Collaborate Disseminate
Researchers have uncovered easy-to-exploit bugs that can impact physical safety, utilities, healthcare, critical infrastructure and more, setting the stage for widespread worm attacks. Continue reading ‘URGENT/11’ Critical Infrastructure Bugs Threaten EternalBlue-Style Attacks
Security professionals have many tools in their toolbox. Some are physical in nature. (WireShark, Mimikatz, endpoint detection and response systems and SIEMs come to mind.) Others not so much. (These assets include critical thinking faculties, the abil… Continue reading Communication – The Forgotten Security Tool
Baltimore City’s board has decided to devote a surplus of $10 million toward an emergency ransomware response in the city, after officials refused to pay $80,000 to the attackers. Baltimore City officials this week approved the emergency funding … Continue reading Baltimore allocates $10 million to emergency funding in wake of ransomware attack
Here’s a sextortion scam that puts your password right where your name would usually be, to rattle your cage even more than usual. Continue reading ETERNALBLUE sextortion scam puts your password where your name should be
The analysis showed the Backdoor.Win32.Plurox to have a few quite unpleasant features. What’s more, the backdoor is modular, which means that its functionality can be expanded with the aid of plugins. Continue reading Plurox: Modular backdoor
Since March, criminals have been using hacking tools that were reportedly stolen from the National Security Agency in targeting companies around the world as part of a cryptomining campaign, researchers with cybersecurity company Trend Micro said Thursday. The broad-brush campaign has hit organizations in the banking, manufacturing and education sectors, among others, Trend Micro says. The criminals are essentially hijacking corporate computing power to harvest the cryptocurrency Monero. It’s hardly a new concept, but in this case it’s a reminder that tools deployed by state-sponsored hackers can also be used by relatively unskilled crooks more interested in making money than in spying. “Entry-level cybercriminals are gaining easy access to what we can consider ‘military-grade’ tools — and are using them for seemingly ordinary cybercrime activity,” Trend Micro researchers wrote in a blog post. The attacks are exploiting old versions of Microsoft Windows using a variant of a backdoor based on the EternalBlue exploit, Trend Micro said. EternalBlue is code reportedly […]
The post Criminal campaign uses leaked NSA tools to set up cryptomining scheme, Trend Micro says appeared first on CyberScoop.
A second lawmaker from Maryland now says it doesn’t appear that the ransomware attack in Baltimore relied on a stolen National Security Agency exploit, EternalBlue. “It’s the federal government’s view that EternalBlue was not involved in the ransomware attack in Baltimore City,” Democratic Sen. Chris Van Hollen told CyberScoop on Monday following a briefing on Capitol Hill from NSA officials. The briefing was organized following requests from officials who sought details on whether the government’s own exploit, which was exposed in a 2017 leak from the NSA, had been used in an attack that hobbled Baltimore for weeks. The New York Times reported May 25 that EternalBlue was used to spread the ransomware, known as RobbinHood, across networks in Baltimore and in several other American cities. Van Hollen joined Democratic Rep. Dutch Ruppersberger in his assessment, which was based on a separate briefing from the NSA last week, that the government has determined EternalBlue was not […]
The post Sen. Van Hollen: Government sees no EternalBlue in Baltimore ransomware attack appeared first on CyberScoop.
Continue reading Sen. Van Hollen: Government sees no EternalBlue in Baltimore ransomware attack
This is your Shared Security Weekly Blaze for June 3rd 2019 with your host, Tom Eston. In this week’s episode: US cities are being rampaged with ransomware, mobile phishing attacks on the rise, and do you know what your iPhone is doing while you … Continue reading Ransomware Rampage, Mobile Phishing Attacks, iPhone App Ad Trackers
Senior National Security Agency officials have no evidence a tool developed by the NSA “played a role” in the ransomware attack on Baltimore, Rep. Dutch Ruppersperger said Friday following a briefing at the agency’s headquarters. Ruppersberger, D-Md., and other officials requested briefings with the agency following a report from The New York Times that the exploit, known as EternalBlue, was used to help spread the RobbinHood ransomware variant across the city’s IT infrastructure. “I have been told that there is no evidence at this time that EternalBlue played a role in the ransomware attack currently affecting Baltimore City,” Ruppersberger said in a statement. “I’m told it was not used to gain access nor to propagate further activity within the network.” A followup briefing with other members of Maryland’s congressional delegation is expected to be held Monday. “It is important that discussions regarding the use of government cyber tools, and subsequent […]
The post Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack appeared first on CyberScoop.
Continue reading Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack
In the wake of the Baltimore ransomware attack, a senior adviser at the National Security Agency said Thursday there is no “indefensible” nation-state-built tool that is responsible for the spread of ransomware and network administrators have a responsibility to patch their systems, especially when patches have been released for critical flaws. The comments come after The New York Times reported this past week that RobbinHood, the ransomware strain behind the Baltimore ransomware attack, was able to spread on the city IT infrastructure partly due to its use of a leaked NSA tool known as EternalBlue. The Times report, which cites security experts briefed on the matter, states EternalBlue was discovered as incident response teams fixed the issues that had crippled a number of the city’s online services. “The characterization that there is an indefensible nation-state tool propagating ransomware is simply untrue,” Rob Joyce, a senior adviser at the NSA, said Thursday […]
The post NSA points to two-year patching window in remarks about Baltimore incident appeared first on CyberScoop.
Continue reading NSA points to two-year patching window in remarks about Baltimore incident