US advisory meant to clarify ransomware payments only spotlights widespread uncertainty

If a Treasury Department advisory threatening financial penalties against anyone paying ransomware hackers was intended to send a clear message, it may have done the exact opposite. The Oct. 1 advisory from the Office of Foreign Assets Control warned that paying or helping to pay ransoms to anyone on its cyber sanctions list could incur civil penalties. Across some of the industries mentioned in the advisory — like cybersecurity incident response firms and insurance providers — reactions have ranged from confusion to silence, from yawns to raised eyebrows, from praise to fear of a blizzard of potentially unintended consequences. The worst case scenarios involve ransomware victims in the health sector having to make a life-or-death decision on whether to pay to unlock their systems while at risk of incurring Treasury’s wrath, or situations where victims try even harder to keep attacks quiet to avoid OFAC fines, which sometimes total millions […]

The post US advisory meant to clarify ransomware payments only spotlights widespread uncertainty appeared first on CyberScoop.

Continue reading US advisory meant to clarify ransomware payments only spotlights widespread uncertainty

Career Choice Tip: Cybercrime is Mostly Boring

When law enforcement agencies tout their latest cybercriminal arrest, the defendant is often cast as a bravado outlaw engaged in sophisticated, lucrative, even exciting activity. But new research suggests that as cybercrime has become dominated by pay-for-service offerings, the vast majority of day-to-day activity needed to support these enterprises is in fact mind-numbingly boring and tedious, and that highlighting this reality may be a far more effective way combat cybercrime and steer offenders toward a better path. Continue reading Career Choice Tip: Cybercrime is Mostly Boring

BlueKeep is back. For now, attackers are just using it for cryptomining

For months, cybersecurity analysts have sounded the alarm about a serious vulnerability in old Microsoft operating systems that, if exploited, could infect computers around the world. The hacking has finally begun, and so far, it’s gone off with a whimper, not a bang. Over the weekend, a security researcher who maintains “honeypots,” or simulated environments to trap malicious activity, reported a spike in attacks exploiting the Remote Desktop Protocol vulnerability, known as BlueKeep. But rather than anything “wormable” that can spread from machine to machine, this appears to be a case of opportunists scanning the internet to infect computers for monetary gain. Researchers had warned that BlueKeep could enable outsiders to execute remote code on a compromised machine. Kevin Beaumont, the researcher who gave BlueKeep its name, reported that nearly all of his honeypots had been hit by attackers exploiting the vulnerability. Hackers appear to be using the exploit to try to install […]

The post BlueKeep is back. For now, attackers are just using it for cryptomining appeared first on CyberScoop.

Continue reading BlueKeep is back. For now, attackers are just using it for cryptomining

After months of worry, BlueKeep vulnerability is now being exploited in mass-hacking campaign

The BlueKeep vulnerability, discovered by the UK’s NCSC, is being exploited at scale in an attempt to install a cryptocurrency minder on unpatched Windows PCs.
Continue reading After months of worry, BlueKeep vulnerability is now being exploited in mass-hacking campaign

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

Cybersecurity researchers have spotted a new cyberattack that is believed to be the very first but an amateur attempt to weaponize the infamous BlueKeep RDP vulnerability in the wild to mass compromise vulnerable systems for cryptocurrency mining.

In … Continue reading First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

No Jail Time for “WannaCry Hero”

Marcus Hutchins, the “accidental hero” who helped arrest the spread of the global WannaCry ransomware outbreak in 2017, will receive no jail time for his admitted role in authoring and selling malware that helped cyberthieves steal online bank account credentials from victims, a federal judge ruled Friday. Continue reading No Jail Time for “WannaCry Hero”

Marcus Hutchins, who stopped WannaCry’s spread, avoids prison time

A British cybersecurity researcher best known for halting the spread of the global WannaCry ransomware outbreak two years ago will avoid prison for creating banking malware that surfaced in 2014. A federal judge in the Eastern District of Wisconsin on Friday sentenced 25-year-old Marcus Hutchins to time served and one year of supervised release, according to reporters in the courtroom.  The decision brings to a dramatic close a legal saga that has absorbed the cybersecurity community for years. Hutchins, also known by the Twitter handle “MalwareTech,” had faced up to a decade in prison after pleading guilty in April to two counts related to writing and distributing the Kronos banking trojan, and another piece of malware known as UPAS Kit. Hutchins created Kronos as a black hat hacker, a life he disavowed before the WannaCry ransomware virus infected more than 200,000 computers in roughly 150 countries in May 2017. Hutchins, working as a security researcher at […]

The post Marcus Hutchins, who stopped WannaCry’s spread, avoids prison time appeared first on CyberScoop.

Continue reading Marcus Hutchins, who stopped WannaCry’s spread, avoids prison time

Smashing Security #125: Pick of the thief!

WannaCry’s “accidental hero” pleads guilty to malware charges, Samsung and Nokia have fingerprint fumbles, the NCSC publishes a list of 100,000 dreadful passwords, and Apple finds itself at the centre of an identity mix-up.

All this and much more is… Continue reading Smashing Security #125: Pick of the thief!