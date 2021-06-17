Language Selection

Proprietary Software Leftovers

Sunday 11th of July 2021 10:32:31 AM
Microsoft
Security
  • Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours

    At 4:30 p.m. UTC, all within the same second, the compromised servers woke up and ran a command script that disabled a variety of security controls and sent malicious payloads to every system managed by those servers, according to an analysis conducted by Huntress Labs. While security firms are still sifting through the data, reverse engineering has revealed that the attack — from the first packets exploiting dozens of VSA servers, to the deployment of ransomware on the endpoints of hundreds to thousands of MSP customers — took less than two hours.

    The speed of automation gave managed service providers and their customers only a very narrow window in which to detect attacks and block them, says John Hammond, a senior threat researcher for Huntress Labs. Companies would have to run frequent monitoring and alerts to have caught the changes, he says.

    "Unfortunately, this form of hyperactive logging and detection is rare — managed service providers often don't have the resources, let alone the personnel to frequently monitor massive components of their software and stack," Hammond says. "With that said, the efficacy and potential for human-powered threat hunters is never something to be left out of the equation."

    The quick turnaround of the attack underscores the compressed timeline for defenders to respond to automated attacks. The REvil group and its affiliates, who are thought responsible for the attack, scanned for Internet-connected VSA servers and, when found, sent the initial exploit, which chained three vulnerabilities.

  • Ransomware attack hits Swiss consumer outlet Comparis

    Swiss online consumer outlet Comparis has filed a criminal complaint over a ransomware attack on Wednesday that blocked some of its information technology systems, it said on Friday.

  • Microsoft Office Users Warned on New Malware-Protection Bypass

    Word and Excel documents are enlisted to disable Office macro warnings, so the Zloader banking malware can be downloaded onto systems without security tools flagging it.

  • Jack Cable, Stanford student and cyber whiz, aims to crowdsource ransomware details

    Few people, if any, seem to grasp the breadth and cost of the scourge, as there are no legal requirements for victims to disclose when they pay hackers to unlock their network. That, combined with the suspicious that most victims don’t, report their digital extortion payments, makes it harder for law enforcement and security firms to combat attacks, or even understand how to fight them.

    That’s the impetus behind a project that Stanford University student and security researcher Jack Cable launched on Thursday, dubbed “Ransomwhere,” a plan to track payments to bitcoin addresses associated with known ransomware gangs.

  • Hancitor tries XLL as initial malware file

    XLL files are Excel add-in files. They're DLL files specifically designed to be run by Microsoft Excel. Think of an XLL file as an "Excel DLL."

  • DoD ends $10 billion deal with Microsoft for new cloud contract

    The statement did not directly mention that the Pentagon faced extended legal challenges by Amazon to the original $1 million contract awarded to Microsoft. Amazon argued that the Microsoft award was tainted by politics, particularly then-President Donald Trump’s antagonism toward Amazon founder, Jeff Bezos, who stepped down Monday as the company’s chief executive officer. Mr. Bezos owns The Washington Post, a newspaper often criticized by Mr. Trump.

    The Pentagon’s chief information officer, John Sherman, told reporters Tuesday that during the lengthy legal fight with Amazon, “the landscape has evolved” with new possibilities for large-scale cloud computing services. Thus it was decided, he said, to start over and seek multiple vendors.

  • With ransomware attacks multiplying, US moves to bolster defenses

    As the U.S. private sector scrambles to fend off a growing number of ransomware attacks, the federal government is stepping up its efforts as well. Last month, the Senate approved Chris Inglis, a former deputy director of the National Security Agency, as the nation’s first-ever national cyber director, tasked with coordinating the government’s cyber portfolio and digital defense strategy. A second key post, director of the primary domestic cybersecurity agency, is expected to be filled shortly.

    Officials are making clear they will seek not just to hold cybercriminals to account – but also companies whose inadequate cybersecurity measures have put them and their customers at risk.

TenFourFox and Chromium Monoculture

  • TenFourFox FPR32 SPR2 available

    TenFourFox Feature Parity Release 32 Security Parity Release 2 "32.2" is available for testing (downloads, hashes). There are no changes to the release notes and nothing particularly notable about the security patches in this release. Assuming no major problems, FPR32.2 will go live Monday evening Pacific time as usual.

  • How big is chromium?

    Here’s a link to a commit for dsynth that gives an idea of how huge a debug build of chromium can be.

  • 10 of the Best Chrome Themes to Beautify Your Browser

Audiocasts/Shows: GNU World Order, This Week in Linux, Gentoo Is No Harder Than Arch Linux??

  • gnuWorldOrder_416

    A quick overview of **gettext** followed by all the tools in the **gettext- tools** package.

  • This Week in Linux 159: Audacity Fiasco, Linux Mint 20.2, IBM, Red Hat, Ubuntu, Proxmox | TuxDigital

    On this episode of This Week in Linux, we’ve got a JAM PACKED episode for you with Distro News, App News, Gaming News, and even a bit of Drama. We’re going to check out the latest release of Linut Mint, Proxmox, and VzLinux plus we’ve got some Ubuntu news to talk about. We’re got some interest Tor and Tor Browser related news plus a cool script I found for running Windows apps in Proton. Then we’ve got some news about Jim Whitehurst stepping down as IBM President and the topic I know everyone is expecting me to cover which I will . . . is of course, Audacity. All that and so much more coming up right now on This Week in Linux. All that and much more on Your Weekly Source for Linux GNews!

  • Gentoo Is No Harder Than Arch Linux??

    Recently I installed Gentoo live on stream for the first time ever and doing so made me realize a lot of what I thought about this distro was actually kind of wrong, but wrong in a good way. While it's not the Linux distro for it seems like a good choice for certain kinds of people.

Explore waterways with this open source nautical navigation tool

If you're traveling by boat down your local waterway or sailing around the world, you can bring great navigation software with you and maintain your commitment to open source software. OpenCPN is free and open source software developed by sailors. It serves as the primary navigation interface for vessels with full-time helm-visible navigational suites. The software is written in C and released under a GPLv2 license. Read more

