Tag: Destructive | Page 3

Ukraine hit with destructive malware attacks amidst turmoil

January 18, 2022/in Computer Security

The U.S. government is sounding alarms after Microsoft reported a series of attacks targeting networks in Ukraine.

The Cybersecurity and Infrastructure Security Agency (CISA) passed on warnings from the software giant over multiple discoveries of a new family of “destructive malware” that seeks to erase data on targeted systems under the guise of being a ransomware attack.

CISA warned that, unlike a normal ransomware attack that offers victims the ability to retrieve their data after paying out, the attacks seen in Ukraine simply wipe the host regardless of payment status.

The malware, referred to as WhisperGate by Microsoft, targets the master boot record (MBR) of the target and render the machine inoperable.

“According to Microsoft, powering down the victim device executes the malware, which overwrites the MBR with a ransom note; however, the ransom note is a ruse because the malware actually destroys the MBR and the targeted files,” CISA said.

The malware, according to a Microsoft blog post Saturday, is only thinly veiled as a piece of ransomware. While claiming to ask for a ransom payment, the malware corrupts all files and the MBR without any possible path for recovery.

“At present and based on Microsoft visibility, our investigation teams have identified the malware on dozens of impacted systems and that number could grow as our investigation continues,” says Microsoft

“These systems span multiple government, non-profit, and information technology organizations, all based in Ukraine.”

The attacks, which all targeted machines based in Ukraine, are likely not a coincidence. The country finds itself in crisis as Russia is threatening an invasion, and any strife between the two nations could include cyberattacks on critical infrastructure.

State-sponsored malware attacks are no longer a novel occurrence and have become the norm when nation-states come to blows. The U.S. and Israel were reportedly behind the Stuxnet attack on Iranian nuclear facilities in 2010 , and the Wannacry ransomware attacks were traced back to nation-state hackers in North Korea. WannaCry was similar to WhisperGate in that the ransomware was used as a data wiper rather than an extortion tool.

…

Source…

Microsoft Detects ‘Destructive Malware’ Targeting Ukrainian Organisations & Other Stories

January 16, 2022/in Computer Security

Super Sunday in UP as Ex-IPS Officer Asim Arun Joins BJP, Former MLA Dara Singh Chauhan Jumps to SP

Asim Arun, the former IPS officer who was posted as Commissioner of Kanpur Police before taking Voluntary Retirement recently, has joined the Bharatiya Janata Party (BJP) on Sunday. Sources say that Asim Arun may be fielded from Kannauj in upcoming assembly elections. READ MORE

Mumbai Has Crossed 3rd Wave Peak, Says Task Force Doc as Daily Covid Cases Dip for 4 Consecutive Days

Mumbai’s Covid-19 cases continued to dip for the third consecutive day with 10, 661 fresh infections on Satuday even as the city recorded the highest single-day toll since July 29 last year. Mumbai had reported 16,420 new COVID-19 cases on Wednesday, 13,702 cases on Thursday and 11,317 on Friday, thus showing a steady decline. READ MORE

Actor Vikrant Massey Upsets Indian Cricket Fans with his Apology to South African Team

The third test match against South Africa made Indian skipper Virat Kohli upset and he ended up making comments against the host broadcasters through stump mic. Noticing this, actor Vikrant Massey came up with an apology on Twitter to the South African cricket team for the on-field behaviour of Indian players. This did not go down well with Indian cricket fans. READ MORE

Amrita Singh Accompanies Daughter Sara Ali Khan in Her Spiritual Retreat

Sara Ali Khan is known for her travel diaries and her visits to spiritual places. On Saturday morning, Sara sought the blessings of Lord Shiva at Ujjain’s famous Mahakaleshwar Jyotirlinga temple. In the company of her mother, actress Amrita Singh, Sara visited the Mahakal temple. READ MORE

Microsoft Detects ‘Destructive Malware’ Targeting Ukrainian Organisations

Microsoft Corp said in a blog post on Saturday it observed destructive malware in systems belonging to several Ukrainian government agencies and organisations that work closely with the Ukrainian government. The victims of the malware include Ukrainian government agencies that provide critical executive branch or emergency response functions, Microsoft said. Also affected was an information technology firm that manages websites for public and private sector clients, including government agencies…

Source…

FEMA deploying over 2,000 employees as Ida carves destructive path

August 30, 2021/in Internet Security

To listen to the Federal Newscast on your phone or mobile device, subscribe in PodcastOne or Apple Podcasts. The best listening experience on desktop can be found using Chrome, Firefox or Safari.

More than 2,400 FEMA employees are in place to help out citizens in Louisiana, Alabama, Mississippi and other states that are in the path of Hurricane Ida. In preparation for the Stage 4 storm recovery, FEMA has staged more than 2.5 million meals, 3.1 million liters of water, 76,000 tarps and 64 generators. Additionally, the agency’s Mobile Emergency Response Support assets include deploying Emergency Operations Vehicles to support Louisiana and Mississippi. Along with FEMA, a U.S. Army Corps of Engineers Power Restoration team and its planning and response teams for debris, temporary roofing, infrastructure assessment, temporary housing and temporary power also is in place to help with recovery operations.

The Army is adding fresh help in the battle against California wild fires. Some 200 active duty soldiers will help out in Northern California, with operational command coming from Northern Command’s Joint Force Land Component. The soldiers will arrive at the request of the National Interagency Fire Center. They’ll help with efforts to quell the Dixie fire, which encompasses two national parks and a national forest. The soldiers will receive their gear and start training today. The Air Force has provided eight C-130 airplanes fitted with fire suppression systems.

The military services would establish special victims prosecutors for sexual crimes under a House version of the annual defense bill. The House Armed Services Committee’s “chairman’s mark” would reform the Uniform Code of Military Justice to address sexual assaults in the military. The bill would also reallocate most of the $3.3 billion that was originally earmarked for the Afghan Security Forces Fund. The committee will mark up the bill this week, with a flurry of amendments and lengthy debate expected during the meeting. (Federal News Network)

It’s official — President Joe Biden intends to give federal employees an average 2.7% pay raise…

Source…

A remedial approach to destructive IoT hacks

August 12, 2021/in Internet Security

As of this year, there are more than 10 billion active IoT devices all over the world, many of which are deployed in enterprises.

IoT hacks

Keeping those devices secure is of the utmost importance, lest they be a way in for attackers, so it’s imperative that organizations institute IoT security practices that remediate vulnerabilities and better protect the network – by identifying and securing every “thing”. The main challenge lies in the fact that most companies aren’t aware of the spread of devices connected to its network.

Find and fix every “thing”

Executives often greatly underestimate how much of their network is made up of IoT devices––putting the number at about 1 percent. However, it’s typically 20 percent or higher. In fact, IBM X-Force recently estimated that devices make up 43 percent of the access points on the average organization’s network.

One reason for this discrepancy is that devices are often being deployed without IT department knowledge or approval, as they are often owned and managed by other teams (e.g., facilities management or physical security teams).

It’s critical for companies to get a handle on device inventory now. Device discovery and inventory are the first step in basic security hygiene – but is often harder than expected. Many discovery solutions provide little more information than MAC and IP addresses or use signals that knock over existing devices.

What’s needed is enriched data that allows for security teams to act. With greater awareness and complete visibility into every connected device, organizations can create a full inventory of IoT devices with all the information required to maintain them.

According to a recent Positive Technologies report, 15% of IoT devices owners continue to use default passwords. This report also found that just five sets of usernames and passwords gave them access to a great number of IoT devices, including IP cameras, routers, DVRs, and smart washing machines. Default passwords allow attackers to take over IoT devices as easy access points into the network. From there, they can use these credentials to move laterally, escalate privileges and eventually gain access to an…

Source…

Tag Archive for: Destructive

Find and fix every “thing”