Comppower

Computers at Russian media outlets and Ukraine's transport hubs were among Windows PCs infected and shut down today by another fast-spreading strain of ransomware.
Corporate systems within Interfax and two other major Russian news publishers had their files encrypted and held to ransom by malware dubbed BadRabbit. In Ukraine, Odessa airport, the Kiev metro, and the Ministry of Infrastructure were also hit by the extortionware, which demands Bitcoins to restore scrambled docum...ents.
BadRabbit may also have spread to Turkey, Bulgaria and beyond, and is a variant of Diskcoder, according to researchers at ESET. Antivirus maker Avast detected it in Poland and South Korea, too.
"Interfax Group's servers have come under a hacker attack. The technical department is taking all measures to resume news services. We apologize for inconvenience," Interfax said in a statement.
CompPower
See More

The tech press has been predicting the death of Flash for years—HTML5 was hailed as the Flash-killer, except it took the standard a while to mature to the point where it could compete head-on with Flash, Steve Jobs insisted iOS devices would never support it, and several major browsers have started not playing Flash content by default. In those cases, users must manually click to play Flash on websites. Even so, Flash seemed poised to stick around forever as some kind of a tech zombie—a number of gaming, educational and video applications continue to rely heavily on the technology—much the same way client-side Java applets and Windows XP just won’t die.
CompPower

http://www.csoonline.com/…/hacker-alleg edly-stole-7-4-milli…

http://www.csoonline.com/…/photobucket- replaced-millions-of…

Analysis It is now increasingly clear that the global outbreak of a file-scrambling software nasty targeting Microsoft Windows PCs was designed not to line the pockets of criminals, but spread merry mayhem.
The malware, dubbed NotPetya because it masquerades as the Petya ransomware, exploded across the world on Tuesday, taking out businesses from shipping ports and supermarkets to ad agencies and law firms. Once inside a corporate network, this well-oiled destructive program ...worms its way from computer to computer, encrypting the infected machines' filesystems.
Although it demands about $300 in Bitcoin to unscramble the hostage data, the mechanisms put in place to collect this money from victims quickly disintegrated. Despite the slick programming behind the fast-spreading malware, little effort or thought was put into pocketing the loot, it appears.
CompPower
See More

http://www.csoonline.com/…/network-secu rity-the-7-elements-…

A password manager is an excellent first step in securing your online identity, helping you increase the strength of the passwords that protect your online accounts because it will remember those passwords for you. A password manager will generate a unique strong password for every account and application, without requiring you to memorize or write down these random strings of characters. These strong passwords help shield against traditional password attacks such as dictionary, rainbow tables, or brute-force attacks.
CompPower

http://www.csoonline.com/…/top-5-cybers ecurity-facts-figure…

Getting the billions of devices connected will be no small task. The thought of all the IoT applications of all that data is nothing less than seductive. Cities will self-regulate motor vehicle and public transportation saving commuters hours of travel time. Sensors will alert us and doctors when mom is not keeping to her pharmaceutical regimen.
CompPower

Users are being tricked into giving away their PayPal credentials, payment card details, and most significantly a selfie holding their ID card.
Security researchers from PhishMe say hackers are relying on spam emails to drive users towards this PayPal phishing page hosted on a compromised WordPress site from New Zealand.
Once users enter their logins the phisher asks for more details including the user's card details and the picture of their ID card.
... CompPower
See More

“The discussion about IoT has shifted away from the number of devices connected,” according to Carrie MacGillivray, IDC’s vice-president of internet of things (IoT), with actionable data within the devices now the key.
It is this focus, she said, that saw a change in IDC’s predictions of where the industry is going, and how costly it will prove to be.
The company now forecasts worldwide spending on IoT to grow 16.7pc this year, reaching more than $800bn by the end of 2017.
... CompPower
See More

Malicious threat actors are increasingly looking to exploit the growing fear and hysteria surrounding the notorious WannaCry ransomware with fake "protectors" and malware-laden antivirus apps. In May, the massive WannaCry cyberattack crippled companies across the globe, ensnared more than 300,000 computers in 150 countries and encrypted millions of user files in exchange for a ransom.
According to cybersecurity firm RiskIQ, predators are now looking to exploit the rising threat of cyberattacks to drive downloads of useless and often malware-carrying mobile apps masquerading as antivirus applications.
CompPower

Malware. Data theft. Ransomware. Everyone wants to know who was behind the latest audacious attack. Several attempts have been made over the years to use linguistics to identify perpetrators, but when it comes to attribution, there are limitations to using this method.
Linguistic analysis came up recently when analysts at intelligence firm Flashpoint said there was a Chinese link with the WannaCry ransomware. Much of the security research up till then had pointed to North Kor...ean ties, as the attacks reused infrastructure components associated with the shadowy Lazarus Group. Before that, a Taia Global report suggested the The Shadow Brokers’ manifesto was actually written by a native English speaker, despite the broken English. Linguistic analysis also was used to suggest that Guccifer 2.0, who released documents stolen from the Democratic National Committee, was likely not Romanian as claimed. Back in 2014, Taia Global said linguistic clues pointed the Sony breach to Russian actors, and not the North Koreans as the United States government had claimed.
CompPower
See More

Network security has improved little over the last 12 months – millions of vulnerable devices are still exposed on the open internet, leaving them defenceless to the next big malware attack.
A follow-up audit by Rapid7 – the firm behind the Metasploit pen-testing tool – found that more than a million endpoints were confirmed as exposing Microsoft file sharing services (Server Message Block, TCP port 445). The majority (800,000) of these systems were on Windows, leaving a target-rich environment for WannaCrypt, the ransomware worm that infected many NHS hospitals and enterprise targets worldwide last month. The SMB SYN scan results increased by 17 per cent this year compared to the same audit last year (4.7 million to 5.5 million nodes).
CompPower

Email is a critical enterprise communication tool synonymous with sending important documents quickly and efficiently between employees, managers, HR, finance, sales, legal, customers, supply chain and more. That said, organizations often don’t understand that the file types used every day to share important information – standard files like Word docs, Excel spreadsheets and PDFs – are also the most common attack vectors widely used for the distribution of malware. For cyberc...riminals, it’s often too easy to target a user with a spoofed email or phishing attack, and trick them into opening an infected attachment that appears to be legitimate.
With email representing an open, trusted channel that allows malware to piggyback on any document to infect a network, it’s often up to the organizations to adopt appropriate security strategies and best practices to prevent a company-wide attack. Simon Taylor, vice president of products at Glasswall, articulates precautions that businesses can implement to thwart these threats and keep sensitive data protected from malicious actors.
CompPower
See More

Scientists have developed the tiniest, nature-inspired spy drones by merging high technology with living insects. Dubbed DragonflEye, the initiative saw engineers transform a common dragonfly into a remotely controlled cyborg drone.
DragonflEye is the brain child of tech R&D (research and development) firm called Draper. The technology was first introduced in January and relies on optogenetics to merge some parts of an insect's anatomy with materials that respond to as well as produce light at certain wavelengths, which in turn can help the insect be navigated. In other words, a backpack-like high-tech device is physically placed on the insect's anatomy.
CompPower

Developers need to make sure they are baking security into the application code and protecting how their apps handle data, but as the so-called HospitalGown security issue shows, they also need to know how the back-end servers and data stores are being configured.
CompPower