Free Republic 3rd Quarter Fundraising Target: $88,000 Receipts & Pledges to-date: $22,973
26%  
Woo hoo!! And the first 26% is in!! Thank you all very much!! God bless.

Keyword: malware

Brevity: Headers | « Text »
  • Ukraine scrambles to contain new cyber threat after 'NotPetya' attack

    07/05/2017 1:54:00 PM PDT · by mac_truck · 2 replies
    Reuters ^ | 7/5/17 | Jack Stubbs and Matthias Williams
    The Ukrainian software firm used to launch last week's global cyber attack warned on Wednesday that all computers sharing a network with its infected accounting software had been compromised by hackers. The attack used a virus, dubbed "NotPetya" by some experts, to take down thousands of computers in dozens of countries, disrupting shipping and businesses. Investigators now say the hack may be far more nefarious than previously thought. A top official in the Ukrainian Presidential Administration said it remained unclear how many computers had been compromised and the state security service was trying to establish what the hackers would do...
  • Police seize servers of Ukrainian software firm after cyber attack

    07/05/2017 7:01:46 AM PDT · by mac_truck · 11 replies
    Reuters ^ | 7/5/2017 | Jack Stubbs and Pavel Polityuk
    Ukrainian police on Tuesday seized the servers of an accounting software firm suspected of spreading a malware virus which crippled computer systems at major companies around the world last week, a senior police official said. The head of Ukraine's Cyber Police, Serhiy Demedyuk, told Reuters the servers of M.E.Doc - Ukraine's most popular accounting software - had been seized as part of an investigation into the attack. Though they are still trying to establish who was behind last week's attack, Ukrainian intelligence officials and security firms have said some of the initial infections were spread via a malicious update issued...
  • Another Massive Ransomware Outbreak Is Going Global Fast

    06/27/2017 7:35:05 AM PDT · by MarchonDC09122009 · 89 replies
    Forbes ^ | 06/27/2017 | Thomas Fox-Brewster
    https://www.forbes.com/sites/thomasbrewster/2017/06/27/ransomware-spreads-rapidly-hitting-power-companies-banks-airlines-metro/#17b076ce7abd Another Massive Ransomware Outbreak Is Going Global Fast Security #​CyberSecurity Jun 27, 2017 @ 09:44 AM Another Massive Ransomware Outbreak Is Going Global Fast Thomas Fox-Brewster, Forbes Staff Ransomware is causing severe problems for major critical infrastructure providers today. Ukraine's government, National Bank and biggest power companies all warned of cyberattacks Tuesday. Airports and metro services in the country were also reportedly affected, though it appears they're victims of another massive ransomware outbreak that's spreading across the world fast and hitting a significant number of critical infrastructure providers.
  • Are consumer PCs safe from the Intel ME/AMT exploit? (Intel says don't worry?)

    05/04/2017 7:16:27 PM PDT · by Ernest_at_the_Beach · 2 replies
    semiaccurate.com ^ | May 3, 2017 | by Charlie Demerjian
    Analysis: Here are SemiAccurates thoughts TLDR;There is a remote control mechanism in hardware that cannot be fully disabled and you cannot get Intel hardware without it. So while this patch may fix the current vulnerability this situation points to the urgent need for hardware diversity.MondaySemiAccurate brought you news of a critical remote exploit in all 2008+ Intel CPUs. Today we will walk you through a chain of thought based on further investigation on how it could be exploited.Confidence Levels:While this is only analysis we will note that we believe this is in the wild right now. We would like to...
  • Microsoft finds bug in Intel ME

    06/10/2017 10:26:29 AM PDT · by Ernest_at_the_Beach · 35 replies
    fudzilla.com ^ | 09 June 2017 | Nick Farrell
    There is even malware exploiting it Microsoft's security team has come across a malware family that uses Intel's Active Management Technology (AMT) Serial-over-LAN (SOL) interface as a file transfer tool. Intel's AMT SOL is part of Intel's ME, a separate chip inside Intel CPUs that runs its own OS and stays on even when the main CPU is off. This makes it a rather good place for malware to hit.Inside Intel's ME, AMT SOL opens a virtual network interface which works even when the PC is turned off. This virtual network interface runs inside ME, firewalls and security products installed...
  • Chipotle says hackers stole payment card info in data breach

    05/26/2017 4:28:32 PM PDT · by Enchante · 12 replies
    Chipotle Mexican Grill Inc. said on Friday hackers used malware to steal customers card data, including account number, expiration date and internal verification codes, from payment systems at some of its restaurants over a span of three weeks.... ... The information could be used to drain bank accounts, if a debit card was used, or to make credit card purchases, said Paul Stephens, director of policy and advocacy at the nonprofit Privacy Rights Clearinghouse.
  • CIA's Windows XP to Windows 10 malware: WikiLeaks reveals Athena

    05/22/2017 1:07:19 PM PDT · by Enlightened1 · 22 replies
    ZDNET ^ | 05/22/17 | Liam Tung
    The latest file revealed in WikiLeaks' Vault 7 catalog of CIA hacking toolkit is Athena, a surveillance tool apparently designed to capture communications from Windows XP to Windows 10 machines. Details of the Athena malware are available in a document allegedly created by the CIA in November 2015. The malware is said to have been made in conjunction with US cybersecurity firm Siege Technologies, which was acquired by Nehemiah Security late last year. Athena is the ninth Vault 7 release of CIA hacking tools for mobile and desktop systems. WikiLeaks has been revealing one tool at the end of each...
  • 'Accidental hero' halts ransomware attack and warns: this is not over

    05/13/2017 9:52:01 AM PDT · by Leaning Right · 88 replies
    The Guardian ^ | May 13, 2017 | Nadia Khomami and Olivia Solon
    The accidental hero who halted the global spread of an unprecedented ransomware attack by registering a garbled domain name hidden in the malware has warned the attack could be rebooted. *snip* ...the spread of the attack was brought to a sudden halt when one UK cybersecurity researcher tweeting as @malwaretechblog, with the help of Darien Huss from security firm Proofpoint, found and inadvertently activated a kill switch in the malicious software.
  • PSA: Russian-Backed Flash Trojan Ported to macOS

    05/07/2017 9:38:28 AM PDT · by Swordmaker · 5 replies
    The Mac Observer ^ | May 7, 2017 | By Bryan Chaffin
    A Russian-backed bit of malware called Snake has been ported to macOS, according to security blog Fox-IT (via Malwarebytes Labs). Snake is a trojan disguised to look like a Flash installer, and it’s been around on Windows since 2008 and Linux since 2014.Snake Trojan on macOS Snake Trojan on macOS While malware, Snake is technically a Trojan, so it relies on tricking the user into installing it with their own password. It’s in the wild in a file named Install Adobe Flash Player.app.zip. The Snake Trojan on macOS installer is signed by a (currently) legit developer certificate issued to a...
  • Don't click that Google Doc invite, but if you did, here's what to do

    05/03/2017 3:47:57 PM PDT · by iowamark · 20 replies
    NJ.com ^ | May 03, 2017 | Spencer Kent
    You've probably heard about that treacherous phishing scheme going around the Internet masquerading as a Google Doc invitation. Worse, maybe you've fallen victim to the scam, yourself. For those still unscathed, here are a few tips to keep you nice and safe. As for all you innocent bystanders out there panicking after clicking on one of the links, don't freak out. Take a deep breath and read this carefully. We'll get through this together. First, what is it? People have been reporting getting emails from a known contact seeking to share a Google Doc with them. After clicking the invite...
  • New macOS malware OSX/Dok requires a lot of manual steps

    05/01/2017 10:29:18 AM PDT · by Swordmaker · 5 replies
    MacWorld ^ | May 1, 2017 | By Glenn Fleishman
    OSX/Dok is now blocked, but it didnt rely on any system exploits to install. Check Point, a security analysis firm, posted an alarming blog entry on Thursday about a new malicious macOS Trojan horse that appeared able to bypass Apples protections and could hijack and sniff all the traffic entering and leaving a Mac without a users knowledge. This would include SSL/TLS encrypted connections, because the malware installs a local digital certificate that overrides normal man-in-the-middle warnings and protections. The malware, called OSX/Dok by Check Point, spreads via a phishing attack that Check Point says mostly targets European users. One...
  • This anime malware holds your files ransom until you beat a game's ludicrous score

    04/14/2017 8:17:14 PM PDT · by TigerLikesRooster · 6 replies
    PC Gamer ^ | Apr. 10, 2017 | Mat Paget
    This anime malware holds your files ransom until you beat a game's ludicrous score By Mat Paget 5 days ago If you download Rensenware, you better be ready to get really dang good at playing Touhou Seirensen There's a lot of nonsense on the internet about whether anime is "good" or "a mistake," but this story definitely makes me lean a little towards the latter. A new malware called Rensenware is somewhat of a joke on Ransomeware, a type of malware that holds your files ransom until you pay the hacker a certain amount of money. Rensenware, however, hold your...
  • Star Trek Themed Kirk Ransomware and a Spock Decryptor!

    03/17/2017 5:13:53 PM PDT · by LouieFisk · 9 replies
    Bleeping Computer ^ | March 16, 2017 | Lawrence Abrams
    Boldly going where no man has gone before, the Kirk Ransomware brings so much nerdy goodness to the table that it could make anyone in IT interested. We have Star Trek, Low Orbital Ion Cannons, a cryptocurrency payment other than Bitcoin, and a decryptor named Spock! Need I say more? Discovered today by Avast malware researcher Jakub Kroustek, the Kirk Ransomware is written in Python and may be the first ransomware to utilize Monero as the ransom payment of choice.
  • Preinstalled Malware Targeting Mobile Users (Android)

    03/14/2017 9:59:05 AM PDT · by Swordmaker · 7 replies
    CheckPoint ^ | March 14, 2017 | by Oren Koriat, Check Point Mobile Research Team
    The Check Point Mobile Threat Prevention has recently detected a severe infection in 36 Android devices, belonging to a large telecommunications company and a multinational technology company. While this is not unusual, one detail of the attacks stands out. In all instances, the malware was not downloaded to the device as a result of the users use, it arrived with it.According to the findings, the malware were already present on the devices even before the users received them. The malicious apps were not part of the official ROM supplied by the vendor, and were added somewhere along the supply...
  • Coincidence or were the Clintons in on Communications Monitoring of Trump & His Advisers

    03/07/2017 5:41:07 AM PST · by ReformedMedia · 6 replies
    The Washington Standard ^ | 03-07-2017 | Tim Brown
    Either this is an incredible coincidence or, more likely, Bill and Hillary Clinton were in on monitoring President Donald Trump and some of his advisers. Bill Clinton met secretly with then Attorney General Loretta Lynch at thePhoenix Sky Harbor International Airport on June 27, 2016. This occurred around the same time the Obama administration filed a request with theForeign Intelligence Surveillance Court (FISA) to monitor communications involving Donald Trump and several advisers. DC Whispers reported on Sunday: Today (Sunday) Obama operatives were out in full force, as predicted, spinning deflection to a compliant Mainstream Media. The gist of this deflection...
  • Vault 7: CIA Hacking Tools Revealed

    03/07/2017 5:39:22 AM PST · by MNDude · 51 replies
    Today, Tuesday 7 March 2017, WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency. Code-named "Vault 7" by WikiLeaks, it is the largest ever publication of confidential documents on the agency. The first full part of the series, "Year Zero", comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence in Langley, Virgina. It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election. Recently, the CIA lost control of the majority of its hacking...
  • New macOS ransomware spotted in the wild

    02/22/2017 5:15:34 PM PST · by Swordmaker · 10 replies
    Macworld ^ | February 22, 2017 | By Lucian Constantin
    The programs creator asks for payments but doesnt have the encryption key to unlock victims files A new file-encrypting ransomware program for macOS is being distributed through BitTorrent websites, and users who fall victim to it wont be able to recover their files, even if they pay. Crypto ransomware programs for macOS are rare. This is the second such threat found in the wild so far, and its a poorly designed one. The program was named OSX/Filecoder.E by the malware researchers from antivirus vendor ESET who found it. OSX/Filecoder.E masquerades as a cracking tool for commercial software like Adobe Premiere...
  • Adobe Issues Critical Security Update for Flash Player on Mac

    02/17/2017 11:48:41 AM PST · by Swordmaker · 12 replies
    MacRumors ^ | Friday February 17, 2017 5:51 AM PST | by Joe Rossignol
    Adobe this week released Flash Player version 24.0.0.221 to "address critical vulnerabilities that could potentially allow an attacker to take control of the affected system," including Mac, Windows, Linux, and Chrome OS. Mac users with Flash Player version 24.0.0.194 or earlier installed should immediately update to the latest version using the built-in update mechanism. The update is also available from the Adobe Flash Player Download Center. Flash Player users who had enabled the option to "allow Adobe to install updates" will receive the update automatically. Likewise, Google Chrome will automatically update Flash Player to version 24.0.0.221. Select "About Google Chrome"...
  • Russian cyberspies blamed for U.S. election hacks are now targeting Macs

    02/14/2017 6:28:55 PM PST · by Swordmaker · 13 replies
    Macworld ^ | FEB 14, 2017 10:45 AM PT | By Lucian Constantin
    Security researchers found a macOS version of the X-Agent malware used by the APT28 cyberespionage Security researchers have discovered a macOS malware program thats likely part of the arsenal used by the Russian cyberespionage group blamed for hacking into the U.S. Democratic National Committee last year. The group, which is known in the security industry under different names, including Fancy Bear, Pawn Storm, and APT28, has been operating for almost a decade. It is believed to be the sole user and likely developer of a Trojan program called Sofacy or X-Agent. X-Agent variants for Windows, Linux, Android, and iOS have...
  • Mac malware, possibly made in Iran, targets US defense industry (Doesn't work)

    02/07/2017 10:57:59 PM PST · by Swordmaker · 16 replies
    MacDailyNews ^ | Tuesday, February 7, 2017 4:50 pm
    Just because youre using a Mac doesnt mean youre safe from hackers, Michael Kan reports for IDG News Service. Thats what two security researchers are warning, after finding a Mac-based malware that may be an attempt by Iranian hackers to target the U.S. defense industry. The malware, called MacDownloader, was found on a website impersonating the U.S. aerospace firm United Technologies, according to a report from Claudio Guarnieri and Collin Anderson, who are researching Iranian cyberespionage threats, Kan reports. The fake site was previously used in a spear phishing email attack to spread Windows malware and is believed to be...