Cyber Security

User avatar
RTH10260
Posts: 15904
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#51

Post by RTH10260 » Thu Sep 24, 2015 9:03 am

Millions of fingerprints stolen in US government hack

Katherine Archuleta

Hackers who breached US government networks stole far more fingerprint records than first thought, officials have said.

In a statement, the White House said more than 5.6 million fingerprint records were stolen from the Office of Personnel Management (OPM).
An initial investigation suggested only 1.1 million were lost.

The OPM acts as the personnel office for the US government and keeps records on 21.5 million federal staff.

Identity risk
The OPM attack was uncovered in April this year and saw attackers make off with ID and security clearance information about US government staff. Social security numbers, names, addresses, health, financial and biometric data were all taken.

Fingerprint records were also stolen and the continuing investigation into the breach has revealed that far more went missing than initially thought.
http://www.bbc.com/news/technology-34346802



User avatar
Addie
Posts: 24886
Joined: Mon Jun 15, 2009 6:22 am
Location: downstairs

Re: Cyber Security

#52

Post by Addie » Fri Oct 16, 2015 12:38 pm

TIME
Hacker Suspected of Handing U.S. State Data to ISIS Arrested in Malaysia

He will be extradited to the U.S., where he faces up to 35 years in prison

Malaysian authorities have arrested a hacker from Kosovo who allegedly provided the Islamic State of Iraq and Greater Syria (ISIS) with the private information of more than a thousand U.S. security officials, according to a statement released by the U.S. Department of Justice on Thursday night.

The suspect, 20-year-old Ardit Ferizi, was living in Kuala Lumpur, where he had been studying computer science and forensics since August 2014. Officials believe that he led a Kosovar hacking group called Kosovar Hackers Security (KHS), which knew him by the moniker Th3Dir3ctorY.

Between June and August, the Department of Justice said, Ferizi gave Junaid Hussein, a prominent ISIS leader in Syria originally from the U.K., an unspecified volume of personal data he obtained by hacking a U.S. government server based in Phoenix, Ariz. On Aug.11, Hussein — who died in an airstrike in the city of Raqqah later that month, according to an affidavit — publicly shared a definitive 30-page document that listed the names, e-mail addresses and passwords, locations, and phone numbers of 1,351 U.S. military and government personnel.

The document’s target audience was allegedly ISIS supporters in the U.S. who could use its information to locate and attack the individuals listed.


¡Qué vergüenza!

User avatar
Addie
Posts: 24886
Joined: Mon Jun 15, 2009 6:22 am
Location: downstairs

Re: Cyber Security

#53

Post by Addie » Mon Apr 25, 2016 8:16 am

New York Times
ISIS Targeted by Cyberattacks in a New U.S. Line of Combat

LONDON — The United States has opened a new line of combat against the Islamic State, directing the military’s six-year-old Cyber Command for the first time to mount computer-network attacks that are now being used alongside more traditional weapons.

The effort reflects President Obama’s desire to bring many of the secret American cyberweapons that had been aimed elsewhere, notably at Iran, into the fight against the Islamic State — which has proved effective in using modern communications and encryption to recruit and carry out operations.

The National Security Agency, which specializes in electronic surveillance, has for years listened intensely to the militants of the Islamic State, and those reports are often part of the president’s daily intelligence briefing. But the N.S.A.’s military counterpart, Cyber Command, was focused largely on Russia, China, Iran and North Korea — where cyberattacks on the United States most frequently originate — and had run virtually no operations against what has become the most dangerous terrorist organization in the world. ...

The goal of the new campaign is to disrupt the ability of the Islamic State to spread its message, attract new adherents, circulate orders from commanders and carry out day-to-day functions, like paying its fighters. A benefit of the administration’s exceedingly rare public discussion of the campaign, officials said, is to rattle the Islamic State’s commanders, who have begun to realize that sophisticated hacking efforts are manipulating their data. Potential recruits might also be deterred if they come to worry about the security of their communications with the militant group.


¡Qué vergüenza!

User avatar
Addie
Posts: 24886
Joined: Mon Jun 15, 2009 6:22 am
Location: downstairs

Re: Cyber Security

#54

Post by Addie » Fri May 13, 2016 1:19 pm

Bloomberg
Hackers Target Think Tanks to Get a Peek at U.S. Government Strategy

Foreign hackers are going after the wonks.

Cyber criminals are targeting policy groups and nongovernmental organizations to get a leg up on U.S. government strategy, according to an executive at cybersecurity company CrowdStrike Inc. Such "nation-state" hackers, often tied to governments including China or Russia, want advanced intelligence on U.S. policy, said Shawn Henry, chief security officer of the Irvine, California-based company.

"They want to know what the thought leaders in the United States are considering, what they’re debating,” Henry, who oversaw the FBI’s global cyber investigations before retiring in 2012, said in an interview in Arlington, Virginia. "They’re looking for how policy is being designed. They’re looking at how senior leaders or former senior leaders are advising existing senior leaders -- what the emerging issues are, how the U.S. government is going to implement certain strategy."

While Henry wouldn’t provide specifics on targets, Washington has many so-called think tanks and interest groups staffed by former government officials and analysts who stay in close touch with current policy makers.

Foreign cyberthreats are also increasing from the Middle East. CrowdStrike is tracking "a number of Iranian campaigns," targeting the U.S. energy sector and telecommunications industries, Henry said. It’s also monitoring a group aligned with Islamic State militants that’s been eyeing U.S. critical infrastructure.


¡Qué vergüenza!

User avatar
mimi
Posts: 31119
Joined: Tue Jan 27, 2009 12:01 am

Re: Cyber Security

#55

Post by mimi » Tue Aug 16, 2016 3:22 pm

I don't know which topic to put this under... so I'm putting it here.


Hackers Claim to Hit NSA-Linked Super-Cyberespionage Group

By Lee Ferran

Aug 16, 2016, 12:11 PM ET

excerpts:
Cybersecurity experts were abuzz Monday after a group calling itself the Shadow Brokers claimed in stilted English in messages online to have hacked the Equation Group. The Equation Group was revealed last February to be an extremely high-level veteran hacking squad with "solid links" to the creators of the cyber superweapon Stuxnet, which was reportedly used in a joint NSA-Israeli intelligence operation that targeted an Iranian nuclear facility.
The hackers said that they are auctioning off the best cybertools — "better than Stuxnet" — to the highest bidder and that if the auction raises a total of more than 1 million bitcoins — worth more than $560 million — they will dump more Equation Group files online to the public.

Cybersecurity experts were initially split on whether the hack was legitimate, but after initial analysis of some teaser code released by the Shadow Brokers, some have come to the conclusion that at least those tools appear to be real.
Like some others who analyzed the teaser code, Snowden noted that the date references appear to end in 2013, the same year he walked out of the NSA with a huge cache of data on NSA operations so he could expose what he believed were illegal or unconstitutional surveillance programs. He said that's no coincidence; the NSA would have "migrated offensive operations to new servers as a precaution" and unknowingly cut off the mysterious hackers' access.

"You're welcome, @NSAGov. Lots of love," Snowden tweeted.
read it here:
http://abcnews.go.com/International/hac ... d=abcn_tco


snowden's twitter timeline:
https://twitter.com/Snowden/with_replies



User avatar
Addie
Posts: 24886
Joined: Mon Jun 15, 2009 6:22 am
Location: downstairs

Re: Cyber Security

#56

Post by Addie » Fri Dec 09, 2016 11:26 am

Reuters
Obama orders review of cyber attacks on 2016 election: adviser

U.S. President Barack Obama ordered intelligence agencies to review cyber attacks and foreign intervention into the 2016 election and deliver a report before he leaves office on Jan. 20, homeland security adviser Lisa Monaco said on Friday.

Monaco told reporters the results of the report would be shared with lawmakers and others.

“The president has directed the intelligence community to conduct a full review of what happened during the 2016 election process … and to capture lessons learned from that and to report to a range of stakeholders, to include the Congress,” Monaco said during an event hosted by the Christian Science Monitor.

Monaco said cyber attacks were not new but might have crossed a “new threshold” this year.


¡Qué vergüenza!

User avatar
Addie
Posts: 24886
Joined: Mon Jun 15, 2009 6:22 am
Location: downstairs

Re: Cyber Security

#57

Post by Addie » Fri Dec 30, 2016 8:31 pm

Updated:

Fortune
Russian Malware Found At Vermont Electric Company, But Accusations of “Fake News” Fly ...

The Post has since updated its headline to remove references to the power grid being “penetrated,” since it wasn’t. But observers, particularly those further to both the left and right ends of the political spectrum, are still crying foul.
--------------------------

WaPo
Russian hackers penetrated U.S. electricity grid through a utility in Vermont

A code associated with the Russian hacking operation dubbed Grizzly Steppe by the Obama administration has been detected within the system of a Vermont utility, according to U.S. officials.

While the Russians did not actively use the code to disrupt operations of the utility, according to officials who asked for anonymity in order to discuss a security matter, the penetration of the nations electrical grid is significant because it represents a potentially serious vulnerability. Government and utility industry officials regularly monitor the nations electrical grid because it is highly computerized and any disruptions can have disastrous implications for the function of medical and emergency services.

American officials, including one senior administration official, said they are not yet sure what the intentions of the Russians might have been. The penetration may have been designed to disrupt the utilitys operations or as a test by the Russians to see whether they could penetrate a portion of the grid. Federal officials have shared the malware code used in Grizzly Steppe with utility executives nationwide, a senior administration official said, and Vermont utility officials identified it within their operations.

According to a report by the FBI and the Department of Homeland Security, the hackers involved in the Russian operation used fraudulent emails that tricked their recipients into revealing passwords.


¡Qué vergüenza!

User avatar
Sugar Magnolia
Posts: 8977
Joined: Sun Apr 01, 2012 6:44 am

Re: Cyber Security

#58

Post by Sugar Magnolia » Sat Dec 31, 2016 4:22 am

A question for the computer geniuses. If (as it seems to be) the weakest point is user stupidity of clicking on links or other stuff that gives up passwords or grants access, why can't clicking on links be disabled? You can't usually make long-distance calls from a work phone without some special process or code, so why not add that extra step to email? It seems to me that even hitting 'reply' could be strengthened by alerting you if the visible return address and the address it's actually going to don't match or something. Of course, I only got a smart phone in August so I'm not the most technologically advanced user, those just seem like simple fixes to me. For all I know, they already exist and people just by-pass or ignore them.



User avatar
Foggy
Posts: 25625
Joined: Tue Jan 20, 2009 12:00 pm
Location: Fogbow HQ
Occupation: Dick Tater

Re: Cyber Security

#59

Post by Foggy » Sat Dec 31, 2016 9:18 am



... and how does that make you feel?
What is it you are trying to say?
:think:

User avatar
SueDB
Posts: 27756
Joined: Thu Sep 30, 2010 2:02 pm
Location: FEMA Camp PI Okanogan, WA 98840

Re: Cyber Security

#60

Post by SueDB » Sat Dec 31, 2016 1:13 pm

One problem is that you have to know in advance if it's a dangerous link. It's called "zero day". It's the day that the schmucks field the code/link/etc before anyone (security companies) has a chance to list it in the security programs (Norton etc). You are and always will be one step behind the hackers/script kiddies etc.

At one business, we blocked all IP addys from China (lots came from public school IPs), Russia, the Netherlands (Spammers) etc (and anybody else we were pissed off at) right at the firewall.

The firewall logs showing the ip etc of folks trying to "ping" the firewall were endless and world wide. Lots were from China and Russia though. I suppose now days there are many from the Islamic countries and India.


“If You're Not In The Obit, Eat Breakfast”

Remember, Orly NEVAH disappoints!

User avatar
Sugar Magnolia
Posts: 8977
Joined: Sun Apr 01, 2012 6:44 am

Re: Cyber Security

#61

Post by Sugar Magnolia » Sat Dec 31, 2016 1:16 pm

SueDB wrote:One problem is that you have to know in advance if it's a dangerous link. It's called "zero day". It's the day that the schmucks field the code/link/etc before anyone (security companies) has a chance to list it in the security programs (Norton etc). You are and always will be one step behind the hackers/script kiddies etc.

At one business, we blocked all IP addys from China (lots came from public school IPs), Russia, the Netherlands (Spammers) etc (and anybody else we were pissed off at) right at the firewall.

The firewall logs showing the ip etc of folks trying to "ping" the firewall were endless and world wide. Lots were from China and Russia though. I suppose now days there are many from the Islamic countries and India.
I was more suggesting blocking the ability to click on ANY external link. Make them take an extra step or two instead of just clicking on something.



User avatar
RTH10260
Posts: 15904
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#62

Post by RTH10260 » Sat Dec 31, 2016 1:53 pm

Sugar Magnolia wrote:
SueDB wrote:One problem is that you have to know in advance if it's a dangerous link. It's called "zero day". It's the day that the schmucks field the code/link/etc before anyone (security companies) has a chance to list it in the security programs (Norton etc). You are and always will be one step behind the hackers/script kiddies etc.

At one business, we blocked all IP addys from China (lots came from public school IPs), Russia, the Netherlands (Spammers) etc (and anybody else we were pissed off at) right at the firewall.

The firewall logs showing the ip etc of folks trying to "ping" the firewall were endless and world wide. Lots were from China and Russia though. I suppose now days there are many from the Islamic countries and India.

I was more suggesting blocking the ability to click on ANY external link. Make them take an extra step or two instead of just clicking on something.
Go back to the days of plain text mail. Drop HTML formatted mail. ;)



User avatar
SueDB
Posts: 27756
Joined: Thu Sep 30, 2010 2:02 pm
Location: FEMA Camp PI Okanogan, WA 98840

Re: Cyber Security

#63

Post by SueDB » Sat Dec 31, 2016 2:54 pm

Sugar Magnolia wrote:
SueDB wrote:One problem is that you have to know in advance if it's a dangerous link. It's called "zero day". It's the day that the schmucks field the code/link/etc before anyone (security companies) has a chance to list it in the security programs (Norton etc). You are and always will be one step behind the hackers/script kiddies etc.

At one business, we blocked all IP addys from China (lots came from public school IPs), Russia, the Netherlands (Spammers) etc (and anybody else we were pissed off at) right at the firewall.

The firewall logs showing the ip etc of folks trying to "ping" the firewall were endless and world wide. Lots were from China and Russia though. I suppose now days there are many from the Islamic countries and India.
I was more suggesting blocking the ability to click on ANY external link. Make them take an extra step or two instead of just clicking on something.
Shades of Microsoft - """Do you really want to do this??"""
Adds an extra click or two and another annoying dialog box - too much work for most folks.


“If You're Not In The Obit, Eat Breakfast”

Remember, Orly NEVAH disappoints!

User avatar
Notorial Dissent
Posts: 9488
Joined: Thu Oct 17, 2013 8:21 pm

Re: Cyber Security

#64

Post by Notorial Dissent » Sat Dec 31, 2016 3:09 pm

While I agree that blocking that sort of thing would probably be optimum, the big problem is that a lot of business is carried on by sending document files through email and that is only going to increase, that being said, there are a lot of people in positions who SHOULD NOT be getting emails that require them to open a file or click a link, and those should be blocked from doing so. I am far enough out of the field now to not know if it is possible to actually do that. The plain fact of it though is that some people will click on a link or file if it is offered to them whether they know the sender or not. It is a stupid people trick at its finest.


The fact that you sincerely and wholeheartedly believe that the “Law of Gravity” is unconstitutional and a violation of your sovereign rights, does not absolve you of adherence to it.

User avatar
RTH10260
Posts: 15904
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#65

Post by RTH10260 » Sat Apr 15, 2017 12:10 am

Based on the recently announced leak of CIA/NSA hacking tools
Leaked NSA exploits plant a bull's-eye on Windows Server
A hacking group leaked spying tools on Friday that can target older versions of Windows

By Michael Kan
U.S. Correspondent, IDG News Service | APR 14, 2017 5:50 PM PT

Friday’s release of suspected NSA spying tools is bad news for companies running Windows Server. The cyberweapons, which are now publicly available, can easily hack older versions of the OS.

The Shadow Brokers, a mysterious hacking group, leaked the files online, setting off worries that cybercriminals will incorporate them in their own hacks.

“This leak basically puts nation-state tools into the hands of anyone who wants them,” said Matthew Hickey, the director of security provider Hacker House.

He’s been among the researchers looking over the files and has found they contain about 20 different Windows-based exploits -- four of which appear to leverage previously unknown software vulnerabilities.

Each exploit works as a program that takes advantage of a security flaw. Researchers are still examining the leaked files, but the exploits appear to work on older Windows versions including NT, XP and Windows 7.

However, computers running Windows Server are particularly at risk, Hickey said. That’s because the exploits are generally designed to leverage vulnerabilities in a machine’s online server functions.
http://www.pcworld.com/article/3190204/ ... erver.html



User avatar
RTH10260
Posts: 15904
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#66

Post by RTH10260 » Sat Apr 15, 2017 9:35 am

Same, but different source
Hackers have just dumped a treasure trove of NSA data. Here’s what it means.
By Henry Farrell April 15 at 8:00 AM

A group of hackers called the Shadow Brokers has just released a new dump of data from the National Security Agency. This is plausibly the most extensive and important release of NSA hacking tools to date. It’s likely to prove awkward for the U.S. government, not only revealing top-secret information but also damaging the government’s relationships with U.S. allies and with big information technology firms. That is probably the motivation behind the leak: The Shadow Brokers are widely assumed to be connected with the Russian government. Here’s what the dump means.

The release is only the most recent in a series of Shadow Broker dumps of information. However, it is by far the most substantial, providing two key forms of information. The first is a series of “zero-day exploits” for Microsoft Windows software. Zero-day exploits are attacks that take advantage of unknown vulnerabilities in a given software package. Exploits against commonly used software such as Windows are highly valuable — indeed, there is a clandestine international market where hackers sell exploits (sometimes through middlemen) to intelligence agencies and other interested parties, often for large sums of money. Intelligence services can then use these exploits to compromise the computers of their targets.

Second, information in the dump seems to show that the NSA has penetrated a service provider for SWIFT, an international financial messaging service. Specifically, it appears to have penetrated a SWIFT Service Bureau that provides support for a variety of banks in the Middle East.

The leak of the zero-day exploits is important for two reasons. First, once the existence of a zero-day exploit is revealed, it rapidly loses a lot of its value. Zero-day exploits work reliably only when they are held secret. Microsoft may already have fixed many of these vulnerabilities (there are conflicting reports from Microsoft and security companies). However, if it hasn’t, or if the attacks provide information to hackers that can be used to generate more attacks, unscrupulous hackers might be able to take advantage. In a worst-case scenario, there may be a period when it’s as if criminal hackers suddenly acquired super powers in an explosion, as in the TV show “The Flash,” and started using them for nefarious ends.

Second, and as a consequence, trust between the United States and big software companies may be seriously damaged. Some weeks ago, Adam Segal of the Council on Foreign Relations wrote a report talking about how the U.S. government needs to rebuild a relationship with Silicon Valley that had been badly damaged by the Edward Snowden revelations. Now, the damage is starting to mount up again.
https://www.washingtonpost.com/news/mon ... -it-means/



User avatar
Slartibartfast
Posts: 6982
Joined: Mon Aug 10, 2009 2:52 pm

Re: Cyber Security

#67

Post by Slartibartfast » Sun Apr 16, 2017 7:27 pm

I'm sure that the effect of delegitimizing the groups that are investigating Russia's interference in the election is just coincidence.

Right?

:?


"Strategy without tactics is the slowest route to victory. Tactics without strategy is the noise before defeat."
---Sun Tzu (quoting Thomas Jefferson)
nam-myoho-renge-kyo---Thomas Jefferson (quoting Slartibartfast)

User avatar
Addie
Posts: 24886
Joined: Mon Jun 15, 2009 6:22 am
Location: downstairs

Re: Cyber Security

#68

Post by Addie » Fri May 12, 2017 6:06 pm

CNN
Massive ransomware attack hits 99 countries

Tens of thousands of ransomware attacks are targeting organizations around the world on Friday.

Cybersecurity firm Avast said it has tracked more than 75,000 attacks in 99 countries. It said the majority of the attacks targeted Russia, Ukraine and Taiwan. ...

The ransomware locks down all the files on an infected computer and asks the computer's administrator to pay in order to regain control of them.

The ransomware, called "WannaCry," is spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. But computers and networks that haven't updated their systems are at risk. The exploit was leaked last month as part of a trove of NSA spy tools. ...

Sixteen National Health Service (NHS) organizations in the UK have been hit, and some of those hospitals have canceled outpatient appointments and told people to avoid emergency departments if possible. Spanish telecom company Telefónica was also hit with the ransomware. ...

"It is going to spread far and wide within the internal systems of organizations -- this is turning into the biggest cybersecurity incident I've ever seen," UK-based security architect Kevin Beaumont said.


¡Qué vergüenza!

User avatar
RTH10260
Posts: 15904
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#69

Post by RTH10260 » Fri May 12, 2017 7:08 pm

I hope everyone has installed the patch that came down the internet a couple of days ago for MS Windows operating systems!
A Vicious Microsoft Bug Left a Billion PCs Exposed

MICROSOFT’S SECURITY TEAM had a busy weekend.

On Friday night, security researcher Tavis Ormandy of Google’s Project Zero announced on Twitter that he had found a Windows bug. Well, not just any bug. It was “crazy bad,” Ormandy wrote. “The worst Windows remote code exec in recent memory.” By Monday night, Microsoft had released an emergency patch, along with details of what the vulnerability entailed. And yes, it was every bit as scary as advertised.

That’s not only because of the extent of the damage hackers could have done, or the range of devices the bug affected. It’s because the bug’s fundamental nature underscores the vulnerabilities inherent in the very features meant to keep our devices safe.

Bad Bug

What made this particular bug so insidious was that it would have allowed hackers to target Windows Defender, an antivirus system that Microsoft builds directly into its operating system. That means two things: First, that it impacted the billion-plus devices that have Windows Defender installed. (Specifically, it took advantage of the Microsoft Malware Protection Engine that underpins several of the company’s software security products.) Second, that it leveraged that program’s expansive permissions to enable general havoc, without physical access to the device or the user taking any action at all.

“This was, in fact, crazy bad,” says Core Security systems engineer Bobby Kuzma, echoing Ormandy’s original assessment.
https://www.wired.com/2017/05/vicious-m ... s-exposed/

PS. not related to the attack mentioned above.



User avatar
MRich
Posts: 719
Joined: Sun Aug 22, 2010 4:07 pm

Re: Cyber Security

#70

Post by MRich » Sat May 13, 2017 3:16 pm

Regarding the ransomware:

https://www.theguardian.com/technology/ ... ber-attack
'Accidental hero' halts ransomware attack and warns: this is not over

...
The researcher, who identified himself only as MalwareTech, is a 22-year-old from south-west England who lives with his parents and works for Kryptos logic, an LA-based threat intelligence company.

“I was out having lunch with a friend and got back about 3pm and saw an influx of news articles about the NHS and various UK organisations being hit,” he told the Guardian. “I had a bit of a look into that and then I found a sample of the malware behind it, and saw that it was connecting out to a specific domain, which was not registered. So I picked it up not knowing what it did at the time.”

The kill switch was hardcoded into the malware in case the creator wanted to stop it spreading. This involved a very long nonsensical domain name that the malware makes a request to – just as if it was looking up any website – and if the request comes back and shows that the domain is live, the kill switch takes effect and the malware stops spreading. The domain cost $10.69 and was immediately registering thousands of connections every second.



User avatar
RTH10260
Posts: 15904
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#71

Post by RTH10260 » Sun May 14, 2017 11:24 pm

Thank you NSA and CIA

EUROPOL admits stunned by scale of cyberattack
Monday may see a resumption of the wave of cyberattacks around the world. That is the warning from computer experts as more and more companies and official bodies release details about how they have been compromised by the ransomware virus, that locks them out of their own systems.

[liveleak]1c5330cd0f61[/liveleak]



Euronews video transcript
► Show Spoiler



User avatar
much ado
Posts: 1150
Joined: Mon Mar 23, 2009 12:56 am
Location: The Left Coast

Re: Cyber Security

#72

Post by much ado » Mon May 15, 2017 7:13 pm

At this moment, the server hosting freerepublic.com is not responding. I wonder if they haz a problem?


A man needs a reason to go shopping; a woman just needs a place. - much ado
(prompted by daughter ado's enthusiasm to visit a mall with no specific goal)

User avatar
much ado
Posts: 1150
Joined: Mon Mar 23, 2009 12:56 am
Location: The Left Coast

Re: Cyber Security

#73

Post by much ado » Mon May 15, 2017 7:18 pm

Now I see that the report says that they have been down for about 1 day, 3 hours. I guess they have had a problem for some time now.

http://www.isitdownrightnow.com/freerepublic.com.html


A man needs a reason to go shopping; a woman just needs a place. - much ado
(prompted by daughter ado's enthusiasm to visit a mall with no specific goal)

User avatar
RTH10260
Posts: 15904
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#74

Post by RTH10260 » Tue May 16, 2017 8:51 am

WannaCry? Yes, do it, cause the collection procedures of the hackers is flawed. You may never get your files back, though some spurios victims have been reporting a recovery after ransom payment.
WannaCry – Paid Time Off?
by Check Point Threat Intelligence and Malware Research Teams posted 2017/05/14

Let us open with a TL;DR – DO NOT pay the ransom demanded by the WannaCry ransomware!

Now, let us explain why:

As of this writing , the 3 bitcoin accounts associated with the WannaCry ransomware have accumulated more than $33,000 between them. Despite that, not a single case has been reported of anyone receiving their files back.

The decryption process itself is problematic, to say the least.

Unlike its competitors in the ransomware market, WannaCry doesn’t seem to have a way of associating a payment to the person making it. Most ransomware, such as Cerber, generate a unique ID and bitcoin wallet for each victim and thus know who to send the decryption keys to. WannaCry, on the other hand, only asks you to make a payment, and then… Wait. You can press the ‘Check Payment’ button, but so far this is the only outcome: [image not copied]

Most A-list ransomware pride themselves on customer support, and are usually very easy to contact. Again, not the case with WannaCry. The only way of contacting the malware creators is through the “Contact Us” option on the ransom note screen. Despite our best efforts, we have yet to receive a reply.
http://blog.checkpoint.com/2017/05/14/w ... -time-off/



User avatar
Orlylicious
Posts: 7382
Joined: Mon Apr 23, 2012 4:02 pm

Re: Cyber Security

#75

Post by Orlylicious » Wed May 17, 2017 12:41 am

iObit has some info on how to make sure your PC is up to date:
How to Prevent WannaCrypt Attacking

Last Friday, WannaCrypt ransomware was broke out and till now it has attacked hundreds of thousands of PCs. Lots of organizations around the world, like hospitals, schools and airports etc. were infected by this ransomware and variation WannaCrypt2.0. To prevent this disaster attack your PC, here are some tips for you to defend this ransomware:

1. Turn on your Windows Firewall and set a new rule to your Port.

Steps for Window 10 users: http://www.iobit.com/en/tips-steps-for- ... ing-79.php

Steps for Windows 7 users: http://www.iobit.com/en/tips-steps-for- ... ing-78.php

2. Update the Windows Patch: Microsoft Security Bulletin MS17-010

It can help fix the vulnerabilities, and then prevent the attacking of WannaCrypt. No matter your system belongs to widely used Windows 10, Windows 7 or Windows Vista, Windows Server 2008, Windows Server 2008 R2, you may go to the Microsoft Page to download the latest one:

https://technet.microsoft.com/en-us/lib ... y/MS17-010

3. Close the service of SMBv1.
More at: http://www.iobit.com/en/tips-how-to-pre ... 0.php?p=db

We use a cool program called DriverBooster, it updates drivers automatically and well worth it, they have an automated version of the above and also have a malware blocker and tips at http://www.iobit.com/en/tips-how-to-pro ... 1.php?p=db
WannaCry.JPG
You do not have the required permissions to view the files attached to this post.



Post Reply

Return to “Computers & Internet”