Tag: malware

For all the hoopla, the biggest question one week after WannaCry is: 'where are all the victims'? (Image courtesy of Martin Spiske. Licensed via Creative Commons.)

The WannaCry Missing: Federal Systems, Consumers

In-brief: One week after the WannaCry ransomware knocked out hospitals in the UK and subway fare systems in Germany, the malware is as notable for who it didn’t affect for who it did. Among those spared WannaCry’s wrath: federal IT systems in the U.S. as well as consumers. But why?

Focusing on WannaCry, the ransomware delivered in last week's attacks, misses the point.

WannaCry: What’s in a name? Confusion | Digital Guardian

In-brief: focusing on WannaCry, the ransomware delivered in last week’s attacks, misses the point. Organizations weren’t done in by the shoddy malware, but by a class-A offensive cyber weapon known as EternalBlue. Editor’s Note: this blog is cross posted from Digital Guardian’s Data Insider blog.  

The payment screen for the Wana Decrypt0r malware which spread widely last week.

Podcast: WannaCry: It’s The Exploits, Stupid and Parsing The Cyber Executive Order

In-brief: We speak  with Sean Dillon of the firm RiskSense, who helped reverse engineer DoublePulsar and EternalBlue, the Windows exploit tools used to help spread the WannaCry ransomware. We also chat with John Dickson of The Denim Group about the impact of President Trump’s Cyber Executive Order. 

Royal London Hospital was among 16 facilities in the UK that were hit with a cyber attack, believed to be ransomware on Friday.

Update: UK Hospitals among Victims of Massive Ransomware Attack

In-brief: Hospitals across England were forced to divert patients from emergency departments after suffering what has been described as a cyber attack involving ransomware, according to published reports and a statement from the UK’s National Health Service. (Editor’s Note: Updated to include information on the Wana ransomware. PFR May 12, 2017)

Trend Micro said a newly discovered botnet phones home to servers in Iran and spreads using a known vulnerability in software run by thousands of IP camera models. (Image courtesy of Trend Micro.)

Persirai Botnet: 120,000 Hacked Cameras Phoning Home To Iran

In-brief: a botnet of 120,000 cameras that takes its orders from servers based in Iran uses a long-ago disclosed security vulnerability in camera software to spread. The flaw affects over 1,000 different models of cameras, Trend Micro reports.