In part 1 I outlined how ransomware gets on your system in the first place. We saw that it operates in much the same manner as other malware: It needs a delivery system, a vulnerability to exploit, a payload to install, and a way to establish communications with a command & control (C&C) server.
Operation Pawn Storm is up to its dirty tricks again, this time with what is claimed to be the first new Java zero-day vulnerability in two years.
Another day, another breach. Ho Hum.
So it seemed when news first broke about the hack of the (in)famous Italian vulnerability research firm Hacking Team. Probably a case of hackers hacking back. No impact on most “regular” cybercitizens, right?
Au contraire, mon frère.
It seems that there were a few gems in the 400 GB data dump that was posted online,
Despite have rules and compliance regulations in place, Japan’s pension system has been hit by hackers who made off with over 1.2 million records containing personally identifiable information.
According to reports, staff weren’t obeying the rules – making it far too easy for criminals to access sensitive database records.
Let’s take a look at how ransomware works. In some stages of the operational cycle ransomware runs much like any other malware which may find its way onto your systems. In other stages ransomware has introduced completely new areas of operating for cybercriminals.
The first few stages of the ransomware cycle use the tried-and-true methods cybercriminals are accustomed to using.
1400 passengers are stranded at Poland’s busiest airport after what the airline describes as an “IT attack”.
But what actually happened in shrouded in mystery.
Let me paint a scene for you. You’re sitting at your desk between meetings. You’re working on a PowerPoint for a customer meeting tomorrow, and you’re waiting for an email back from a co-worker. You have another meeting in an hour, which gives you just enough time to hone this presentation. It’s been 15 well-crafted slides since you last saved.
It’s all very well having a bug bounty program, argues LinkedIn, but how is your organisation going to cope if it is bombarded with hundreds of meaningless and useless reports, that your security team cannot act upon?
In the pre-internet days, ransoms typically involved only prominent, wealthy people and their families. Kidnapping people for ransom is mostly a thing of the past nowadays. It’s an old-fashioned crime. You can’t really get away with it anymore.
Kidnapping files, however, is rapidly becoming more popular. Intel/McAfee reports a 155% rise in ransomware in Q4 of 2014,
Good news for privacy.
The US government’s CIO has officially announced that all .gov websites must be only available via encrypted HTTPS connections by the end of 2016.
This is the first in a series of posts about ransomware. In this post and over the next several weeks I’ll discuss what ransomware is, who the victims are, give some details on a couple of specific types, how to protect your organization, and what to do when your systems have been taken captive.
Over the last couple of weeks I’ve seen a pattern of companies frustrating an individual to the point where the person gives up trying to communicate with the company and hacks them in a major way instead. I guess you could call it Revenge Hacking. In each case, the company was communicating with the person in an above-board manner.
When a healthcare provider suffered an embarrassing data breach, it hoped it could recoup some of its losses by claiming on insurance.
But it turns out it wasn’t as simple as that…
You’ve probably heard the idiom “No good deed goes unpunished.” It looks like that phrase will survive even the cyber age. There have a been few news stories about how vulnerability disclosures were handled, or mishandled. Some made me laugh, some made me cringe.
When IT Security professionals find a vulnerability, they know what to do next.
Researchers discover a new attack against encrypted communications on the internet.