Month: October 2015

New ransomware uses Remote Desktop to spread

New ransomware uses Remote Desktop to spread

Analysis of the ransomware was conducted by malware analyst, Nathan Scott. When the ransomware executable is run, it first scans all mapped drives, removable drives, and network drives for data files to encrypt. “When the ransomware executable is run it will scan all mapped drives, including removable and network drives, for data files to encrypt.  When it encounters a file that contains certain file extensions it will encrypt them using AES encryption and then add the oorr. string to the beginning of the file name.”

http://darkmatters.norsecorp.com/2015/10/21/new-ransomware-uses-remote-desktop-to-spread/?mkt_tok=3RkMMJWWfF9wsRojvKjIZKXonjHpfsX66uUoWKWzlMI%2F0ER3fOvrPUfGjI4FS8pmI%2BSLDwEYGJlv6SgFTLjEMa9u1rgPUhI%3D

Google is Merging its Chrome OS with Android

Google is Merging its Chrome OS with Android

According to a recent report published by the Wall Street Journal, Google has been working for two years to merge Chrome OS and Android, and you can expect to see an early version of the ‘single OS for all’ as soon as next year at Google I/O event.

Some have reported that Google might “kill” Chrome operating system, but it’s not what the company has planned about.

http://thehackernews.com/2015/10/android-google-chrome-os.html

WordPress Security: Brute Force Amplification Attack Targeting Thousand of Blogs

WordPress Security: Brute Force Amplification Attack Targeting Thousand of Blogs

Most of the times, we have reported about WordPress vulnerabilities involving vulnerable plugins, but this time security researchers have discovered Brute Force Amplification attacks on the most popular CMS (content management system) platform.
Researchers from security firm Sucuri have found a way to perform Brute Force amplification attacks against WordPress’ built-in XML-RPC feature to crack down administrator credentials.

http://thehackernews.com/2015/10/WordPress-BruteForce-Amplification.html

Yet another security update for Adobe

Yet another security update for Adobe

It seems that Adobe still haven’t learned that security is vital to everything we do as users of anything. So why is Adobe so widely used and required if it fails so drastically at every hurdle? Well it is an ongoing question that everyone seems to have been asking for years and yet has yet to be answered.

So for another exciting chapter in the gripping drama that is Adobe, see the security bulletin below.

https://helpx.adobe.com/security/products/shockwave/apsb15-26.html

” .\Global\vmx86″: The system cannot find the file specified.

Unable to open kernel device “.\Global\vmx86”:The system cannot find the file specified. Did you reboot after installing VMware Workstation?

This recently occurred on my system and although the cause is not yet know, the fix was pretty simple.

Open command prompt (Win+R) but ensure it is run as admin, try net start vmx86, it will probably fail but at least you’re not doing unnecessary steps. Now (still in cmd prompt) change directory into the Workstation install location and type vnetlib — uninstall vmx86 and reboot your physical host machine.

Open command prompt again and type vnetlib — install vmx86 then reboot again, this time the issue should be gone and you can run the VM’s as normal.

If you still have no luck then try reinstalling workstation.

UK ISP Talk Talk suffer an embarrassing data breach

UK ISP Talk Talk suffer an embarrassing data breach

On 21st October, Talk Talk brought down their websites to allow investigators to review actions that saw customers personal data breached. The Police investigation is ongoing but there is a strong belief that the following has been accessed:

  • Names
  • Addresss
  • Dates of birth
  • Email addresses
  • Telephone numbers
  • TalkTalk account information
  • Credit card details and/or bank details

#Security #Cyber Security

https://help2.talktalk.co.uk/oct22incident

http://www.bbc.co.uk/news/uk-34611857

Hacking Horror Stories and Frightening Facts to make organisations more Security Serious this Halloween

Hacking Horror Stories and Frightening Facts to make organisations more Security Serious this Halloween

With Security Serious just a week away, the organisations involved with the campaign – aimed at making UK Plc a safer place to trade online – have today offered some Hacking Horror Stories and Frightening Facts to help organisations unmask the virtual spooks this Halloween.

#IT Security #Hacking Horror #Cyber Security

http://www.itsecurityguru.org/2015/10/20/hacking-horror-stories-and-frightening-facts-to-make-organisations-more-security-serious-this-halloween/?linkId=18089328

This Malware can delete and replace your entire chrome browser with a lookalike

This Malware can delete and replace your entire chrome browser with a lookalike

Security researchers have uncovered a new piece of Adware that replaces your entire browser with a dangerous copy of Google Chrome, in a way that you will not notice any difference while browsing.

The new adware software, dubbed “eFast Browser,” works by installing and running itself in place of Google Chrome

http://thehackernews.com/2015/10/malware-chome.html

Turnbull given ok to use Slack, Wickr

Turnbull given ok to use Slack, Wickr

Advice from national security chief revealed.

Prime Minister Malcolm Turnbull was advised there is no national security risk raised by his use of messaging applications like Slack and Wickr for official government communications, a document tabled in parliament last night reveals.

The PM made headlines in the past two weeks after his use of non-official communications apps and a private email server came to light.

http://www.itnews.com.au/news/turnbull-given-ok-to-use-slack-wickr-410772

Facebook will now notify you if the NSA is spying on you.

Facebook will now notify you if the NSA is spying on you.

Facebook just launched a new notification feature that will alert you if the social network strongly suspects that your account is being hijacked or targeted by hackers working in the interest of a nation-state.

http://thehackernews.com/2015/10/facebook-account-hacking.html