NotPetya – Page 9 – WindowsTechs.com

Weekly Cyber Risk Roundup: Bad Rabbit’s Parallel Attack, Paradise Papers Fallout

Posted on November 13, 2017 by Jeff Peters

October’s Bad Rabbit ransomware attacks were back in the news this week due to a report that a series of phishing attacks occurred at the same time as the Bad Rabbit outbreak, and the parallel attacks may have been carried out by the same group. The discovery also suggests that Ukraine may have been a… Read More

The post Weekly Cyber Risk Roundup: Bad Rabbit’s Parallel Attack, Paradise Papers Fallout appeared first on Security Boulevard.

Continue reading Weekly Cyber Risk Roundup: Bad Rabbit’s Parallel Attack, Paradise Papers Fallout→

2018 Malware Forecast: learning from the long summer of ransomware

Posted on November 3, 2017 by Bill Brenner

SophosLabs looks at the summer of 2017’s most prolific ransomware families Continue reading 2018 Malware Forecast: learning from the long summer of ransomware→

Japanese businesses are the latest victims of attacks disguised as ransomware

Posted on November 2, 2017 by Chris Bing

A sustained ransomware campaign aimed at extorting Japanese companies now appears to have been part of an elaborate cyber espionage operation that included destroying data to conceal evidence, according to Israeli cybersecurity firm Cybereason. Based on malware analysis and other technical indicators discovered on victims’ networks, Cybereason concluded the two-part virus, dubbed “MBR-ONI,” was specially designed to target specific Japanese organizations in order to steal data during a certain timeframe. While the infections first appeared to be limited to conventional, cybercrime-related ransomware, further inspection by Cybereason revealed hidden commands were taking place behind the scenes, including a script that wiped Windows event logs. “We suspect that the ONI ransomware was used as a wiper to cover up an elaborate hacking operation,” a blog post published Tuesday by the company reads. “These targeted attacks lasted between three to nine months and all ended with an attempt to encrypt hundreds of machines at […]

The post Japanese businesses are the latest victims of attacks disguised as ransomware appeared first on Cyberscoop.

Continue reading Japanese businesses are the latest victims of attacks disguised as ransomware→

Devilish ONI Attacks in Japan Use Wiper to Cover Tracks

Posted on November 2, 2017 by Michael Mimoso

The ONI ransomware attacks targeting organizations in Japan are also dropping wiper malware which is being used to delete logs and cover the attackers’ tracks. Continue reading Devilish ONI Attacks in Japan Use Wiper to Cover Tracks→

Global ransomware attacks tiptoed around Russian anti-virus products

Posted on October 30, 2017 by Chris Bing

Those responsible for two of the largest ransomware attacks of 2017 designed their malware to carefully handle computers with Russian anti-virus products installed, security researchers have told CyberScoop. For the third time in less than six months, a ransomware-style cyberattack spread across Eastern Europe in a matter of hours. The attack, dubbed “BadRabbit,” infected computers inside Ukrainian and Russian government agencies, Ukrainian transportations facilities and Russian news outlets among other targets; causing a disruption in normal business operations that continues for some until today. Although most of BadRabbit’s impact occurred in Russia, there’s evidence that the malware compromised organizations in several countries other than Ukraine, including Japan and Turkey. The virus, when successfully installed, will encrypt files and then request a payment in the form of Bitcoin from victims in order to unlock their systems. Experts say there’s likely more to the story than a simple ransom collection. An investigation into […]

The post Global ransomware attacks tiptoed around Russian anti-virus products appeared first on Cyberscoop.

Continue reading Global ransomware attacks tiptoed around Russian anti-virus products→

Oracle Provides Workaround for Critical Flaw in Identity Manager

Posted on October 30, 2017 by Lucian Constantin

Oracle has warned customers about a critical vulnerability in the Oracle Identity Manager (OIM) that could allow an attacker to gain complete control over the user management system. OIM is part of Oracle’s Fusion Middleware suite of business applications and provides user provisioning and management. Companies use this application to add new accounts for employees..

The post Oracle Provides Workaround for Critical Flaw in Identity Manager appeared first on Security Boulevard.

Continue reading Oracle Provides Workaround for Critical Flaw in Identity Manager→

NotPetya ransomware cost Merck more than $310 million

Posted on October 27, 2017 by Patrick Howell O'Neill

The NotPetya cyberattack has cost the American pharmaceutical giant Merck more than $135 million in sales and $175 million in additional costs since June, the company said in a call with investors Friday. That number comes in addition to the $300 million loss FedEx said it suffered when systems were disrupted until as late as September. The shipping company Maersk lost $200 million when its systems were infected by the ransomware outbreak. The nation of Ukraine got the worst, however, with more than 1,500 people and organizations reporting being affected by the ransomware. In response, NATO pledged to increase aid to Ukraine’s cybersecurity. The June attack impacted Merck’s global manufacturing, research and sales for nearly a week. Company email was disabled, 70,000 employees were forbidden from touching their computers, and instructions were sent via copy-and-pasted text messages. The exact cause of the infection remains publicly unclear. Merck’s pain may not yet be over. […]

The post NotPetya ransomware cost Merck more than $310 million appeared first on Cyberscoop.

Continue reading NotPetya ransomware cost Merck more than $310 million→

Equifax’s Servers Reportedly Had Glaring Holes Long Before Data Breach

Posted on October 26, 2017 by Lucian Constantin

Equifax reportedly took six months to take down a publicly exposed web application that could have allowed anyone on the internet to search and download sensitive personal consumer data. VICE Motherboard reported Thursday that an unnamed security researcher alerted Equifax about the exposed application in December 2016, but the company didn’t take steps to secure..

The post Equifax’s Servers Reportedly Had Glaring Holes Long Before Data Breach appeared first on Security Boulevard.

Continue reading Equifax’s Servers Reportedly Had Glaring Holes Long Before Data Breach→

BadRabbit runs out of steam – but be prepared for the next ransomware attack

Posted on October 26, 2017 by Graham Cluley

The best response to the current wave of ransomware attacks is to ensure that you are prepared *before* you become a victim.
Read more in my article on the Tripwire State of Security blog.
Continue reading BadRabbit runs out of steam – but be prepared for the next ransomware attack→

BadRabbit runs out of steam – but be prepared for the next ransomware attack

Posted on October 26, 2017 by Graham Cluley

Reports appeared on Tuesday that a new ransomware outbreak was hitting organisations in Russia and Ukraine. Victims included the Russian newswire Interfax, Ukraine’s Odessa airport, and the Kiev subway system. Media outlets like Fontanka.ru found their website’s disrupted by the attack, and urged readers to follow them on social media for updates while systems were […]… Read More

The post BadRabbit runs out of steam – but be prepared for the next ransomware attack appeared first on The State of Security.

The post BadRabbit runs out of steam – but be prepared for the next ransomware attack appeared first on Security Boulevard.

Continue reading BadRabbit runs out of steam – but be prepared for the next ransomware attack→