Malware & Vulnerabilities – Computer Security Articles

Answering the WannaCry wake-up call

May 30, 2017 admin Malware & Vulnerabilities, Security

Credit to Author: Selena J. Linde, T. Markus Funk, Todd M. Hinnen and Jonathan G. Hardin| Date: Tue, 30 May 2017 04:35:00 -0700

The widespread WannaCry attack demonstrated the acute vulnerability of computer systems to ransomware attacks. There is no reason to think that larger, more sophisticated attacks aren’t already being planned — the perpetrators of WannaCry reportedly profited handsomely — and companies that have not assessed and addressed the risk posed to their systems by such attacks may remain vulnerable.

Companies can take prophylactic steps to protect their systems against ransomware, focusing on improving data security hygiene, establishing effective governance and raising employees’ awareness of the threat.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

The WannaCry scramble

May 25, 2017 admin Malware & Vulnerabilities, Security

Credit to Author: Mathias Thurman| Date: Thu, 25 May 2017 10:05:00 -0700

A couple of weeks ago, possibly every security manager in the world was dealing with the repercussions of WannaCry, a ransomware worm that screamed across the internet and flooded the media. IT and security departments, placed on high alert, had to scramble — whether or not any of their systems had been infected. I was no exception.

ComputerWorld Independent

IDG Contributor Network: Wikileaks reveals potent Windows malware from the CIA

May 23, 2017 admin Cybercrime & Hacking, Malware & Vulnerabilities, Security

Credit to Author: Andy Patrizio| Date: Tue, 23 May 2017 14:00:00 -0700

A few days ago, Microsoft’s top lawyer took the NSA to task over WannaCry, saying that problem was the agency’s creation because it built and stockpiled such malware for its own use.

Now WikiLeaks has revealed more government-created malware and this one is a nasty piece of work.

Codenamed “Athena,” the spyware targets all version of Windows from Windows XP to Windows 10, and was released in August 2015. It was created in part by a private New Hampshire-based cyber security firm called Siege Technologies.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

5 ways to stop future global malware attacks

May 22, 2017 admin Malware & Vulnerabilities, Security

Credit to Author: Preston Gralla| Date: Mon, 22 May 2017 14:06:00 -0700

The global WannaCry ransomware attack, which crippled hospitals, government organizations, companies and individuals around the world, didn’t have to happen. It was no grand technological feat perpetrated by genius hacker masterminds. Instead, it took advantage of the lazy, patchwork way organizations handle security and the seamy roles that the National Security Agency (NSA) and big tech companies play in undermining security in the internet age.

And that, in fact, is a piece of good news. Because it means that stopping the next global malware attack needn’t be impossible. Here are five steps that can do it.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Windows Defender does not defend Windows 7 against WannaCry

May 21, 2017 admin cyberattacks, Cybercrime & Hacking, Malware & Vulnerabilities, Security, Windows PCs

Credit to Author: Michael Horowitz| Date: Sun, 21 May 2017 17:37:00 -0700

Thanks to Kaspersky, we now know that 98% of the Windows machines infected by WannaCry/WannaCrypt were running Windows 7. Since, once it gets a foothold, the malware can infect an entire network, most of the attention was focused on LAN based attacks. My previous blog was about using the Windows firewall as a defensive measure.

But any malware can spread in multiple ways so there is always a need for anti-malware software on Windows PCs. The May 12th blog post, Customer Guidance for WannaCrypt attacks, in which Microsoft announced the release of a bug fix for Windows XP, mentioned that

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

The Windows firewall is the overlooked defense against WannaCry and Adylkuzz

May 19, 2017 admin Cybercrime & Hacking, Malware & Vulnerabilities, Networking, Security, Windows PCs

Credit to Author: Michael Horowitz| Date: Fri, 19 May 2017 09:25:00 -0700

Despite all the attention currently focused on Windows computers being infected with WannaCry ransomware, a defensive strategy has been overlooked. This being a Defensive Computing blog, I feel the need to point it out.

The story being told everywhere else is simplistic and incomplete. Basically, the story is that Windows computers without the appropriate bug fix are getting infected over the network by WannaCry ransomware and the Adylkuzz cryptocurrency miner.

We are accustomed to this story. Bugs in software need patches. WannaCry exploits a bug in Windows, so we need to install the patch. For a couple days, I too, ascribed to this knee-jerk theme. But there is a gap in this simplistic take on the issue. Let me explain.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Shadow Brokers boasts of more Windows exploits and cyberespionage data

May 16, 2017 admin Malware & Vulnerabilities, Security, Windows PCs

Credit to Author: Lucian Constantin| Date: Tue, 16 May 2017 08:13:00 -0700

A group of hackers that previously leaked alleged U.S. National Security Agency exploits claims to have even more attack tools in its possession and plans to release them in a new subscription-based service.

The group also has intelligence gathered by the NSA on foreign banks and ballistic missile programs, it said.

The Shadow Brokers was responsible for leaking EternalBlue, the Windows SMB exploit that was used by attackers in recent days to infect hundreds of thousands of computers around the world with the WannaCry ransomware program.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

WannaCry ransomware attacks won't be the last

May 15, 2017 admin encryption, Malware & Vulnerabilities, Security

Credit to Author: Lucian Constantin| Date: Mon, 15 May 2017 10:39:00 -0700

Thousands of organizations from around the world were caught off guard by the WannaCry ransomware attack launched Friday. As this rapidly spreading threat evolves, more cybercriminals are likely to attempt to profit from this and similar vulnerabilities.

As a ransomware program, WannaCry itself is not that special or sophisticated. In fact, an earlier version of the program was distributed in March and April and, judging by its implementation, its creators are not very skilled.

To read this article in full or to leave a comment, please click here

← Previous