Articles for April 2017

‘I’ve got nothing worth stealing’ is no longer a good answer.

Source: Ransomware is now so awful it’s actually making us take security seriously | ZDNet

But the company won’t say who the source of the vulnerability was, and that’s a problem.

Source: Microsoft quietly patched Shadow Brokers’ hacking tools | ZDNet

Ubuntu 17.04 is another solid desktop release, but Unity, its default desktop, is being retired. This new distribution’s real improvements are in its cloud and server versions.

Source: Ubuntu 17.04: The bittersweet Linux release | ZDNet

Remember The Shadow Brokers? They are back.

A hackers group that previously claimed to have stolen a bunch of hacking tools (malware, zero-day exploits, and implants) created by the NSA and gained popularity last year for leaking a portion of those tools is back.

Today, The Shadow Brokers group released more alleged hacking tools and exploits that, the group claims, belonged to “Equation Group” – an elite cyber attack unit linked to the NSA.

Read more here.

Ransomware boomed last year, with the malicious file-encrypting software rising to become arguably the biggest menace on the web.

While hundreds of ransomware variants extorted payments from victims in return for unlocking files, Locky was the most dominant family. But after outright dominating the ransomware landscape last year — and playing a large role in costing victims over $1bn during 2016 — Locky has virtually fallen off the face of the earth in 2017, making way for Cerber to become the king of ransomware.

Source: Ransomware: Why one version of this file-encrypting nightmare now dominates | ZDNet

Security researchers have confirmed that the alleged CIA hacking tools recently exposed by WikiLeaks have been used against at least 40 governments and private organizations across 16 countries.

Since March, as part of its “Vault 7” series, Wikileaks has published over 8,761 documents and other confidential information that the whistleblower group claims came from the US Central Intelligence Agency (CIA).

Now, researchers at cybersecurity company Symantec reportedly managed to link those CIA hacking tools to numerous real cyber attacks in recent years that have been carried out against the government and private sectors across the world.

Read more here.

A Russian computer hacker arrested over the weekend in Barcelona was apparently detained for his role in a massive computer botnet, and not for last year’s US presidential election hack as reported by the Russian media.

Peter Yuryevich Levashov, 32-years-old Russian computer programmer, suspected of operating the Kelihos botnet — a global network of over 100,000 infected computers that was used to deliver spam, steal login passwords, and infect computers with ransomware and other types of malware since approximately 2010, the U.S. Justice Department announced Monday.

Read more here.

It’s time to move on, says Microsoft.

Source: Goodbye Windows Vista: Microsoft’s unloved operating system finally reaches the end of the road | ZDNet

Department of Justice targets network it says is responsible for spam emails, distributing ransomware and malware.

Source: US disrupts giant botnet used for spam and ransomware | ZDNet

As part of its Vault 7 series of leaked documents, whistleblowing website WikiLeaks today released a new cache of 27 documents allegedly belonged to the US Central Intelligence Agency (CIA).

Named Grasshopper, the latest batch reveals a CLI-based framework developed by the CIA to build “customised malware” payloads for breaking into Microsoft’s Windows operating systems and bypassing antivirus protection.

All the leaked documents are basically a user manual that the agency flagged as “secret” and that are supposed to be only accessed by the members of the agency, WikiLeaks claims.

Read more here.