Tag Archive for: closing

Effectively closing entry gates for hackers: How strong authentication protects against ransomware

/in


Ransomware is a problem that is here to stay and that will in time become an even bigger issue – that is a fact that is clear to everyone involved in IT security. According to the international study “The State of Ransomware”, more than half of all organizations have experienced a ransomware cyberattack in 2020. Once hit, giving in to criminal demands or restoring the system wholesale is an expensive strategy, if it can be deemed a strategy at all. True risk mitigation should first ask what the main attack vectors exploited by this type of malware actually are. This is the only solution that not only staves off the problem of ransomware, but ideally minimizes the risk permanently. 

The three main attack vectors of ransomware  

Attack vector number 1 – the technology: As in many other attack scenarios, hackers exploit vulnerabilities and backdoors of infrastructure for their ransomware attacks in order to smuggle malware into a system. Infrastructure is especially vulnerable when it is based on unpatched systems. For example, the well-known Wannacry ransomware – which gained notoriety by taking out entire universities and hospitals – directly targets computers running outdated versions of Microsoft Windows. It exploits a known programming flaw in the SMB implementation to create crashes and persistent bluescreens (hence the name “Eternal-Blue”), spying on computers and locking users out of systems. The Wannacry ransomware attack shows just how virulent the problem of unpatched computers is. The attack spread to 150 countries and infected more than 230,000 computers. 

Source…

Hacker closing out prison sentence in Chicago halfway house

/in


Hacker Jeremy Hammond, who is serving a 10-year prison sentence for breaking into computer systems of security firms and law-enforcement agencies, will serve out the remainder of his term in a Chicago halfway house

November 19, 2020, 3:42 AM

3 min read

CHICAGO — Computer hacker Jeremy Hammond, who is serving a 10-year prison sentence for breaking into computer systems of security firms and law-enforcement agencies, will serve out the remainder of his term in a Chicago halfway house, a U.S. Bureau of Prison spokesman said Wednesday.

Hammond, who has gained mythic status among his supporters, was released Tuesday from the Memphis Federal Correctional Institution in Tennessee to community confinement, said Bureau of Prisons spokesman Emery Nelson. Citing privacy and security reasons, Nelson refused to release information on the conditions of Hammond’s confinement. He is scheduled for release in March.

The FBI arrested Hammond, who prosecutors called a hacking “recidivist,” during a 2012 raid on his Chicago home after getting the cooperation of Hector Xavier Monsegur, a hacker who helped law enforcement infiltrate the hacking movement ”Anonymous,” which led to the conviction of eight hackers.

The raid came after Hammond penetrated the Texas-based security think tank Strategic Forecasting Inc., known as Stratfor. The company’s clients include the U.S. Department of Homeland Security and the Defense Department. He was also accused of hacking the FBI’s Virtual Academy, the Arizona Department of Public Safety, the Boston Police Patrolmen’s Association, and the Jefferson County, Alabama, Sheriff’s Office.

He’d been working with a subgroup of “Anonymous” to disrupt the networks of Sony Pictures, the Public Broadcasting Service, the Arizona Department of Public Safety and others when a member of the group enlisted him to help break into Stratfor’s systems.

The hackers posted emails between Stratfor employees and clients on the WikiLeaks website, along with credit card data from a client list that included Northrop Grumman, the Marine Corps and Time Warner Cable. They used some of the…

Source…

Exams cancelled? University closing due to Brexit? A mischievous email from Southampton’s Vice-Chancellor

/in

Clues sprinkled through the poorly-written email, however, reveal that its author has not done his homework.

Graham Cluley