Tagged With ransomware


Most internet users wouldn't want to share their browsing history with the rest of the world. (It's one of the reasons incognito mode is so popular.) This is especially true of people who look at questionable online material. So what would you be willing to pay if someone had a secret recording of you watching porn, taken on your webcam?

Predicting the future is near impossible -- but that doesn‘t stop us all from having a red hot go. Human beings have been predicting the future since the beginning of history and the results range from the hilarious to the downright uncanny.

One thing all future predictions have in common: they‘re rooted in our current understanding of how the world works. It‘s difficult to escape that mindset. We have no idea how technology will evolve, so our ideas are connected to the technology of today.


Ransomware is one of the most damaging threats to our data. And while it used to be about attacks on single devices, we saw the threat evolve this year with the WannaCry and Petya/Not Petya attacks where threat actors found new ways to weaponise other vulnerabilities to deliver ransomware payloads that cost businesses hundreds of millions of dollars. And cloud services are fuelling both the attackers and defenders in their strategies.


It seems that we can't get through a week without some new cyber-nasty rearing its ugly head. I'm finding the best part of all this is the imaginative names that new threats come with. It's like the bad guys have marketing departments. So, this week, the ransomware marketing machine has dredged up BadRabbit.


Ransomware attacks are an everyday occurrence. Whenever I speak to people at security events, almost every single company has been hit in some way. Some only find out about it when users call the internal help desk because they're "curious" about Bitcoin but others are hit far harder.


Experts at a security round table event in Sydney yesterday said business owners are too focussed on what's going on now, inside their businesses, and not looking at outside threats. As a result, when events such as WannaCry and NoPetya strike, they are unprepared and get hit hard.


Following the WannaCry and Petya/GoldenEye/NoPetya ransomware events, you'd think software companies would be quick to remove the need for SMB 1. This was the protocol exploited by the malware developers that allowed those attacks to spread so quickly. Microsoft has released a lit of developers still demanding SMB 1 support.


WannaCry was the first major attack using tools developed from the NSA’s EternalBlue toolkit that were made available to the world following a leak published by Wikileaks. Last night, another ransomware attack was launched and this one doesn’t encrypt files - it encrypts drives.

Shared from Gizmodo


Data backups can save your skin from all kinds of IT mishaps like dropping your laptop in a lake or having a virus blast through your hard drive. You should be backing everything up! Thanks to the recent spree of ransomware attacks, it's once again time to evaluate your backup system, so you're prepared in the event that some malicious actor locks up your computer.


Dear Lifehacker, I always take my thumb drive wherever I go. I'm also a bit absentminded. I want to guarantee my thumb drive gets returned to me if I ever lose it. My idea is to have malware hidden on the drive in a specific folder labelled 'porn101' or 'myprivatefiles'. If the person opens that file, it will automatically encrypt their computer and ask them to email me to get the unlock code. (I will give it to them once they return the thumb drive to me, of course.)

Which brings me to my question - is this legal? It's not like I'm demanding money or anything. I just want my property back!


With WannaCry garnering a lot of attention over the last few days, it's easy to forget that the root cause of the damage it wreaked is still out there. The vulnerability it exploited was a weakness in Windows' file-sharing protocol. And while the threat of WannCry has been largely contained, if the vulnerability, dubbed EternalBlue by the NSA, remains unpatched, it can be exploited by others. And that's something being identified in the wild.


Microsoft's President and Chief Legal Officer, Brad Smith, says this week's WannaCry attack "provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem". And while Smith says Microsoft and other tech companies need to take the lead on combatting these widespread attacks, he highlights the shared responsibility required to protect, detect and respond to threats.