Articles about Variants

Security firms team to take down rudimentary ransomware

Two new ransomware efforts have been destroyed by meddling white hats. "PowerWare" and "Bart" have been dismembered and laughed at by good-guy hackers who found flaws that allow user machines infected by current forms of the threats to decrypt their files for free. Palo Alto's Tyler Halfpop, Jacob Soo and Josh Grunzweig, …
Darren Pauli, 25 Jul 2016
Seagate_Guardian_Brands

Seagate in 10TB drive brand brainstorm

Seagate has added three new 10TB helium drives, simultaneously re-branding its desktop/laptop disk and SSHDs, NAS and surveillance drive products in a complicated scheme involving disparate drive technologies. It introduced its first helium drive, the 7-platter 10TB Enterprise Capacity disk drive, in January. Now there are …
Chris Mellor, 21 Jul 2016

Ransomware gang: How can I extort you today?

Three out of four ransomware criminal gangs are willing to negotiate the shakedown price. And all the operators of file encrypting ransomware scams will give victims more time to pay up. So say security researchers at F-Secure, who investigated the "customer experience" of five active crypto-ransomware variants, beginning with …
John Leyden, 21 Jul 2016
Man reading newspaper with glasses on his head

Android malware blocks bank calls

Cybercrooks have put together a fake banking application that blocks victims’ outgoing calls to customer service. The Fakebank trojan blocks calls in order to stop victims from cancelling their stolen payment cards. The Android nasty is automatically programmed to cancel calls from being placed. Victims can, of course, use …
John Leyden, 14 Jul 2016
lychy 01 http://www.shutterstock.com/gallery-299362p1.html

400 million Foxit users need to catch up with patched-up reader

Makers of popular PDF reader Foxit have patched 12 dangerous vulnerabilities that could have resulted in remote code execution. Some 400 million users run the flagship reader billed as an alternative to Adobe Reader. Thedozen flaws are patched in Windows and Linux variants. Users would need to be conned into opening a …
Darren Pauli, 01 Jul 2016
Snake oil salesman

Deploying software every day is... actually... OK – what devs tell their real-life friends

“High-performing organisations” which have employed agile and devops methodologies are decisively pulling away from their fuddy-duddy peers in the number of software deployments they can manage. But while the idea of deploying software 200 times more frequently than low performing companies might fill some developers with …
Joe Fay, 23 Jun 2016
Ben Mezrich, Once Upon a Time in Russia: The Rise of the Oligarchs and the Greatest Wealth in History

FOURTH bank hit by SWIFT hackers

A fourth bank, this time in the Philippines, has been attacked by hackers targeting the SWIFT inter-bank transfer system. Security researchers at Symantec reckon the same group blamed for the infamous $81m Bangladesh central bank mega-heist back in February also mounted an earlier assault in the Philippines last year, itself …
John Leyden, 27 May 2016

Cryptxxx shipwrecked: Laughing white hats shred latest ransomware

Kaspersky white hats have again ruined the Cryptxxx malware by offering victims a free decryption tool that will unwind all variants of the menace. The infuriating researchers have followed their first decryption effort that busted up the earlier Cryptxxx variant causing VXers to re-write and reissue a patched ransomware …
Darren Pauli, 18 May 2016

Destroying ransomware business models is not your job, so just pay up

COMMENT It's not your job to defend the world against criminals, so the decision to pay a ransomware demand is all about business. The likes of FBI Cyber Division deputy chief James C. Trainor disagree. The Bureau recently advised organisations not to pay lest they "embolden" criminals and encourage others to take start using …
Darren Pauli, 17 May 2016
Image by Danomyte http://www.shutterstock.com/gallery-256714p1.html

Six-year-old patched Stuxnet hole still the web's biggest killer

The six-year-old vulnerability first burnt by Stuxnet remains the internet's chief pwning vector and is a key instrument of the world's worst exploit kit known as Angler. The vulnerability is a hole in Windows Shell that is both long since patched and well publicised as part of its discovery in the US' Stuxnet worm, the killer …
Darren Pauli, 09 May 2016
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Suck on this: White hats replace Locky malware payload with dummy

Pranksters have infiltrated the control system behind the infamous Locky ransomware and replaced the malware’s main payload with a dummy file. Locky normally spreads using malicious and disguised JavaScript inside email attachments supposedly containing an invoice or similar. Malicious messages are sent to prospective marks in …
John Leyden, 05 May 2016
EMC Cork's DSSD D5 unit

VxRackery dominates EMC World day 2

EMC World's second day saw hyper-converged rackery put front and centre, with a stronger DSSD offering, Neutrino* nodes coming to the VxRack 1000 as well as a DSSD variant, and a hybrid cloud VXrack offering. We'll check out the Neutrino rack stuff first. The VCE VxRack 1000 is a hyper-converged, servers+storage+networking+ …
Chris Mellor, 05 May 2016

Iranian cyberspy phishing rod pulled from the waters and exposed

Security researchers have lifted the lid on a decade long cyber-espionage campaign. The Infy malware, which originated in Iran, has been used to target businesses and governments across the world since 2007 and remains in use, according to security researchers from Palo Alto's Unit42 research unit. Over the time, the malware …
John Leyden, 03 May 2016
EMC_Unity_bezel

EMC re-engineers its VNX flashy boxen, puts Unity on the label

EMC's mid-range VNX/VNXe arrays have been re-engineered to make better use of flash, producing the Unity array with a starting price of less than $10,000. It is firmly in the active:active, dual-controller mode and comes in all-flash, hybrid flash/disk, and software-only (VSA) configurations. The array is positioned as an SME …
Chris Mellor, 03 May 2016
SanDisk Z410

Alphabetti spaghetti: SanDisk adds SLC cache to TLC SSD

Acronym alert: SanDisk has upgraded its Z400 PC SSD by changing it from an MLC drive to a TLC one with an SLC cache, doubling its capacity as well making it faster. The Z400 SSD used 15nm MLC (2 bits/cell) flash when it was introduced a year ago. SanDisk has kept the 15nm NAND but changed it to TLC (3bits/cell), upping its …
Chris Mellor, 28 Apr 2016
Traffic in Saigon. Pic: "M M"

Guess what's 'easily hacked'? Yes, that's right: Smart city transport infrastructure

Roadside sensors and the data gathered from them can be easily hacked, according to field tests by researchers from Kaspersky Lab on the streets of Moscow. Transport infrastructure in modern cities typically includes an array of traffic and road sensors, cameras, and even smart traffic light systems. Data from these devices is …
John Leyden, 22 Apr 2016
Curser icon over a news paper folded

Revised trojan hits HK

Poison Ivy malware has been revamped as a more potent cyber-spying tool. The revised malware is been slung in targeted attacks against pro-democracy activists in Hong Kong. The latest version of the trojan features updated execution and communications mechanisms, as explained by researchers from Palo Alto Networks here. …
John Leyden, 22 Apr 2016
Android 5.0 "Lollipop"

Samsung's dimmer Galaxies can make calls when locked, cabled

A bunch of Samsung Galaxy variants leave their modems open to receiving AT commands over the USB cable, even when they're locked. The vulnerability is discussed by its discoverers at Github. Before you dismiss the vulnerability as a local privilege escalation (which it is), consider how many people would be happy leaving a …
London - Iconic Red telephone box with Big Ben at the background and blue sky - UK, England. Photo by Shutterstock

Spear phishers target gullible Brits more than anyone else – survey

There’s been a sharp (35 per cent) increase in crypto ransomware attacks, with the UK ranked as the nation third most targeted with ransomware. The UK is also ranked as the most targeted nation for spear phishing attacks and the second most hit-upon country with social media scams, according to other findings from Symantec's …
John Leyden, 12 Apr 2016
Parachutists and cloud image via Shutterstock

SoftLayer reveals per-CPU VMware pricing

SoftLayer's pricing for VMware-as-a-service has emerged and the IBM outfit has scored a deal for per-CPU licences. VMware and SoftLayer teamed up earlier this year in a deal that looked good for Virtzilla which, having more-or-less abandoned ambitions to build its own globe-spanning cloud, recognised that SoftLayer could get …
Simon Sharwood, 05 Apr 2016

Android's unpatched dead device jungle is good for security

Black Hat Asia Android's diverse and oft un-patched ecosystem is a strength, not a weakness. So says says Dino Dai Zovi, security lead at mobile payments outfit Square, because he feels diversity makes criminal hackers work harder. Android variants are a dime a dozen, thanks to customisations used to get the OS running on myriad phones and …
Darren Pauli, 31 Mar 2016

Infosec miscreants are peddling malware that will KO your router

Malware targeting embedded devices such as routers rather than computers is doing the rounds. A new and improved version of Kaiten, an Internet Relay Chat (IRC)-controlled malware typically used to carry out distributed denial-of-service (DDoS) attacks, is spreading, security firm ESET warns. KTN-Remastered or KTN-RM features …
John Leyden, 30 Mar 2016

Ransomware now using disk-level encryption

Ransomware has been detected infecting master file tables, rendering Windows PC useless unless payment is made. When first executed, the Petya malware will reboot the victim's machine, and run what appears to be a Windows check disk scan as a mask for the encryption process. A screen is then displayed that directs users to a …
Darren Pauli, 29 Mar 2016

Google gives away its internal $200 patch analysis tool for free

Google has released its popular BinDiff patch analysis plug-in for free, dropping its previous US$200 price tag. The tool is loved among security engineers who find it useful when analysing vendor patches and comparing binaries. Freeing the tool will help alleviate the cost of patch and malware analysis for independent …
Darren Pauli, 22 Mar 2016
dumb_and_dumber_648

Like masochism? Run a PC? These VXers want to help you pwn yourself

Masochistic Windows users have been given a helping hand from hackers, in the form of step-by-step instructions on how to get their PCs infected with malware. A recent malware-slinging banking trojan campaign targeting Germany last week comes with explicit instructions for the recipients describing how to get their computers …
John Leyden, 14 Mar 2016

Google screening missed hundreds of malicious Android apps, researchers say

Malicious apps that have breached Google's defences and made it onto the Play store have netted 1.2 million victims, often hijacking phones to place fraudulent clicks on pornography sites. ESET researcher Peter Stancik says his team found some 343 malicious Android applications that were uploaded to the official Google Play …
Darren Pauli, 29 Feb 2016
terminators_648

Humans – 1 Robots – 0: Mercedes deautomates production lines

In a surprise win for humanity, Mercedes Benz has announced that it's ditching the robots used on its assembly line in favor of human workers because they can cope with the job better. "Robots can't deal with the degree of individualization and the many variants that we have today," Markus Schaefer, the luxury car-maker's head …
Iain Thomson, 25 Feb 2016

Dangerous Android banking bot leak signals new malware wave

Android users could be hit with a new wave of dangerous banking malware following the leak of source code for a capable Android trojan. Users could be targeted with variants of the malware, known as "GM Bot", that is capable of harvesting usernames and passwords using slick keystroke-capturing website overlays. Since it …
Darren Pauli, 23 Feb 2016
New Monopoly game

New Monopoly version features an Automatic Teller Machine

Iconic vulture capitalism trainer family-friendly property trading game Monopoly has adopted an automatic teller machine in a new edition of the game. Monopoly’s had a cash-free version since about 2014, when players were offered credit cards that, when inserted into a custom device, credited them with new cash for going …
Team Register, 17 Feb 2016
Scotty - Star Trek

EMC energizes Star Trek-style matter-phasing warp field coils, emits VxRack Neutrinos

As well as the VxRack 1000, EMC has two more VxRack variants coming: SDDC and Neutrino. VxRack is a hyper-converged, rack-level system for large data centers running scale-out workloads. It slots in EMC VCE's product range underneath Vblocks, which are rack-level converged infrastructure for large data centers running …
Chris Mellor, 16 Feb 2016

EMC's hardware 'quantum leap' is more of a brisk catchup stroll

EMC's VCE converged systems unit is heading into hyperconverged country with new VxRail appliances that look and behave an awful lot like existing products from upstart rivals, but are promised to be simpler and cheaper. The Register foreshadowed the launch of VxRail. Forgive us a little smugness because we mostly got it right …
Simon Sharwood, 16 Feb 2016
Croteam's Talos Principle is among the first games to support Vulkan

Khronos releases Vulkan 1.0 open graphics specification

Khronos has released Vulkan 1.0, the next generation open graphics API, and a Vulkan SDK for Windows and Linux is now available from LunarG. Khronos is an industry consortium which creates open graphics standards, including OpenGL and WebGL. Vulkan was announced in March 2015 and represents the next generation after OpenGL, …
Tim Anderson, 16 Feb 2016

ESA's Sentinel satellite to ride converted ICBM

The European Space Agency's (ESA) Sentinel 3-A satellite will soar heavenwards tomorrow from Plesetsk Cosmodrome in northern Russia, riding a "Rockot" converted ICBM lifter. Sentinel 3-A will form part of the European Commission’s Copernicus Earth-monitoring programme. From an altitude of 814.5km, the satellite will "measure …
Lester Haines, 15 Feb 2016
The_A-Team

HDS brings out all-flash A series array

Hitachi Data Systems is taking its marketing attack direct to XtremIO and Pure Storage with a brand new, entry-level, all-flash array storage line, the HFS A series, separate from its existing VSP and HUS arrays. The HFS (Hitachi Flash Storage) product comes in three models: A220, A250 and A270, each with dual active:active …
Chris Mellor, 19 Jan 2016

Exploit kits throw Flash bash party, invite Crypt0l0cker, spam bots

Criminals behind some of the most potent exploit kits, Neutrino and RIG, are ramping up attacks slinging the latest ransomware and hosing users who have not applied recent Adobe Flash patches. The patched vulnerabilities permit code execution and allow the dangerous hacking kits to compromise user machines. The two above- …
Darren Pauli, 11 Jan 2016

Devs get malicious root app militia on Play Store, sell pumped up ratings

Google has punted from its Play Store 13 apps, including one installed a million times and capable of gaining persistent root, downloading additional apps, and leaving fake positive reviews. The Brain Test apps slipped past the Chocolate Factory's Google Verify Apps (formerly Bouncer) vetting system and were downloaded scores …
Darren Pauli, 08 Jan 2016
Intel's latest compute sticks

Intel lobs out new Core m3/m5 Compute Sticks, shouts 'Fetch!'

Intel's lifted the lid on a refresh of its PC-in-your-pocket Compute Sticks, with new Atom and Skylake Core m-based models. At the top of the line, a Core m5-6Y57 vPro processor is matched with 4 GB of RAM and 64 GB of eMMC. The other Core variants have m3 processors and the same memory, one of them available with Windows 10 …
Boba Fett

Death Stars are a waste of time – here's the best way to take over the galaxy

Spoiler alert Mild spoiler alert: This article includes minor details of the plot of Star Wars: The Force Awakens The Star Wars films raise lots of pressing questions. “Why is there sound in space?” “How did George Lucas lose his way?” And, of course, “Did Han shoot first?” (that’s an easy one). There are innumerable variants on the “How …
Mountain. Pic: Henry Hemming

Seagate rolls storage kit for manufacturers down Dot Hill

Seagate is pushing out OEM products from its eyrie atop Dot Hill. These are for storage array suppliers, and based on its Dot Hill acquisition in August. It’s also tweaked the existing RealStor 6004 product. The acquisition cost was $694m, so Dot Hill, now in Seagate’s CSES (Cloud Systems and Electronics Solution) business …
Chris Mellor, 10 Dec 2015

Ponmocup is the '15 million' machine botnet you've never heard of

Botconf One of the world's most successful, oldest, and largest botnets is an underestimated and largely-unknown threat that has over time infected 15 million machines and made millions plundering bank accounts. The findings from a team of eight Fox IT researchers say the 'Ponmocup' botnet controlled 2.4 million infections at its peak …
Darren Pauli, 03 Dec 2015

Are you the keymaster? Alternatives in a LogMeIn/LastPass universe

LogMeIn's purchase of LastPass password manager service was not well received by LastPass users. In fact that outrage was sufficient that LastPass quickly shut down comments on its blog. Why the outrage and who is LogMeIn? LogMeIn may be best known as the company that shut down its free remote desktop sharing service with a …

Why are only moneymen doing cyber resilience testing?

Analysis Although Chancellor George Osborne recently spoke of the National Grid, hospitals and air traffic control as being potential targets of online attacks in a recent high-profile speech at GCHQ, only the financial services sector runs comprehensive stress tests. The lack of exercises designed to hone defences raised serious …
John Leyden, 30 Nov 2015
Buffering icon

Video still causing mobile data traffic to shoot through the roof

Currently, there are as many mobile subscriptions as people in the world, and every second, 20 new mobile broadband subscriptions are activated. This, and the increased video consumption on mobile devices, is pushing data consumption to new heights - mobile data traffic in Q3 2015 was 65 per cent higher than the previous year, …
Faultline, 24 Nov 2015

VirusTotal invites Apple fans to play in updated Mac malware sandpit

Google's VirusTotal will begin executing Mac apps to test for malicious activity following an uptick in reports of malware targeting Apple's desktop operating system. The virus scanner is popular with black hats, white hats and everyday users and tries to determine if antivirus mechanisms will flag malware. The service's …
Darren Pauli, 19 Nov 2015

3ROS exploit wins plaudits for the prettiest Mal-GUI ever

The 3ROS exploit kit is one of the most user-friendly malware tools to have emerged and will likely spawn variants, malware men say. Exploit kits are the preferred method of infecting large numbers of web users. The malware often packs a series of known and zero day exploits against major browsers and software like FireFox and …
Darren Pauli, 16 Nov 2015

The ETERNUS dance: Fujitsu extends backup and archive box range

Fujitsu has updated two of its backup and archiving appliance products; the ETERNUS CS200c and CS800. Both of these use OEM'd software and provide deduped backup to disk. They have been given a hardware refresh with faster CPUs, which speeds dedupe. The CS200c S2 all-in-one backup and archiving product embeds Commvault …
Chris Mellor, 13 Nov 2015
Bug

Hypervisor headaches: Hosts hosed by x86 exception bugs

Various hypervisors and operating systems are scrambling to patch around an x86 bug that lets an admin-level guest crash the underlying CPU, causing a denial-of-service to anyone else on the same machine. The issue, described here, is that with some x86 CPUs, an attacker with kernel-mode code execution privileges on a guest …

Thanks for playing: New Linux ransomware decrypted, pwns itself

Ransomware targeting Linux servers has been thwarted by hard working security boffins, with help from the software itself, mere days after its existence was made public. The Linux.Encoder.1 ransomware seeks Linux systems to encrypt and like others of its ilk demands owners pay BitCoins to have files decrypted. But the first …
Darren Pauli, 12 Nov 2015

Apple's iBackDoor: Dodgy ad network code menaces iOS apps

Security researchers have discovered “backdoored” versions of an ad library embedded in thousands of iOS apps originally published in the Apple App Store. The affected versions of this library embedded backdoors in iOS apps that used the library to display ads, opening the door for hackers to access sensitive user data and …
John Leyden, 06 Nov 2015

Kaspersky announces 'death' of Coinvault, Bitcryptor ransomware

The Coinvault and Bitcryptor ransomware are officially dead according to Kaspersky: the alleged authors have been arrested, and all 14,000 decryption keys released allowing victims to avoid paying ransoms to unlock their files. The ransomware variants infected thousands of machines locking up valuable files and demanding …
Darren Pauli, 02 Nov 2015