Securitate IT - protectie impotriva ransomware si al virusilor informatici

Uber is tightening policies around its bug bounty program after a 2016 data breach exposed deep flaws in its policies around handling extortion.

It's analyzing the server, operated by the North Korea-sponsored APT, which was used to control the global GhostSecret espionage campaign affecting 17 countries.

Amazon Web Services (AWS) hijacked for 2-hour heist For two hours on Tuesday, the website MyEtherWallet.com, a cryptocurrency wallet where thousands of users store their Ethereum, was leeched of roughly $150,000. Cybercriminals hacked into the site by posing as a legitimate Amazon Web Service (AWS) IP space. AWS hosts the website, and to the casual user, everything looked normal.

The Company In 1995, Leslie Powell founded Mark III Systems. Twenty-three years later, her company has grown into a large, multi-disciplinary solutions provider serving enterprises and small-to-medium businesses (SMBs) worldwide. Mark III provides full stack enterprise-class servers, storage, networking products, and managed services. The company’s dedication to each customer’s specialized requirements has resulted in strong, ongoing relationships with nearly every customer with whom they have worked since inception. “We follow our customers’ needs,” explains Chris Bogan, Alliances and Business Development. “Our customer requirements drive how we grow, reshape, and transform our business.”

Thanks to auto-play, it’s possible to crash Windows systems by simply inserting the drive into the USB port, no further user interaction necessary.

A slew of products from medical dispensing company BD are susceptible to the KRACK vulnerability disclosed last fall.

Researchers warn that the code behind this remote access trojan has been tweaked in an attempt to decrease antivirus detection.

Spartacus ransomware is a new sample that has been circulating in 2018. Written in C#, the original sample is obfuscated, which we will go over as we extract it to its readable state. Spartacus is a relatively straight-forward ransomware sample and uses some similar techniques and code to others we have seen in the past, such as ShiOne, Blackheart, and Satyr. However, there is no sure relationship between these samples and the actors. I mention it mainly to show that they share similar functionality and are basic in form. In the case of Satyr and Blackheart, the code is nearly identical, with Spartacus following almost the same code flow with some modifications. If I were to make an assumption, I would say they are either the same actor or the actors for each of them used the same code. But again, there are no facts to prove this as of now. In general, what we notice is that there is a string of these .NET ransomware popping up, all of them more or less the same or similar. It is ju

“You feel invaded and vulnerable. This was his business, his baby, and it could all be over because some hackers were after a bit of cash.” Names like Bad Rabbit, WannaCry and CryptoWall make the news due to the massive impact ransomware attacks have. Hackers cost individuals and businesses $5bn in 2017 , and that figure is predicted to rise in 2018 to an astonishing $11.5bn . Avast alone blocked 132,000,000 ransomware attacks in 2017. Most people understand how ransomware works – it’s in the name – but what’s it like when it happens to you and your business? What’s it like when the boss announces: ‘We’re being attacked’? We spoke to Chris* who offers us an example of what happens when ransomware hits your business. This is his story - a detailed account of four days he will never forget. “It didn’t just happen … it unfolded,” he says. *Chris’s name has been changed and some of the details have been omitted or altered to protect the identity of those involved. The prolog

Version 1.1 includes updates on authentication and identity, self-assessment, supply-chain security and vulnerability disclosure, among other changes.

Last week, we dug into behavioral biometrics , explored a new crossrider variant , and embraced the power of “no.”  We also launched another CrackMe challenge , took a deep dive into smart toys , and finished up with a look at digital privacy in the age of IoT . Other news LinkedIn does battle with autofill problems . (source: Daily Swig) Dutch police take down  a revenge porn site. (source: politie(dot)nl) Researchers find a way to make hotel master keys . (source: F-Secure) Very large fine handed to Yahoo! (source: The Register) Orangeworm goes after healthcare services . (source: Symantec) Admins of the world’s biggest DDoS market are  taken down . (source: Europol) Dodgy miners were  busted in China . (source: xinhua(dot)net) Are you ready for GDPR ? (source: Help Net Security) Listening in with Amazon Echo (source: Naked Security) Stay safe, everyone! The post A week in security (April 23 – April 29) appeared first on Malwarebytes Labs .

Twitter is the latest company to face backlash for how it handles data privacy after disclosing that it sold data access to a Cambridge Analytica-linked researcher.

If you are seeing ads injected into search results and web pages for adult sites, online pharmacies, and other less reputable sites and they are coming from Feed.exssmith.com, then you are most likely infected by some sort of adware. Some adware will automatically open web sites that redirect you to various sites or injects advertisements into web pages. One of the sites that you may be shown is https://ift.tt/2Hsn8FP. This article was published first at How to remove Feed.exssmith.com Advertisements

My PC Repair 2018 PUP is a potentially unwanted program that states it scans Windows for Malware/Pup Threats, ways to Enhance System Performance, System/User Software Issues, and Startup/Uninstall Issues. When My PC Repair 2018 scans a computer it will list a variety of detected issues, uses your computer's speaker to tell you that there are problems, and then state that you need to first purchase a license before you can fix the detected issues. My concern is that many of the issues that it detects are not items that would cause a problem on a computer. This article was published first at Remove the My PC Repair 2018 PUP

The gang behind the Atlanta city shutdown and other attacks is selecting victims carefully and offering volume discounts to unlock whole organizations.

Uber is tightening policies around its bug bounty program after a 2016 data breach exposed deep flaws in its policies around handling extortion.

Smart toys attempt to offer what a lot of us imagined as kids—a toy that we can not only play with, but one that plays  back. Many models offer voice recognition, facial expressions, hundreds of words and phrases, reaction to touch and impact, and even the ability to learn and retain new information. These features provide an obvious thrill for man y children, whose imaginary friend just became a lot more real.   At the low end, smart toys can be as simple as a motion-activated rattle designed with features intended to help with developmental milestones. Higher-end toys can be as engaging as a real-life R2-D2 that will watch Star Wars with you and offer commentary. But much like other Internet of Things products , smart toys don’t have a great track record of protecting personal information, designing software according to industry best practices, and updating in a timely manner. And we’re in fairly new territory when it comes to young children and the Internet. Suddenly, we hav

It's analyzing the server, operated by the North Korea-sponsored APT, which was used to control the global GhostSecret espionage campaign affecting 17 countries.

Last November, we released the first edition of the  Malwarebytes CrackMe . Encouraged by the positive response we received from the security community, we decided to repeat the game, hopefully making it even more interesting and entertaining. As before, the CrackMe is dedicated to malware analysts and to those who want to practice becoming them. That’s why it is not just a set of some abstract riddles, but an exercise that walks through selected tricks that were used in real malware. (Expect some original schemes designed just for this game, too.) Of course, all is demonstrated on harmless examples, but we still recommend you use VM for reversing it so that it will not interfere with any antivirus protection. Rules of the contest There are two CrackMe contests: Capture the flag.  The first three submitted flags win. The flag should be submitted along with (minimalistic) notes about the steps taken to find it. (No detailed write-up is required.) Best write-up . The write-up will

Amazon Web Services (AWS) hijacked for 2-hour heist For two hours on Tuesday, the website MyEtherWallet.com, a cryptocurrency wallet where thousands of users store their Ethereum, was leeched of roughly $150,000. Cybercriminals hacked into the site by posing as a legitimate Amazon Web Service (AWS) IP space. AWS hosts the website, and to the casual user, everything looked normal.

The Company In 1995, Leslie Powell founded Mark III Systems. Twenty-three years later, her company has grown into a large, multi-disciplinary solutions provider serving enterprises and small-to-medium businesses (SMBs) worldwide. Mark III provides full stack enterprise-class servers, storage, networking products, and managed services. The company’s dedication to each customer’s specialized requirements has resulted in strong, ongoing relationships with nearly every customer with whom they have worked since inception. “We follow our customers’ needs,” explains Chris Bogan, Alliances and Business Development. “Our customer requirements drive how we grow, reshape, and transform our business.”

Imagine exploring around in the awe-inspiring Roman Colosseum, drinking up its ancient history while someone sneaks your wallet out of your pocket. Or standing atop the Eiffel Tower, taking in the grandest view in the world as someone silently swipes your passport and starts running around Paris under your name. Life-enriching experiences, particularly related to travel, are dashed against the rocks the moment you discover you’ve been victimized. To fully enjoy your travel adventures, you have to first take the target off your back. Here’s how:

If you are seeing ads injected into search results and web pages for adult sites, online pharmacies, and other less reputable sites and they are coming from Feed.exssmith.com, then you are most likely infected by some sort of adware. Some adware will automatically open web sites that redirect you to various sites or injects advertisements into web pages. One of the sites that you may be shown is https://ift.tt/2Hsn8FP. This article was published first at How to remove Feed.exssmith.com Advertisements

Microsoft has released new Spectre mitigations for Windows 10, which include Intel microcode fixes for CPUs running on Windows.

Taking a “dirty deeds done dirt cheap” approach, the kit generates an initial malware payload for social-engineering spam campaigns for just $40 per month.

Not just a miner, the malware also sets up a hidden default account with system administrator privileges, to be used for re-infection and further attacks.

Win Boost Pro 2018 PUP is a potentially unwanted program that states it scans Windows for Malware/Pup Threats, ways to Enhance System Performance, System/User Software Issues, and Startup/Uninstall Issues. When Win Boost Pro 2018 scans a computer it will list a variety of detected issues, uses your computer's speaker to tell you that there are problems, and then state that you need to first purchase a license before you can fix the detected issues. My concern is that many of the issues that it detects are not items that would cause a problem on a computer. This article was published first at Remove the Win Boost Pro 2018 PUP

The The Window's Security Certificate is Expired Tech Support Scam is a browser advertisement that pretends to be from support.microsoft.com and states that your Windows certificate has expired and that you are now vulnerable to a possible security breach. This page is a scam and they have no idea what is happening with your computer. They are only trying to scare you into calling the listed phone number. This article was published first at Remove the The Window's Security Certificate is Expired Tech Support Scam

ArcadeGoNetwork is a Chrome extension that injects advertisements into web sites that you are visiting and opens new browser window advertisements at various intervals. When the advertisements are displayed they will be labeled as "delivered by ArcadeGoNetwork" and will appear as little slides in the bottom right-hand corner of the web site. This article was published first at Remove the ArcadeGoNetwork Chrome Adware Extension

The support.microsoft.com is requesting your username and password Tech Support Scam is a common browser based scam that tries to trick people into thinking that Microsoft.com is alerting the user that suspicious activity has been found on the computer. This message then prompts you to call Microsoft at a listed number. This is a scam and the comapny behind this has no affiliate with Microsoft in any way. This article was published first at Remove the Support.microsoft.com is requesting your username and password Scam

Speedy PC Pro 2018 PUP is a potentially unwanted program that states it scans Windows for Malware/Pup Threats, ways to Enhance System Performance, System/User Software Issues, and Startup/Uninstall Issues. When Speedy PC Pro 2018 scans a computer it will list a variety of detected issues, but state that you need to first purchase a license before you can fix them. My concern is that many of the issues that it detects are not what I feel would cause a problem on a computer. This article was published first at Remove the Speedy PC Pro 2018 PUP

If you don’t already own Internet of Things (IoT) devices, you likely will soon. IoT-enabled devices are physical gadgets with built-in Internet connectivity that allow data transmission; often this happens in the background with no indication to the user that anything is happening. The IoT is more like the Internet of Everything—statistics indicate within the next couple of years, there will be three IoT devices for every adult and child on the planet. So, should people be concerned about consumer privacy and data security if these gadgets are always on and ready to transmit information whether we realize it or not? Let’s take a look. Rise of the IoT brings new security concerns The functionality and capabilities of IoT devices bring about realities that haven’t been dealt with before. Many people know they can opt out of some data collection techniques used on websites. However, if they do that with most IoT devices, the decision typically impacts how the gadgets work and may r

Default configuration of WD’s My Cloud storage device keeps port open for unprivileged data exfiltration within a network.

Ransomware attacks have become one the top security threats facing individuals and corporations alike. Although most of these attacks are still aimed at PCs, another popular target has emerged: Android-based mobile devices. According to ransomware experts here at Avast, Android ransomware saw an increase in Q3’17 YoY of 72% and an even higher increase in Q4’17 YoY of 116%, as several high-profile attacks made the rounds.

In an unusual move, Metamorfo abuses legitimate, signed Windows binaries to load the malicious code.

The recently released Far Cry 5 is a video game where you reclaim Montana from a cult obsessed with the “power of yes” by hitting members over the head with a shovel. It’s also one of the biggest sellers for publisher Ubisoft to date, and it stands to reason that many people would like to grab a copy for free. It’s been a while since we saw a wave of YouTube vids promising free games all based around one title, but this is definitely one of those moments given the huge popularity of its shovel-throwing hero. In the past week or so, we’ve seen videos galore, all offering downloads or sign ups or sign ups and downloads (novel!), with a couple of heart-warming flashbacks to our somewhat off-the-boil friend, the survey scam (and a couple of download sites, too). The standard operating procedure for these kinds of scams means they’re reliant on here today, gone tomorrow videos so the view count typically varies between half a dozen and thousands upon thousands. Not all of them get take