WannaCry Ransomware : Here’s What You Need To Know

Ransomware attacks can hit hard and fast, with organizations unaware of the issue until the damage is already done. WannaCry spread to businesses around the globe in mere hours on May 12, and by the afternoon, the infection was making national headlines. Companies and consumers alike panicked in the fallout of WannaCry’s ransom demands, wondering if their systems would be affected and how to prevent their hardware from getting breached. For the victims, the question was whether or not to pay to restore their data.

As time passed, solutions and patches to WannaCry have emerged to protect users, while those affected have taken action to recover. How could this strain have made as big of a splash as it has and what does it mean for the future? Here’s everything we know about WannaCry ransomware so far:

Europe Was Hit First

Earliest infection reports show that the first attack struck in Europe, where a computer user unknowingly opened a malicious email attachment, allowing WannaCry into their system. According to Financial Times, Spanish mobile operator Telefónica was among the first organizations to report a WannaCry infection. Shortly after, U.K. hospitals and clinics, French carmaker Renault, as well as some Russian and U.S. organizations announced they had been impacted. In total, at least 200,000 companies around the globe were attacked by WannaCry ransomware.

wannacry

It Was Developed With Leaked NSA Tactics

The U.S. National Security Agency has

How Zero Day Threats Can Bypass Conventional IT Security Measures

Malware and zero day threats continue to be the biggest dangers to business cybersecurity and data protection. These attack vectors are nothing new – malware goes back to 1986, according to Lifewire. A lot has changed since then to improve IT security and better protect organization assets; however, these issues remain prevalent in modern day priorities for safety measures.

With all of the progress made on deterring malware, it can put companies at a false sense of security. Headlines over the past few years have featured high-profile businesses breached by malware and zero day threats, exposing critical information and damaging the organizations’ reputations. Company leaders must understand just how much of a danger these situations present in order to protect themselves effectively. Let’s take a closer look at how malware and zero day threats continue to bypass conventional IT security measures and what businesses can do about it.

New Strains Emerging Faster Than Security Tools

Attackers are not standing idly by. They are constantly making adjustments to malware code and techniques to get around security tools. In fact, there were 127 million new malware strains in 2016, and 22 million samples have already emerged in the first quarter of this year, GData Software stated. That means that nearly 250,000 new malware attacks were published per day within the first three months of 2017. The sheer number of threats makes it extremely difficult for organizations to detect them all and implement protections appropriately.

Security tools and patches are emerging on a regular basis, but this process often happens

Faronics Tech Roundup – April in Review

The first month of Q2 was by no means uneventful – particularly where cyber crime is concerned. From hacked tornado sirens to virtual reality, let’s take a look at some of the highlights from the month that was.

Dallas Gets a Wakeup Call

If you live in Dallas, you probably didn’t sleep well on the night of April 8. This is because for nearly one and a half hours, every one of the city’s 156 tornado sirens blared uncontrollably. The good news is that there were no tornados. The bad news is that this is yet another example of hackers infiltrating components of critical infrastructure. According to The Washington Post, this isn’t the first time Dallas’ critical infrastructure was breached (in 2016, someone hacked traffic lights, and hijacked road signs to splay spam messages. But it was definitely the loudest – and that may have been the point. Wired ventured to guess that perhaps this was a symbolic wake-up call, alerting us that it’s time to improve security.

BrickerBot Is Breaking the IoT

Of all the Internet of Things botnets to crop up in the past year, BrickerBot stands alone. BrickerBot malware corrupts a device’s storage to transform it into a permanent DDoS device, a tactic known as “bricking.” According to the gray-hat hacker who is responsible for crafting the source code (known only as janit0r), BrickerBot has already incapacitated 2 million IoT devices. If there’s a silver lining, it’s that janit0r appears to have created the malware for the same reason someone woke up

Zero Day Vulnerabilities: How Do You Stop a Threat You Can’t See Coming?

This past March, WikiLeaks dumped 8,761 CIA documents collectively known as “Vault 7”. These documents contained information about what was essentially the government agency’s armory of cyber threats. They included malware, viruses and Trojans used for espionage purposes. More importantly, they had information about zero day vulnerabilities the CIA had been using to hack computers, tablets, smartphones and other devices for intelligence gathering purposes. Frighteningly, all of it was made available to hackers in one fell swoop. Wired called it “a one-stop guide to zero day exploits.”

On the bright side, cyber security researchers have access to the same information, which means they have some time to steel the rest of us against any fallout that could ensue from these previously undisclosed cyber weapons. Nevertheless, these zero day threats are out in the open now, and they can be used against us.

With that in mind, there’s no better time than now to dive into the world of zero day exploits. This post looks at how zero days behave, assesses some of the most infamous examples of them, and perhaps most importantly, provides best practices for how to deal with these elusive threats.

Part 1: The Evolution of Zero Days A Sinister and Growing Cyber Threat

A zero day threat is a vulnerability that developers and security researchers have known about for less than a day. In many cases, these threats are first identified by penetration testers and white hats, which gives them time to issue emergency

Endpoint Security Lessons : Reviewing Brickerbot and The New CIA Malware

Of the many WikiLeaks dumps in recent memory, none is as potentially harmful to businesses as the release of “Vault 7,” the CIA’s digital arsenal for infiltration and intelligence gathering. The data dump, which occurred this March, has since been on endpoint security researchers’ radar.

Not long after Vault 7’s release, researchers became privy to a different bombshell called BrickerBot malware, which causes irreparable damage to Internet of Things devices. While the two incidents are in no way related, they both point to a shared problem: The challenges associated with trying to detect and block new and/or well-masked cyber threats. This post explains each of these issues in greater depth, and provides context for how layered cyber security can help defend against unknown cyber threats.

CIA Malware : A Deluge of Previously Unknown Threats

If nothing else, the Vault 7 leak reminds us that at any given moment somebody somewhere (a foreign actor, the U.S. government or black-hat hackers) has access to an obscure cyber threat that current defenses are not designed to detect or defend against.

In the case of the CIA, there were a lot of them, and they’ve become available in bulk over the past month or so. They primarily impact Windows operating systems, but also contain intrusion tools for Mac and iPhone devices according to BGR. These include zero-day vulnerabilities and previously unidentified malware types, but also anti-forensics tools that mask a malware’s origin (i.e., the “Marble Framework”). DLL files are a highly used medium for the CIA. They are also