Tag Archive for: Worried

An anonymous coder nearly hacked a big chunk of the internet. How worried should we be?

/in


Outside the world of open-source software, it’s likely few people would have heard about XZ Utils, a small but widely used tool for data compression in Linux systems. But late last week, security experts uncovered a serious and deliberate flaw that could leave networked Linux computers susceptible to malicious attacks.

The flaw has since been confirmed as a critical issue that could allow a knowledgeable hacker to gain control over vulnerable Linux systems. Because Linux is used throughout the world in email and web servers and application platforms, this vulnerability could have given the attacker silent access to vital information held on computers throughout the world – potentially including the device you’re using right now to read this.

Major software vulnerabilities, such as the SolarWinds hack and the Heartbleed bug, are nothing new – but this one is very different.

The XZ Utils hack attempt took advantage of the way open-source software development often works. Like many open-source projects, XZ Utils is a crucial and widely used tool – and it is maintained largely by a single volunteer, working in their spare time. This system has created huge benefits for the world in the form of free software, but it also carries unique risks.

Open source and XZ Utils

First of all, a brief refresher on open-source software. Most commercial software, such as the Windows operating system or the Instagram app, is “closed-source” – which means nobody except its creators can read or modify the source code. By contrast, with “open-source” software, the source code is openly available and people are free to do what they like with it.

Open-source software is very common, particularly in the “nuts and bolts” of software which consumers don’t see, and hugely valuable. One recent study estimated the total value of open source software in use today at US$8.8 trillion.

Until around two years ago, the XZ Utils project was maintained by a developer called Lasse Collin. Around that time, an account using the name Jia Tan submitted an improvement to the software.



Read more:
From botnet to malware: a guide to decoding cybersecurity buzzwords

Source…

Welcome To 2023—A Year In Which Everyone Is Still Worried About Ransomware

/in


Gordon Lawson is CEO of Conceal, which enables organizations to protect their privacy and security using dynamic obfuscation.

Ransomware—one of the most dangerous attack vectors in cybersecurity—remains a top priority for organizations going into the new year, but why? According to Verizon’s 2022 Data Breach Investigations Report, ransomware attacks have increased by 13% from 2020 to 2021. This jump is greater than the past five years combined. Being front and center for years now, shouldn’t ransomware be under control?

Late last year, the United States held its second annual summit on ransomware. During the summit, global leaders from 36 countries and many private institutions came together to discuss the global implications of ransomware. The summit focused on developing a strategy to combat ransomware on a global scale—across all industries and geographies. If there is one thing that the summit brought to light, it is that the current approach, tools and priorities are not solving the global crisis. The current strategy is not working.

The Failing Strategy

Bracing for ransomware is not a new concept. Rather, the priority has been at the top of the agenda for security professionals for years. According to IBM, “The share of breaches caused by ransomware grew 41% in the last year and took 49 days longer than average to identify and contain.”

The threat of ransomware is in its sophistication, and the strategy to protect against it is not evolving with the changing threat landscape. Why is the focus of ransomware the same objective year after year? Unfortunately, the answer is simple—there is a gap in tooling.

In the current security landscape, there is not a single vendor that adequately solves the challenges surrounding ransomware. Rather, organizations are forced to pick and choose how to implement their solution from a variety of vendors that do bits and pieces to solve the full challenge. Unfortunately, this approach has proven ineffective, and bad things are still happening.

Today, solving the challenges of ransomware is further complicated by the continuous evolution of the threat vector. While traditionally, over 80% of ransomware attacks have…

Source…

Optus cyber attack: What can hackers do with your Medicare number and should you be worried? | SBS News

/in


Almost 15, 000 valid Medicare numbers were reportedly accessed through a massive Optus data breach, but Services Australia says this is not enough information for hackers to be able to access victims’ Medicare details.
When Optus first reported the breach on 22 September, it did not initially disclose the fact that Medicare numbers were among the sensitive details stolen by the cybercriminals.
On Wednesday, Health Minister Mark Butler said he was concerned by the delay in Optus telling the government about the Medicare data breach.
“All of this data is obviously of potential value to criminals, and that’s why consumers are rightly so concerned,” he told ABC radio.
“We were not notified, as I’m advised, that – among passport details, driver’s licence details and others – Medicare details had also been the subject of this breach, so we’re very concerned obviously about the loss of this data and working very hard to deal with the consequences of that, but particularly concerned that we were not notified earlier and consumers were not notified earlier about the breach of Medicare data as well.”
So what could somebody actually do with your Medicare number, and should you be concerned?

Here’s what we know.

Should you be concerned?

Services Australia is reassuring affected customers their Medicare details cannot be accessed by using just the Medicare card number.
Vanessa Teague is CEO of Thinking Cybersecurity, cryptographer, and associate professor at the Research School of Computer Science at the Australian National University.
She says it is difficult to determine whether or not cybercriminals would be able to access customers’ Medicare using other information obtained during the hack.
“The last time I checked, you needed not only the number and the expiry date and so forth on the card, but also the dates of birth of the other family members on that card,” she said.

“It doesn’t seem impossible that a family of four with two older kids with mobile phones might all have signed themselves up together, and it’s possible that for those families, all of that information might be in the leaked Optus data.”

“Different people are going to be concerned about different things, and different individuals…

Source…

[Update: Fix is live] Windows Defender is reporting a false-positive threat ‘Behavior:Win32/Hive.ZY’; it’s nothing to be worried about

/in


  • Windows Defender is alerting people of a “threat detected” for “Behavior:Win32/Hive.ZY”
  • The issue is tied to a recent listing in Microsoft’s Defender update file, which is making a wrong detection
  • The trigger seems tied to Defender detecting “Electron-based or Chromium-based applications as malware”
  • Microsoft is expected to patch/update Microsoft Defender to alleviate the issue

Update #1 (1:50 PM ET): According to the Microsoft support forums, the Defender Team indicated they are investigating this and will hopefully release a patch for this soon.

Update #2: (7:50 PM ET): According to Microsoft support forums, “indications from a Microsoft Agent is a fix has been released (Version: 1.373.1537.0)”

Source…