Posts

Google disrupted the Glupteba botnet used to steal personal information and mine cryptocurrency


Google found that Glupteba has infected about a million Microsoft Windows devices worldwide, which would put it among the largest botnets analyzed by security experts. In a complaint filed in federal court in New York on Tuesday, Google detailed several different crimes it alleges hackers use the botnet to perpetuate, including stealing and selling log-in information for Google accounts, and selling access to captured devices to other criminals who want to hide their Internet activity.

Source…

Tread cautiously when entering any information online


Q: Is there is a post and an answer on how to remove the banner “Need to renew Microsoft Windows 10 License” that appears on the start-up for Windows 10?

— Ellis B., Niceville

A: At present, there is neither a post nor an answer that deals with that question, Ellis. Well, there wasn’t when I started writing this edition, but if you’re reading it, then obviously, that has changed, and there are now both a post and an answer. Funny how it just seems to work out that way.

Let me start by saying that I’ve never seen or even heard of the particular message that you cited. That’s not unusual — I can’t possibly know every single message that Windows chooses to pop up on you.

Source…

Apple sues ‘abusive’ iPhone spyware firm | Information Age


Apple is suing an “abusive” Israeli software firm whose spyware has been used by numerous totalitarian governments to spy on journalists, human rights activists, and other persons of interest.

The technology giant this month filed a lawsuit against Tel Aviv firm NSO Group and its parent company, Q Cyber Technologies, seeking damages and a permanent ban preventing the group from using any Apple software, services, or devices.

As part of its campaign against NSO, Apple will fund and provide technical support for anti-surveillance technology groups.

The NSO’s use of FORCEDENTRY – a now-fixed vulnerability that can bypass security controls in Apple’s iOS operating system – enabled it to install Pegasus spyware on targetted iPhones without the victim’s knowledge.

Once installed, Pegasus monitors iPhone activity and communications over iMessage, FaceTime, and third-party software like Facebook and WhatsApp.

It is putatively designed to support law-enforcement agencies and the company claims to “hold ourselves to the highest standards for ethical businesses”, but its historical sales to governments such as Bahrain, Panama, Dubai, and Saudi Arabia – which used it to surveil Washington Post journalist Jamal Khashoggi before he was murdered – have drawn widespread condemnation.

In July, a major multinational investigation, called the Pegasus Project, united 16 media outlets to investigate NSO Group and found a list of 50,000 journalists and politicians targetted by its clients.

More recently, Pegasus was found on the devices of six Palestinian human-rights activists.

“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability,” said Apple senior vice president of software engineering Craig Federighi in announcing the lawsuit, which also seeks damages for “flagrant violations of US federal and state law”.

“Private companies developing state-sponsored spyware have become even more dangerous,” Federighi said, lauding the efforts of security researchers at the University of Toronto’s Citizen Lab – who discovered that the ‘zero-click’ Pegasus malware can be…

Source…

N.L. cyberattack update planned, experts question scarce information provided so far


ST. JOHN’S, N.L. – Security experts say it’s strange for the Newfoundland and Labrador government to have released little information about a cybersecurity attack that has crippled its health-care system more than a week after the trouble was detected.

Premier Andrew Furey is scheduled to provide an update on the situation Tuesday afternoon, but government officials have so far refused to say what kind of an attack the province is facing and whether the hackers involved have asked for money. Outside experts say it has all the signs of a ransomware attack, in which hackers infiltrate an information technology network and demand payment in return for restoring access.

Brian Honan, the head of Ireland’s Computer Security Incident Response Team, said government representatives in that country were on national radio the morning after a similar attack was discovered last May, “telling people what happened, how it happened, what the impact would be.”

“They came up very early and said they would not be negotiating with criminals, they would not be paying the ransom demand and they will be looking to restore systems as quickly as possible,” Honan said in a recent interview.

People were worried about their private information being published by the hackers, and the government’s transparency helped them understand what to expect, he said.

The attack in Newfoundland and Labrador was first discovered Oct. 30, affecting what Health Minister John Haggie described as the “two brains” behind the provincial health network’s data centre. Without access to such things as basic email, diagnostic images and lab results, the eastern health authority — which includes several major hospitals in St. John’s — was left operating largely with pen and paper and running only emergency services.

Thousands of medical appointments have been cancelled, though the health authority has been able to resume some cancer care, such as chemotherapy and radiation.

Brett Callow, a threat analyst for Emsisoft, an international cybersecurity firm based in British Columbia, said there could be “very good reason” for the Newfoundland and Labrador to keep quiet, even 11 days after the attack was first…

Source…