Wednesday, 5 July 2017

Developer Medoc Confirms Backdoor In Update



Ukrainian software company tax and accounting Medoc develops confirmed that attackers malicious code added to an update allowing the Petya-ransomware is installed. Initially the company denied even attackers had used the company's software to install Petya-ransomware. On Facebook , the company has been now confirms that the victim of a hack.

Previously, researchers at antivirus company ESET discovered attackers had added a backdoor on an update for Medoc which was released on June 22. The software company announced that it has developed an update that should fix the problem. The servers of the software have been seized by the police, so the update that addresses the issues and to prevent new attacks still can not be rolled. Ukrainian Police advise on Facebook to use non Medoc temporary and computers it is installed to disconnect from the network.

Test: Ten Tested Virus Scanners For MacOS



German test lab AV-Test has a new test virus put online, this time for anti-virus software for MacOS looked. The amount of new malware for MacOS is not commensurate with those for Windows. However, last year there was an increase in visible , of 819 new units in 2015 to 3033 in 2016.

Most infections MacOS is still doing for social engineering, in which users are tricked into installing malware, although some cases are known where attackers managed to add malware to legitimate programs. That there is little malware for MacOS in circulation is evident from the number of copies that malware-AV-Test used for the test. The lab works on Windows with tens of thousands of malware specimens. 184 specimens were used for the test with Mac malware.

Four products (Bitdefender, Intego, Symantec and Kaspersky Lab) were able to detect all malware instances. MacKeeper ends with a score of 85.9 percent down. Besides the detection was also the tax system looked when copying files. Then put Canimaan Software and MacKeeper down the best performance, followed by Kaspersky Lab and Symantec with one second difference. Intego slows the most systems. Finally, we looked at the false positives. In this case considers a virus if infected legitimate, clean files. During this test item was no virus in error.

Attackers Behind Petya-Ransomware Emptying Bitcoin Wallet


The attackers behind Petya-ransomware have 9,000 euros paid by victims transferred to another bitcoin wallet. That leaves Aleks Gostev on Twitter know, chief security expert at anti-virus firm Kaspersky Lab. The ransomware which last Tuesday infected several organizations showed users see a screen where they were instructed to make about $ 300 to the specified bitcoin wallet.

Unlike many other ransomware became for all victims the same bitcoin wallet used. Last night decided the attackers 9,000 victims who had paid to worry about another wallet. In addition, there appeared on Pastebin message that bitcoin 100 (225 000 euro) were asked for the decryption key to decrypt all infected systems by Petya.

However, it is unclear whether the persons who placed the Pastebin message also behind the Petya-ransomware. According to researcher Matt Suiche attackers try to confuse the public by the story Petya actually a wiper which data could again turn into a story about ransomware, let him opposite Vice Magazine know.

Cyber Security Council Wants More Companies To Be Notified Of Cyber Attack


The Cyber Security Council, the advisory body of the Cabinet when it comes to cyber security, wants more companies to be notified of a cyber attack, rather than just the vital sectors. According to Ron Moss, a member of the Council, the loss of Petya attack could have been less if companies such as APM Terminals and parcel TNT were warned before, let it faces BNR know.

In the case of the Petya-ransomware though there were no signs or information that the attack would take place, and the news was known until the outbreak had occurred. "If the attacks take place, then the damage is already done, then there is not much point to inform," said Ronald Prins of security firm Fox-IT. He points to the outbreak of the WannaCry-ransomware, which spread very rapidly. "And so there was no warning as possible."

D66 MP Kees Verhoeven endorses the opinion of the Cyber ​​Security Council and wants the government will implement it. "There could be considered a National Computer Emergency Response Team. A team which companies can exchange knowledge and information about cyber attacks." According to Verhoeven should be informed on the one hand on attacks and malware, but companies have on the other hand are structurally better prepared. "This is largely the responsibility of the companies themselves, but the government can play a supporting role. We have the National Cyber ​​Security Center. The infrastructure to do it so, but apparently works not yet."

Update


The opinion of the Cyber Security Council has now been published online ( pdf ). It calls for a nationwide system of information centers for information exchange covering all Dutch businesses. In addition, suppliers must of internet products and services have an active stance when it comes to offering safe products and have to do the simple declaration to cybercrime to the police.

Fourth Largest South Korean Bitcoin Stock Exchange Bithumb Hacked



Attackers have hacked the fourth largest South Korean bitcoin stock exchange Bithumb and data and money of users stolen. Bithumb is one of the largest exchanges where digital currency bitcoin and ethereum traded. The attackers were able to access the personal information of nearly 32,000 Bithumb users, including names, mobile phone numbers and email addresses, so let know Brave New Coin.

According to the exhibition is about three percent of the customers. Let customers know that converted stolen millions of euros to digital currency, but Bithumb suggests that the attackers had no direct access to client funds. According to the fair, the attackers managed to penetrate through the computer of an employee. The attackers would then use the stolen personal information to calling customers and to steal additional information which transactions could be carried out.

Bithumb discovered the data breach on June 29 and alerted the authorities on 30 June. More than 100 Bithumb users have been reported to the South Korean police. The exchange said the victims of the data breach will pay a fee of the equivalent of 76 euros. Users who have suffered Further damages will be compensated for as soon as the amount is confirmed, so notify South Korean media.

Friday, 21 April 2017

Cybercriminals Use NSA Exploits To Attack Servers


Cyber criminals are currently actively using the NSA exploits last week by the hacker group Shadow Brokers were made public to provide servers backdoors and possibly spreading ransomware. Let know several security researchers.

Thus Double Pulsar tool found on the various servers. The NSA would use this tool after it has been through an exploit access to a server. In addition, security reports SenseCy that there is currently a "trend" going where the leaked NSA exploits used to infect Windows Servers with ransomware. The attackers were using either a vulnerability in Windows SMB Server make that Microsoft patched in March.

Further details are not given, however, about this ransomware attacks. Earlier researcher Kevin Beaumont predicted that the NSA exploits a ransomware worm would be used. "It's the next logical step yields for worms and criminals, because the money and is easy to do," says the researcher. Beaumont says that if known exploits are currently being used to servers a backdoor provide.

Thursday, 5 May 2016

Stolen Passwords 272 Million Email Accounts Found


An American security company claims to have discovered the stolen usernames and passwords of 272 million email accounts. A large part relates to accounts of Russian mail service Mail.ru, let the company hold Security across news agency Reuters to know.

How the data is not stated precisely captured. According to Alex Holden Security Hold the stolen credentials were offered a forum for cyber criminals. He managed to get the data and verified. It turned out to be nearly 57 million Mail.ru accounts, 40 million Yahoo accounts, Microsoft 33 million accounts and nearly 24 million Gmail accounts and hundreds of thousands accounts of Chinese and German email providers.

Mail.ru, in response to the discovery launched an investigation to see which users are affected, to warn subsequently. A preliminary audit showed that did not work the leaked usernames and passwords.

Humble Bundle Offers Collection Of Books On Hacking


Humble Bundle , a platform that offers all kinds of games and books at low prices, now offers a bundle of different hacking books too. It is about 13 DRM-free books from No Starch Press with a value of $ 366. The asking price of Humble Bundle is partly determined by users.

For the first four books may include users decide what they want to pay. For the next five books must be paid at least $ 14.75. The last four books going away for at least 15 dollars. Users may also pay more. A portion of the proceeds going to charity. Also, users can choose how their money is split between the publisher and the charity.

The books are by different authors and deal with practical malware analysis, programming in Python, Designing BSD Rootkits, bitcoin, working with the Arduino and Raspberry Pi, hacking the Xbox and use the Linux command line. Meanwhile, there are 45,000 book bundles sold. The campaign will run until 11 May.

German Government Launches Test Plan For Security Routers


In order to ensure that routers that individuals and small businesses purchase are safe, the Bundesamtes für Sicherheit in der Informationstechnik (BSI), part of the German Ministry of the Interior, today a comprehensive test plan ( pdf ) launched broadband routers.

The test plan, especially for Internet service providers and manufacturers intended, which describes a secure router to meet.In this way, potential buyers can more easily compare models in the field of security with each other. According to the BSI, the security of a router, an important factor when choosing a particular manufacturer or type. The German federal government has recently abolished the so-called router obligation. Thereby German internet users can choose yourself which soon modem and router that they want to use their broadband connection.

"Routers are a central part in the digitalization and networking. They are the heart of the home network, but protect at the same time against Internet threats. The abolition of the router obligation have internet August this this year more choice in choosing their router. users should make use of this by looking at the safety when choosing a router, "said Arne Schönbohm, head of the BSI.

In the test plan different parts are discussed, such as the presence of security measures. Thus, each router must sort the BSI have a firewall and there should be no default port forwarding enabled. In addition, made several recommendations, such as the presence of an automatic update feature. Furthermore, the test plan contains examples of common vulnerabilities and attack scenarios.

UK Hospitals Receive 230,000 Euro Fine For Data Leak


A collective of UK hospitals has been fined more than 230,000 euros since it had placed the private information of staff inadvertently on its website. It was the national insurance number, date of birth, religion and sexual orientation of 6,500 employees.

The collective discovered the data breach after 10 months and had another 5 months to inform the affected employees. The information was provided voluntarily by the staff, so that collectively an annual overview of diversity and equality could publish within hospitals. The spreadsheets were found to contain hidden data simply became visible by double-clicking on a table. Because of the data breach, the UK data protection authority ICO now fined 185,000 pounds (the equivalent of more than 230,000 euros).

Anti-virus Again Caused Problems For Firefox Users



Mozilla has released an update to Firefox because anti-virus software again caused problems. Last week Firefox 46 , where several security issues were resolved. Shortly after the release of this version Firefox users complained that they did not have websites could charge more.

Users got to see only blank pages. Then Mozilla decided to discontinue the update to Firefox 46. An investigation was opened, from which it appeared that anti-virus software was the culprit. The problems resulted from the scanning of a certain directory. It is not the first time that Firefox crash and virus scanners. Early this year, Firefox proved to crash through the anti-virus software from G Data virus and made ​​sure that some users no SSL sites to visit. Updating to Firefox 46.0.1 will occur automatically on most systems.

Opera Launches Browser With Built AdBlocker




The creators of Opera today a new version launched from the browser on a built AdBlocker features. According to the developers, ad blocking an important measure to make websites load faster and reduce memory consumption.

Some popular websites would no ads 90% load faster. Browser developers, however, have done nothing to this issue, says Krystian Kolondra Opera. The browser developer wanted for his own words change this by providing a built-in Opera AdBlocker. Thereby find blocking ads at the level of the web-site engine, allowing pages to load much faster and less memory is used than in AdBlocker extensions is the case.



According to their own figures would surf with Opera's AdBlocker 62% faster than without AdBlocker. The browser uses less memory when a AdBlocker enabled. Opera users must AdBlocker in Opera 37 does switch itself. Something that can be controlled by site. Opera has been compared to Chrome or Internet Explorer a little browser. The share of Opera culminated in April, however, a revival and polite with 1.9% the highest level in more than a year. Recently let Opera know that a VPN is added to the browser.