Hardware & Technical "Bad Rabbit" malware on the way, uses a fake Adobe Flash update to infect.

[Zak Gordon]

'New wave of data-encrypting malware hits Russia and Ukraine':

https://arstechnica.co.uk/informati...g-malware-crashes-through-russia-and-ukraine/

 

[Shadowdancer]

Just in: if you install Flash, legitimate or not, you deserve every bit of pain you get.

 

[Zak Gordon]

No doubt. Still many facebook games and other things that 'average joe' might use on their PC still rely on Flash. It sucks.

 

[Zak Gordon]

Not related, other than another 'nasty malware' news thing:

'Assessing the threat the Reaper botnet poses to the Internet—what we know now'

https://arstechnica.co.uk/informati...otnet-poses-to-the-internet-what-we-know-now/

 

[Zak Gordon]

'How AV can open you to attacks that otherwise wouldn’t be possible':

https://arstechnica.co.uk/informati...o-attacks-that-otherwise-wouldnt-be-possible/

I'd rather use AV than not, but as the article shows, that can sometimes be a problem.

 

[Zak Gordon]

And one to tell others patiently, 'Do NOT open any random MS docs sent to you in your email':

'New Microsoft Word attacks infect PCs sans macros':

https://arstechnica.co.uk/informati...tacks-abuse-macro-less-ms-word-to-infect-pcs/

 

[Zak Gordon]

Laptop touchpad driver included keylogger

Laptop touchpad driver included extra feature: a keylogger:

https://arstechnica.com/information...-found-on-hp-may-affect-many-other-notebooks/

 

[Zieman]

Laptop touchpad driver included extra feature: a keylogger:

https://arstechnica.com/information...-found-on-hp-may-affect-many-other-notebooks/

This is nasty, why not start a thread about it?

 

[Zak Gordon]

I guess there is not a relevant 'catch all' thread for this stuff, and this thread became a bit of that? Since the clamp-down on what we can and can not post (that is not obscene or obviously not acceptable etc) it is hard to find motivation to post here, so i do the best i can. Please feel free to make a separate thread for this info if you want

 

[Zieman]

I guess there is not a relevant 'catch all' thread for this stuff, and this thread became a bit of that? Since the clamp-down on what we can and can not post (that is not obscene or obviously not acceptable etc) it is hard to find motivation to post here, so i do the best i can. Please feel free to make a separate thread for this info if you want

Thanks, but meh, I'm too lazy.
Good info anyway.

 

[Renown]

A good reason to use the Chrome browser, it blocks all Flash and you have to allow the website via content settings if you really must use it. So no random infected Flash adverts or clicks on sites you haven't allowed.

 

[rootsrat]

@Zak - are you an Ars Technica editor or something?

 

[Para Handy]

Just in: if you install Flash, legitimate or not, you deserve every bit of pain you get.

Unfortunately many useful things on 't internet require the use of flash - the most annoying one to me is the BBC weather forecasts.

When Firefox went "57" I became very wary of browsing until "noscript" was updated, even now I am not too happy as I get used to the new noscript. But I do have Firefox set to "always ask to activate" flash.

 

[Zak Gordon]

@Zak - are you an Ars Technica editor or something?

No, but since the decline of the BBC and other 'science' pages and reporting i was happy to discover arstechnica six months or so ago (wish it had been sooner as they are pretty good). So after i've had a run through the beeb and guardian websites i often check arstechnica to see what else is interesting.

 

[Patrick_68000]

I do not dare to click on the links

 

[Zak Gordon]

More security concerns ahead! (and sorry, another arstechnica link!)

'1998 attack that messes with sites’ secret crypto keys is back in a big way':

https://arstechnica.com/information...s-remain-open-to-major-crypto-flaw-from-1998/

A surprisingly big number of top-name websites—Facebook and PayPal among them—recently tested positive for a critical, 19-year-old vulnerability that allowed attackers to decrypt encrypted data and sign communications using the sites' secret encryption key.

........

On Wednesday, a team of researchers said an Internet scan conducted last month found that 27 of the 100 most-visited websites—including Facebook and PayPal—were vulnerable to what was essentially the same attack. About 2.8 percent of the top 1 million sites also tested positive.

So, er, be careful about what info you 'share' online? until they patch it, probably.

 

[Zak Gordon]

'Hackers take control of security firm’s domain, steal secret data':

https://arstechnica.com/information...ty-firms-secret-data-in-brazen-domain-hijack/

The attackers were able bypass protections provided by HTTPS-based encryption by first using their control of the Fox-IT domain to obtain a new transport layer security certificate. The process happened in the first 10 minutes of the attack, during which time all Fox-IT email was rerouted to the attackers. With that in place, the attackers were able to able to decrypt all incoming traffic and to cryptographically impersonate the hijacked domain. After intercepting and reading incoming traffic, the attackers forwarded it to Fox-IT in an attempt to prevent company engineers from detecting the attack.

The detailed account underscores just how easily hacks can succeed, even against security-savvy parties with relatively robust practices in place. It wouldn't be surprising to see the same techniques succeed against scores or even hundreds of other companies that use the same industry-standard countermeasures.

So many hackers, so much to hack