evidence of some DPRK hackers using		NotPetya Wannacry Yahoo APT 38
	2018-02-15 10:00:04	Android ransomware in 2017: Innovative infiltration and rougher extortion (lien direct)	Ransomware in 2017 saw users and businesses across the globe trying to cope with campaigns such as Petya and WannaCryptor. Not to be outdone, Android ransomware had a year full of innovative infiltration and rougher extortion as highlighted by the latest ESET research whitepaper.		Wannacry
	2018-02-07 11:16:10	Increasing hacker threats to the Healthcare Industry (lien direct)	>According to a recent report from cybersecurity firm Norton, hackers stole a total of £130bn from consumers in 2017. These attacks hit over 978m victims around the world and include large scale attacks on the NHS like WannaCry. However, surprisingly, still more than a quarter of those compromised believe they are safe from future attacks. ...		Wannacry	★★★★★
	2018-02-05 04:00:45	Three Leaked NSA Exploits Rewritten to Affect All Windows OSes Since Windows 2000 (lien direct)	>The WannaCry and NotPetya outbreaks were by far among the most significant digital attack campaigns that took place in 2017. Together, the crypto-ransomware and wiper malware affected hundreds of thousands of computers all over the world. They achieved this reach by abusing EternalBlue. Allegedly developed by the U.S. National Security Agency (NSA) and leaked online […]… Read More		NotPetya Wannacry
	2018-01-29 14:00:00	Hackers Using AI? An Increase in the FUD Factor (lien direct)	It’s hard to envision hackers, whether skiddies, APTs, or anything in between, using any sort of artificial intelligence (AI) or machine learning (ML) to attack a target network. Despite the availability of these sophisticated technologies, the most simplistic attack tactics continue to work. Enterprises aren’t patching known vulnerabilities; freely available malware can run in memory un-detected; users continue to click on links they receive in email or allow macros on that innocent-looking office document; and internal network logs are often not collected and even more rarely kept for any period. if these methods work, why would adversaries turn to more complex solutions like AI or ML? Looking back on 2017, perhaps the biggest takeaway is that the most obvious methods still work. Adversaries seek the greatest mission gain with the lowest amount of resources expended and equities exposed. For example, Equifax wasn’t pwned by a fancy ZeroDay exploit or an insider with a USB drive; PII on millions of consumers wasn’t culled from S3 buckets because Amazon’s infrastructure was hacked by an APT; WannaCry wasn’t the result of a ZeroDay vulnerability; and people (amazingly) clicked Yes to download an update to Adobe Flash, giving us BadRabbit! Sticking with what works continues to pay off for all adversaries, irrespective of their resources, motives or intent. So, what’s with the fear mongering over hackers using AI and ML to attack their targets? AI (by which I mean both Machine Learning and AI in general) is the gift that keeps on giving. Most in the InfoSec community agree that AI has its place in the defense of the enterprise. The problem is that few people understand how AI works or how to best apply it, and many cybersecurity companies take advantage of this situation by making fancy sounding claims about the number of models they apply to the data or the types of mathematics they use to generate results. These claims generally go hand-in-hand with a dark-themed user interface with some sort of spinning globe or pew-pew map. And while defenders work to sift through the marketing blather and outrageous claims about cybersecurity products that use AI, some in the security world take further advantage, and extend the FUD further: what could be better to sow fear and confusion than claiming that hackers are now using AI to attack your network? The more observant in the InfoSec community have noticed that this language tends to originate with companies that stand to profit on the very same FUD that permeates the market. This FUD spreading takes on a few different forms, often by way of polls, as in, how many people believe hackers will use AI. There’s been a few of these polls where more than 50 percent of the respondents agree that this is a real threat. For the life of me, I can’t understand why. The other way is through companies that make the claim. This comes in the form of sponsored posts on various InfoSec news sites, or interviews with company executives. There have been claims made about adversaries detected and intrusions executed using AI; while this may come to pass in the future, it’s incredibly unlikely any time soon. There are simply too many ways for adversaries to attack networks and accomplish their objectives using far more simplistic and less risky tactics. An adversary who has mastered the use of AI in their operations would only use it for the hardest of the hard targets, and even then, they’re likely to find an easier way to achieve their objective. Yet, it’s important to note that the academic and security-minded research into hackers use of AI is real, and important. Adversarial machine learning is one angle. This work is important; it helps understand the cap		Wannacry Equifax
	2018-01-29 01:25:14	The problematic Wannacry North Korea attribution (lien direct)	Last month, the US government officially "attributed" the Wannacry ransomware worm to North Korea. This attribution has three flaws, which are a good lesson for attribution in general.It was an accidentThe most important fact about Wannacry is that it was an accident. We've had 30 years of experience with Internet worms teaching us that worms are always accidents. While launching worms may be intentional, their effects cannot be predicted. While they appear to have targets, like Slammer against South Korea, or Witty against the Pentagon, further analysis shows this was just a random effect that was impossible to predict ahead of time. Only in hindsight are these effects explainable.We should hold those causing accidents accountable, too, but it's a different accountability. The U.S. has caused more civilian deaths in its War on Terror than the terrorists caused triggering that war. But we hold these to be morally different: the terrorists targeted the innocent, whereas the U.S. takes great pains to avoid civilian casualties. Since we are talking about blaming those responsible for accidents, we also must include the NSA in that mix. The NSA created, then allowed the release of, weaponized exploits. That's like accidentally dropping a load of unexploded bombs near a village. When those bombs are then used, those having lost the weapons are held guilty along with those using them. Yes, while we should blame the hacker who added ETERNAL BLUE to their ransomware, we should also blame the NSA for losing control of ETERNAL BLUE.A country and its assets are differentWas it North Korea, or hackers affilliated with North Korea? These aren't the same.North Korea doesn't really have hackers of its own. It doesn't have citizens who grow up with computers to pick from. Moreover, an internal hacking corps would create tainted citizens exposed to dangerous outside ideas.Instead, North Korea develops external hacking "assets", supporting several external hacking groups in China, Japan, and South Korea. This is similar to how intelligence agencies develop human "assets" in foreign countries. While these assets do things for their handlers, they also have normal day jobs, and do many things that are wholly independent and even sometimes against their handler's interests.For example, this Muckrock FOIA dump shows how "CIA assets" independently worked for Castro and assassinated a Panamanian president. That they also worked for the CIA does not make the CIA responsible for the Panamanian assassination.That CIA/intelligence assets work this way is well-known and uncontroversial. The fact that countries use hacker assets like this is the controversial part. These hackers do act independently, yet we refuse to consider this when we want to "attribute" attacks.Attribution is politicalWe have far better attribution for the nPetya attacks. It was less accidental (they clearly desired to disrupt Ukraine), and the hackers were much closer to the Russian government (Russian citizens). Yet, the Trump administration isn't fighting Russia, they are fighting North Korea, so they don't officially attribute nPetya to Russia, but do attribute Wannacry to North Korea.Trump is in conflict with North Korea. He is looking for ways to escalate the conflict. Attributing Wannacry helps achieve his political objectives.That it was blatantly politics is demonstrated by the		Wannacry
	2018-01-23 14:00:00	OTX Trends Part 2: Malware (lien direct)	By Javvad Malik and Christopher Doman This is the second of a three part series on trends identified by AlienVault. Part 1 focused on the exploits tracked by OTX. This blog will talk about the malware, and Part 3 will discuss trends we’re seeing in threat actors. Which malware should I be most concerned about? Most security incidents that a security team will respond to involve malware. We took a look at three sources of malware telemetry to help prioritise popular malware families: Malware families AlienVault customers detect the most; Which malware domains are observed the most frequently by Cisco’s Umbrella DNS; and Malware families with the highest number of individual samples Which malware families do our customers detect the most? The following table describes the malware that we detected most frequently on our customers networks: This table represents malware detected by AlienVault as it communicates across a network, in 2017. This data is biased towards families that we have named network detections for. That means this table is a good representation of malware that is actively running on networks, though it’s important to also review other statistics on malware that has been blocked from running. The #1 ranked malware, njRat, is particularly popular in the Middle East. It’s a fairly simple .NET backdoor and Youtube is full of videos of how amateur users can deploy it. We often see it packed with a seemingly endless supply of custom packers to evade anti-virus. Whilst the vast bulk of njRat users are low-level criminals, it is also frequently used in targeted political attacks in the Middle East. A Youtube guide for using njRat The #2 ranked malware, NetWire, is primarily used by low-end criminals to steal banking details. Again, it is a freely available tool and has also been abused by targeted attackers too. The top malware we saw for Linux was China ELF DDoS. We saw little malware for Mac, though the adware MacKeeper was popular. Which malware domains are observed the most frequently? We matched known malicious domains from AlienVault OTX against Umbrella DNS’s record of the most visited domains by their customers. From that we produced this table of the “most popular malicious domains”: The column		APT33 Wannacry APT 33
	2018-01-23 05:37:52	Cybersecurity Certification Courses – CISA, CISM, CISSP (lien direct)	The year 2017 saw some of the biggest cybersecurity incidents-from high profile data breaches in Equifax and Uber impacting millions of users to thousands of businesses and millions of customers being affected by the global ransomware threats like WannaCry and NotPetya. The year ended, but it did not take away the airwaves of cybersecurity incidents, threats, data breaches, and hacks. The		NotPetya Wannacry Equifax Uber
	2018-01-09 14:00:00	Top 17 Blogs from \'17 (lien direct)	It was a great year in blogs for AlienVault! Here are the top blogs from 2017, selected by number of views from all sources. Drumroll please. Explain Bitcoin to Me by Tristan Johns. It’s an approachable but technical explanation of how Bitcoin works. MacSpy: OS X RAT as a Service by Peter Ewane. It’s about one of the first malware-as-a-service (MaaS) for OS X. Configuring Kali Linux on Amazon AWS Cloud for FREE by Irfan Shakeel. If you want to experiment with pentesting without spending money, this blog will let you know how. How Does Whonix Make Kali Linux Anonymous & How to Prevent It? by Irfan Shakeel. Learn what Whonix is and how it works, and how it can be used to go incognito while using Kali Linux. There’s also info on how to prevent folks from doing in in your corporate network. Ongoing WannaCry Ransomware Spreading Through SMB Vulnerability by AlienVault Labs. The blog details findings on WannaCry as it started in May 2017. LockCrypt Ransomware Spreading via RDP Brute-Force Attacks by Chris Doman. Best Advice for a Career in Cyber Security by Ryan Leatherbury. Ryan discusses networking, conferences, blogs, InfoSec on Twitter, hands-on tools, mentors and more! It’s Only a Hacker if It’s Linus Himself by Laureen Hudson. At AlienVault, we stick to precisely descriptive terms; we have malicious actors, we have security researchers, but unless we have the fortune to be talking about Linus himself, you’ll never see hackers in our documentation. How the Vote Hacking Was Done at DefCon25 by @notpandapants. From a guest blogger who participated. The Diebold ExpressPoll 5000 is a piece of election hardware that is compromised to the core, and creates a hacker-friendly platform for large-scale election manipulation, on multiple fronts. Interesting blog, but a little scary too. Red Teamers Can Learn Secrets by Purple Teaming by Haydn Johnson. Great guest blog by a practitioner, teaching us why Red Teamers Should “Purple Team it”. MacronLeaks – A Timeline of Events by Chris Doman. Chris discusses the implications of leaked documents and the 2017 French election. How to Prepare to Take the OSCP by Blade Soriano. Guest blogge		Wannacry
	2018-01-08 14:00:00	A North Korean Monero Cryptocurrency Miner (lien direct)	AlienVault labs recently analysed an application compiled on Christmas Eve 2017. It is an Installer for software to mine the Monero crypto-currency. Any mined currency is sent to Kim Il Sung University in Pyongyang, North Korea. The Installer copies a file named intelservice.exe to the system. The filename intelservice.exe is often associated with crypto-currency mining malware. Based on the arguments it’s executed with, it’s likely a piece of software called xmrig. It’s not unusual to see xmrig in malware campaigns. It was recently used in some wide campaigns exploiting unpatched IIS servers to mine Monero. The Installer executes Xmrig with the following command: "-o barjuok.ryongnamsan.edu.kp:5615 -u 4JUdGzvrMFDWrUUwY... -p KJU" + processorCount + " -k -t " + (processorCount -1)" The installer passes xmrig the following arguments: 4JUdGzvrMFDWrUUwY3toJATSeNwjn54LkCnKBPRzDuhzi5vSepHfUckJNxRL2gjkNrSqtCoRUrEDAgRwsQvVCjZbRy5YeFCqgoUMnzumvS is the address of the Monero wallet barjuok.ryongnamsan.edu.kp is the mining server that would receive any mined currency. The ryongnamsan.edu.kp domain indicates this server is located at Kim Il Sung University. The password, KJU, is a possible reference to Kim Jong-un Why was this application created? The hostname barjuok.ryongnamsan.edu.kp address doesn’t currently resolve. That means the software can’t send mined currency to the authors - on most networks. It may be that: The application is designed to be run within another network, such as that of the university itself; The address used to resolve but no longer does; or The usage of a North Korean server is a prank to trick security researchers. It’s not clear if we’re looking at an early test of an attack, or part of a ‘legitimate’ mining operation where the owners of		Wannacry Bithumb APT 38
	2018-01-05 14:00:00	Things I Hearted this Week 5th Jan 2018 (lien direct)	The opening of movies sets the tone for the rest of the film. Within the first few minutes you usually get an idea of the characters, whether it's a slow suspense, a drama, or action flick. If the first few days of 2018 are any indication, the IT Security world has kicked off with a dizzying Michael Bay-esque opening action sequence with rapid cuts that would rival any Edgar Wright montage. So let's jump head first right into it. Meltdown Step aside Heartbleed, and forget all about WannaCry, there's a new duo of attacks in town, complete with logos, websites, and tales of doom. Meltdown Attack, the website. Google Project Zero blog NCSC’s advice Replace CPU hardware – legit advice. Linus Torvald was not happy, and issued a strongly-worded statement Mozilla Confirms Web-Based Execution Vector for Meltdown and Spectre Attacks \| Bleeping Computer Facebook and India’s controversial National ID Database Facebook has clarified that it’s not asking new users in India for their Aadhaar information while signing up for a new Facebook account. Aadhaar is India’s biometric ID system that links the demographic information of more than a billion Indians with their fingerprints and iris scans, and stores it in a centralized government-owned database that both government agencies and private companies can access to authenticate people’s identities. The program has been slammed by critics for enabling surveillance and violating privacy. Facebook said this was a “small test” that the company ran with a limited number of Indian users, and that its goal was to help new users understand how to sign up to Facebook with their real names. It sounds an awful lot like the “wallet inspector” in the school playground that would also then keep my money safe for me. Facebook Just Clarified That It Is Not Collecting Data From India's Controversial National ID Database \|Buzzfeed Rs 500, 10 minutes, and you have access to billion Aadhaar details \| The Tribune India Trackmageddon Two researchers have disclosed problems with hundreds of vulnerable GPS services using open APIs and trivial passwords (123456), resulting in a multitude of privacy issues including direct tracking. Further, many of the vulnerable services have open directories exposing logged data. For some, the vulnerabilities discovered and disclosed by Vangelis Stykas (@evstykas) and Michael Gruhn (@0x6d696368) aren't new. They were disclosed during Kiwicon in 2015 by Lachlan Temple, who demonstrated flaws in a popular car tracking immobilization device.		Wannacry Uber
	2018-01-04 08:30:00	The 5 Motives of Ransomware (lien direct)	Who would have foreseen the impact of both WannaCry and NotPetya		NotPetya Wannacry
	2017-12-28 07:00:00	Les 10 hacks les plus marquants de l\'année 2017 (lien direct)	Shadow Brokers, WannaCry, trolls russes, CCleaner, piratage d'avionâ€¦ L'année qui s'écoule a été particulièrement riche en attaques, piratages et autres manipulations. Une diversité qui étonne et qui inquiète.		CCleaner Wannacry	★★★★
	2017-12-22 17:23:40	The Week in Ransomware - December 22nd 2017 - WannaCry, Arrests, & More (lien direct)	The holidays are upon us and that means even ransomware developers are taking some time off. This showed this week with very few ransomwareÂÂ infections being released and for the most part we have only seen new variants of existing infections.ÂÂ [...]		Wannacry
	2017-12-22 13:55:39	Industry Reactions to U.S. Blaming North Korea for WannaCry (lien direct)	The United States, Canada, Japan, Australia and New Zealand have all officially accused North Korea this week of being behind the WannaCry campaign. They join the United Kingdom, which blamed Pyongyang for the attack back in October.		Wannacry
	2017-12-21 13:20:46	North Korea Denies Role in WannaCry Ransomware Attack (lien direct)	North Korea on Thursday denied US accusations it was behind the WannaCry global ransomware cyberattack, saying Washington was demonising it.		Wannacry
	2017-12-20 17:00:44	WannaCry Attributed To North Korea (lien direct)	The ISBuzz Post: This Post WannaCry Attributed To North Korea		Wannacry
	2017-12-20 16:25:00	Attack Attribution Tricky Say Some as US Blames North Korea for WannaCry (lien direct)	There's not enough evidence to conclusively tie the rogue regime to the ransomware attacks, some security experts say.		Wannacry
	2017-12-20 12:18:46	WannaCry et Corée du Nord : Qui est Lazarus et quelles sont ses motivations ? (lien direct)	Alors que la Corée du Nord est accusée d'être directement responsable de l'attaque informatique qui a contaminé plus de 300 000 ordinateurs dans le monde en mai dernier, Proofpoint vient de publier les conclusions de ses dernières recherches mettant en lumière les activités du groupe Lazarus, l'organisation nord-coréenne pointée du doigt dans plusieurs cyberattaques majeures, dont WannaCry.		Wannacry APT 38
	2017-12-20 06:35:10	Australia, Canada, Others Blame North Korea for WannaCry Attack (lien direct)	The United States is not the only country to officially accuse North Korea this week of being behind the WannaCry ransomware campaign. Canada, Japan, Australia and New Zealand have also blamed Pyongyang for the attack.		Wannacry
	2017-12-20 04:01:33	UK government blames North Korea for WannaCry cyber attack (lien direct)	The UK and US governments say a North Korean group was responsible for the ransomware attacks that hit the NHS and other organisations globally this year		Wannacry
	2017-12-20 03:22:05	US says North Korea behind WannaCry Attack (lien direct)	The Trump Administration on Tuesday said that the government of North Korea was responsible for the cyber attack dubbed “WannaCry” that infected hospitals in the United Kingdom and hundreds of thousands of other computers globally.Â In an address at the White House, Tom Bossert,Â Assistant to the President for Homeland Security and...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/511714342/0/thesecurityledger -->»		Wannacry
	2017-12-19 19:41:16	(Déjà vu) U.S. Government Blames North Korea for WannaCry (lien direct)	The United States government is officially blaming North Korea for the WannaCry ransomware outbreak in May that infected nearly a quarter-million computers in 150 countries.		Wannacry	★★★★★
	2017-12-19 16:01:39	USA blames North Korea for WannaCry ransomware outbreak (lien direct)			Wannacry
	2017-12-19 13:39:23	U.S. blames North Korea for the massive WannaCry ransomware attack (lien direct)	>It’s official, according to Tom Bossert, homeland security adviser, the US Government attributes the massive ransomware attack Wannacry to North Korea. It’s official, the US Government attributes the massive attack Wannacry to North Korea. The news of the attribution was first reported by The Wall Street Journal,Â according to the US Government, the WannaCry attack […]		Wannacry
	2017-12-19 13:05:49	U.S. Declares North Korea Led Huge WannaCry Cyberattack (lien direct)	The United States officially accused North Korea late Monday of carrying out the massive WannaCry attack that infected some 300,000 computers in 150 countries earlier this year.		Wannacry
	2017-12-19 12:10:41	US Blames North Korea for this years WannaCry Attack (lien direct)	>The US administration believes North Korea is “directly responsible” for this years WannaCry attack, which crippled systems worldwide earlier this year. Read Full StoryÂ ORIGINAL SOURCE: BBC		Wannacry
	2017-12-19 10:59:00	Trump Adviser: North Korea Waged WannaCry Attack (lien direct)			Wannacry
	2017-12-19 04:17:02	Cyber-Attack: US blames North Korea for WannaCry (lien direct)	A White House official points the finger at Pyongyang for the WannaCry malware attack last May.		Wannacry
	2017-12-19 03:47:19	White House Officially Blames North Korea for WannaCry Ransomware Outbreak (lien direct)	In an op-ed in the Wall Street Journal, President Trump's Homeland Security Adviser Thomas Bossert has officially blamed North Korea for the WannaCry ransomware incident that devasted hundreds of thousands of computers worldwide in May this year. [...]		Wannacry
	2017-12-13 14:00:31	What Lies Ahead? Cyber-Security Predictions for 2018 (lien direct)	>Arnold H. Glasow famously quipped that â€œthe trouble with the future is that it usually arrives before we're ready for it.â€ Â The past year certainly took us by surprise when the WannaCry and Petya ransomware outbreaks hit businesses globally, causing unprecedented disruption, while serious new vulnerabilities such as BlueBorne were discovered in almost every connected […]		Wannacry
	2017-12-12 12:50:51	Security Professionals say nothing has changed since WannaCry and NotPetya (lien direct)	>Given the severe devastation WannaCry and NotPetya caused to organisations around the world, you would have thought investment and interest into beefing up defences would have increased? Well not according to the latest research by AlienVault. Having surveyed 233 IT professionals globally about how their roles have changed following these high-profile attacks, just 16% of ...		NotPetya Wannacry
	2017-12-11 14:00:00	The Impact of NotPetya and WannaCry (lien direct)	Another wake up call Every time there is a major security incident many people claim it to be the “wake up call” the incident has needed. Surely, it stands to reason that if a big enough incident occurs, people will stand up, take notice, and take the necessary steps needed to make sure it doesn’t happen again. To test out this hypothesis, we conducted a survey on Spiceworks. For those unfamiliar, Spiceworks has a large and vibrant technology community – one that extends beyond security, but is often made up of technology professionals that have varying degrees of security responsibility in their jobs. In other words, the Spiceworks community are the ‘do-ers’, the ones at the coalface – so they represent perhaps one of the best section of technologists to ask. Getting things done One would expect that in the aftermath of such high-profile and devastating attacks, IT projects would be green lit and the money would start flowing. The reality is a lot more subdued, with only 14% of respondents stating their cyber security budgets have increased, and only a fifth (20%) have been able to implement changes or projects that were previously put on hold. The flip side While budget may not be as free-flowing as one may assume, it doesn’t mean that companies have been completely negligent. 65% of respondents stated they are more up-to-date with patching than they were previously, and half say they are using threat intelligence more regularly to stay ahead of emerging threats. With a further 58% claiming to have carried out a review of their organizations cyber security posture following the attacks. This is encouraging, as it means companies are not completely ignoring the challenges they face – and are leveraging existing investments to help get their companies in a better position. Although, as the attacks have shown, prevention alone isn’t enough and it would also be prudent for organizations to focus their efforts on threat detection and response. A makeover? For IT professionals, 22% said their family and friends are more interested in hearing about their work, and 27% believe most people in their organization listen to their IT advice more than they did before. Unfortunately, it hasn’t translated to great financial rewards with 10% have experienced an increase in job offers, or managed to negotiate a pay increase following the attacks. Incident Apathy? IT Security remains a challenging environment within which to work where resilience is the key to success. The sheer number of incidents that are reported on an almost daily basis may also be a contributing factor towards organizational apathy towards incidents. While attacks cannot be prevented, and IT Security may be a cost that organizations have to bear as a price of doing business in the digital age. It doesn’t necessarily mean that there are no options. Many security fundamentals can be implemented with little capital needed to source new products. Rather the		NotPetya Wannacry
	2017-12-07 17:33:08	Kaspersky Lab : 26 % des attaques ransomware ciblent les entreprises (lien direct)	En 2017, 26,2 % des cibles du ransomware étaient des entreprises, contre 22,6 % en 2016. Cette augmentation est due en partie à trois attaques sans précédent contre des réseaux d'entreprise. Ces derniers, WannaCry, ExPetr, et BadRabbit, ont bouleversé à jamais le paysage autour de cette menace, de plus en plus virulente selon Kaspersky Lab.		Wannacry
	2017-11-28 00:00:00	Lauri Love: how reformed hackers halted the WannaCry virus (lien direct)	Lauri Love presents a compelling story of the WannaCry malware that nearly brought down the NHS, and the behind the scenes work of former hackers, and security researchers that helped to prevent lives being lost. Love is facing extradition to the US after allegedly taking part in a hacking protest over the death of internet pioneer Aaron Swartz, who faced jail for using a hidden computer to downloading academic journals at MIT.		Wannacry
	2017-11-15 13:50:59	Executive Insights: Stopping Threats Starts with Getting Back to the Basics (lien direct)	The majority of these breaches have one thing in common. IT teams are failing to practice basic security hygiene. Cybercriminals target known vulnerabilities because they know that most organizations will have failed to patch or replace their vulnerable devices. WannaCry targeted a vulnerability for which a patch had been available for months. Shame on them. But Petya followed a month later and targeted the exact same vulnerability. And millions of devices were still affected. So, shame on us.		Wannacry
	2017-11-10 09:57:21	Fighting persistent malware with a UEFI scanner (lien direct)	The biggest news in malware so far this year has been WannaCryptor a.k.a. WannaCry, and one reason that particular ransomware spread so fast was because it used a â€œtop secretâ€ exploit developed by the NSA, an agency known to have dabbled in UEFI compromise.		Wannacry
	2017-11-06 18:00:03	A week in security (October 30 – November 5) (lien direct)	Learn what happened in the world of security during the week of October 30 through November 5. Data breaches, reports, vulnerabilities, and a look at the scariest malware monsters. Categories: Security world Week in security Tags: apac cybercrime cybercriminals Estonia IRISSCON TorMoil WannaCry (Read more...)		Wannacry
	2017-10-31 12:14:23	North Korea to blame for NHS attack says UK Govt (lien direct)	>The UK government has placed the blame on North Korea for the Wannacry attacks that brought major disruption to the UK. View Full Story ORIGINAL SOURCE: The Inquirer		Wannacry
	2017-10-31 11:32:00	North Korea Denies Involvement in WannaCry Cyberattack (lien direct)	North Korea has slammed Britain for accusing it of being behind a global ransomware attack that hit the National Health Service, calling the allegation a "wicked attempt" to further tighten international sanctions against Pyongyang.		Wannacry
	2017-10-31 08:00:15	NotPetya tops list of worst ransomware attacks (lien direct)	NotPetya, WannaCry and other ransomware have caused unprecedented damage to businesses, infrastructure and users, say threat researchers		NotPetya Wannacry
	2017-10-30 12:47:14	NHS cyber attack makes you Wanna-Cry – Experts have their say (lien direct)	>We all remember the disastrous effect of Wannacry ransomware attack which spread across the world infecting more than 230,000 computers in over 150 countries. This is biggest cyber-attack to have hit the NHS IT systems in the UK so far. However, a recent report released by the National Audit Office claimed that the affected NHS ...		Wannacry	★★★★
	2017-10-27 13:59:34	UK Government links the WannaCry attack that crippled NHS to North Korea (lien direct)	>UK Government blamed North Korea for the WannaCryÂ attack that affected a third of English hospitals. “This attack, we believe quite strongly that it came from a foreign state,” Ben Wallace, a junior minister for security, told BBC Radio 4’s Today programme. “North Korea was the state that we believe was involved in this worldwide attack,” […]		Wannacry
	2017-10-27 12:50:59	Why ICSA Advanced Threat Defense for Email is So Important (lien direct)	Verizon's 2017 Data Breach Investigations Report found that two-thirds (66%) of all installed malware that successfully made its way past established defenses were delivered by email.Â This is particularly concerning as our weekly FortiGuard Labs Threat Intelligence Brief lists ransomware downloaders –typically delivered via email – as consistently among the top 5 pieces of malware in most weeks. {Update chart and excerpt closer to publication date} The reality is that while brand new attacks like WannaCry and Petya...		Wannacry
	2017-10-27 11:10:39	WannaCry Affected 34% of NHS Trusts in England, Investigation Finds (lien direct)	>An investigation into the 2017 WannaCry outbreak found that the ransomware affected 34% of National Health Service (NHS) trusts in England. Following the May 2017 attack that struck more than 200,000 organizations in at least 100 countries, the UK government’s National Audit Office (NAO) launched an inquiry into the matter. Its purpose was to determine […]… Read More		Wannacry

Last update at: 2024-05-13 16:08:13
See our sources.

To see everything: Our RSS (filtrered)