Concern rises as one study finds more than 8,000 vulnerabilities in seven pacemakers while another highlights wider issues in medical devices
Source: Security of medical devices ‘is a life or death issue’, warns researcher
Concern rises as one study finds more than 8,000 vulnerabilities in seven pacemakers while another highlights wider issues in medical devices
Source: Security of medical devices ‘is a life or death issue’, warns researcher
A 7-year-old critical remote code execution vulnerability has been discovered in Samba networking software that could allow a remote attacker to take control of an affected Linux and Unix machines.
Samba is open-source software (re-implementation of SMB networking protocol) that runs on the majority of operating systems available today, including Windows, Linux, UNIX, IBM System 390, and OpenVMS.
Samba allows non-Windows operating systems, like GNU/Linux or Mac OS X, to share network shared folders, files, and printers with Windows operating system.
Read more here.
A new cumulative update for the Windows 10 Creators Update addresses 14 bugs affecting the browser, peripherals, and third-party messaging apps.
Source: Windows 10 Creators Update: Microsoft’s latest update fixes a load of bugs | ZDNet
How security professionals stopped one botnet attack from getting much worse.
Source: Botnets: Inside the race to stop the most powerful weapon on the internet | ZDNet
A security researcher has identified a new strain of malware that also spreads itself by exploiting flaws in Windows SMB file sharing protocol, but unlike the WannaCry Ransomware that uses only two leaked NSA hacking tools, it exploits all the seven.
Last week, we warned you about multiple hacking groups exploiting leaked NSA hacking tools, but almost all of them were making use of only two tools: EternalBlue and DoublePulsar.
Now, Miroslav Stampar, a security researcher who created famous ‘sqlmap’ tool and now a member of the Croatian Government CERT, has discovered a new network worm, dubbed EternalRocks, which is more dangerous than WannaCry and has no kill-switch in it.
Read more here.
Despite the chaos caused by the recent ransomware attack, the criminals behind it have netted a relatively small amount of cash.
As the Wannacry ransomware worm wreaked havoc across the globe last week, claiming hundreds of thousands of victims in 150 countries, it issued victims with a simple demand: pay up or lose access to your data.Those organisations which became infected were met with a ransom demand for $300 in Bitcoin to be sent to the attackers. If that payment wasn’t made within three days, the extortion demand rose to $600 — and those who left it a week were threatened with their files being deleted forever.
Source: WannaCry ransomware deadline passes, but few pay up | ZDNet
WikiLeaks has published a new batch of the ongoing Vault 7 leak, detailing a spyware framework – which “provides remote beacon and loader capabilities on target computers” – allegedly being used by the CIA that works against every version of Microsoft’s Windows operating systems, from Windows XP to Windows 10.
Dubbed Athena/Hera, the spyware has been designed to take full control over the infected Windows PCs remotely, allowing the agency to perform all sorts of things on the target machine, including deleting data or uploading malicious software, and stealing data and send them to CIA server.
Read more here.
Do you own a Hewlett-Packard (HP) laptop?
Yes? Just stop whatever you are doing and listen carefully:
Your HP laptop may be silently recording everything you are typing on your keyboard.
While examining Windows Active Domain infrastructures, security researchers from the Switzerland-based security firm Modzero have discovered a built-in keylogger in an HP audio driver that spy on your all keystrokes.
Read more here.
Another torrent index shuts down.
After the shutdown of Kickass Torrents and Torrentz.eu, it’s time for the torrent community to say goodbye to the second most popular torrent site in the world, ExtraTorrent.
Yes, the popular torrent site ExtraTorrent has permanently shut down. So, stop searching for ‘extratorrents unblock‘ and ‘extratorrents proxy‘ websites.
Read more here.
As ransomware threat grows, cybercriminals head to the “malware supermarket’ for tools to shut down your computer
Source: Hacker’s paradise: Secrets of the “dark web”