Author Archives: Lucian Constantin

On Feb. 5, employees at Hollywood Presbyterian Medical Center in Los Angeles, California, started having network access problems that prevented electronic communications. Over the next few days, they learned that the hospital was the victim of a ransomware attack that encrypted files on multiple computers.

After several days during which staff had to resort to pen and paper for some record keeping, the hospital decided to pay the $17,000 ransom — the equivalent of 40 bitcoins that the attackers had requested. It was deemed to be the fastest way to restore the affected files and systems.

This was to be the first in a string of ransomware attacks that affected multiple healthcare organizations in the U.S. over the following months, including the Chino Valley Medical Center, the Desert Valley Hospital and Methodist Hospital in Henderson, Kentucky.

To read this article in full or to leave a comment, please click here

On Feb. 5, employees at Hollywood Presbyterian Medical Center in Los Angeles, California, started having network access problems that prevented electronic communications. Over the next few days, they learned that the hospital was the victim of a ransomware attack that encrypted files on multiple computers.

After several days during which staff had to resort to pen and paper for some record keeping, the hospital decided to pay the $17,000 ransom — the equivalent of 40 bitcoins that the attackers had requested. It was deemed to be the fastest way to restore the affected files and systems.

This was to be the first in a string of ransomware attacks that affected multiple healthcare organizations in the U.S. over the following months, including the Chino Valley Medical Center, the Desert Valley Hospital and Methodist Hospital in Henderson, Kentucky.

To read this article in full or to leave a comment, please click here

Security experts are investigating whether a power outage that affected parts of the Ukrainian capital, Kiev, and the surrounding region this weekend was the result of a cyberattack. If confirmed, it would be the second blackout caused by hackers in Ukraine.

The incident affected the automation control systems at the northern power substation near Novi Petrivtsi, a village near Kiev, close to midnight between Saturday and Sunday. This resulted in complete power loss for the northern part of Kiev on the right bank of the Dnieper river and the surrounding region.

Engineers from Ukrenergo, Ukraine’s national power company, switched the equipment to manual control mode and started restoring power within 30 minutes, said Vsevolod Kovalchuk, acting director of Ukrenergo, in a post on Facebook. Full power was restored to all affected areas in about an hour and 15 minutes.

To read this article in full or to leave a comment, please click here

Security experts are investigating whether a power outage that affected parts of the Ukrainian capital, Kiev, and the surrounding region this weekend was the result of a cyberattack. If confirmed, it would be the second blackout caused by hackers in Ukraine.

The incident affected the automation control systems at the northern power substation near Novi Petrivtsi, a village near Kiev, close to midnight between Saturday and Sunday. This resulted in complete power loss for the northern part of Kiev on the right bank of the Dnieper river and the surrounding region.

Engineers from Ukrenergo, Ukraine’s national power company, switched the equipment to manual control mode and started restoring power within 30 minutes, said Vsevolod Kovalchuk, acting director of Ukrenergo, in a post on Facebook. Full power was restored to all affected areas in about an hour and 15 minutes.

To read this article in full or to leave a comment, please click here

Security experts are investigating whether a power outage that affected parts of the Ukrainian capital, Kiev, and the surrounding region this weekend was the result of a cyberattack. If confirmed, it would be the second blackout caused by hackers in Ukraine.

The incident affected the automation control systems at the northern power substation near Novi Petrivtsi, a village near Kiev, close to midnight between Saturday and Sunday. This resulted in complete power loss for the northern part of Kiev on the right bank of the Dnieper river and the surrounding region.

Engineers from Ukrenergo, Ukraine’s national power company, switched the equipment to manual control mode and started restoring power within 30 minutes, said Vsevolod Kovalchuk, acting director of Ukrenergo, in a post on Facebook. Full power was restored to all affected areas in about an hour and 15 minutes.

To read this article in full or to leave a comment, please click here

Without the macOS update released this week, Apple’s disk encryption can be easily defeated by connecting a specially crafted device to a locked Macbook.

The attack is possible because devices connected over Thunderbolt can access the computer’s RAM directly before the OS is started through the direct memory access (DMA) feature. The DMA mechanism is typically used by disk drive controllers, graphics cards, network cards, and sound cards because accessing the memory through the CPU would otherwise keep the processor busy and unavailable for other tasks.

Apple’s macOS has DMA protections, but they only kick in when the OS is running. However, the EFI (Extensible Firmware Interface) — the modern BIOS — initializes Thunderbolt devices at an early stage in the boot process and this enables them to use DMA before the OS is started, security researcher Ulf Frisk said in a blog post.

To read this article in full or to leave a comment, please click here

Without the macOS update released this week, Apple’s disk encryption can be easily defeated by connecting a specially crafted device to a locked Macbook.

The attack is possible because devices connected over Thunderbolt can access the computer’s RAM directly before the OS is started through the direct memory access (DMA) feature. The DMA mechanism is typically used by disk drive controllers, graphics cards, network cards, and sound cards because accessing the memory through the CPU would otherwise keep the processor busy and unavailable for other tasks.

Apple’s macOS has DMA protections, but they only kick in when the OS is running. However, the EFI (Extensible Firmware Interface) — the modern BIOS — initializes Thunderbolt devices at an early stage in the boot process and this enables them to use DMA before the OS is started, security researcher Ulf Frisk said in a blog post.

To read this article in full or to leave a comment, please click here

Without the macOS update released this week, Apple’s disk encryption can be easily defeated by connecting a specially crafted device to a locked Macbook.

The attack is possible because devices connected over Thunderbolt can access the computer’s RAM directly before the OS is started through the direct memory access (DMA) feature. The DMA mechanism is typically used by disk drive controllers, graphics cards, network cards, and sound cards because accessing the memory through the CPU would otherwise keep the processor busy and unavailable for other tasks.

Apple’s macOS has DMA protections, but they only kick in when the OS is running. However, the EFI (Extensible Firmware Interface) — the modern BIOS — initializes Thunderbolt devices at an early stage in the boot process and this enables them to use DMA before the OS is started, security researcher Ulf Frisk said in a blog post.

To read this article in full or to leave a comment, please click here