Zack Whittaker reports: A U.S. government network was infected with malware thanks to one employee’s “extensive history” of watching porn on his work computer, investigators have found. The audit, carried out by the U.S. Department of the Interior’s inspector general, found that a U.S. Geological Survey (USGS) network at the EROS Center, a satellite imaging…
Category: Malware
Mirai Co-Author Gets 6 Months Confinement, $8.6M in Fines for Rutgers Attacks
Brian Krebs reports: The convicted co-author of the highly disruptive Mirai botnet malware strain has been sentenced to 2,500 hours of community service, six months home confinement, and ordered to pay $8.6 million in restitution for repeatedly using Mirai to take down Internet services at Rutgers University, his former alma mater. Paras Jha, a 22-year-old computer…
TRITON Attribution: Russian Government-Owned Lab Most Likely Built Custom Intrusion Tools for TRITON Attackers
FireEye writes: In a previous blog post we detailed the TRITON intrusion that impacted industrial control systems (ICS) at a critical infrastructure facility. We now track this activity set as TEMP.Veles. In this blog post we provide additional information linking TEMP.Veles and their activity surrounding the TRITON intrusion to a Russian government-owned research institute. FireEye…
Free Decrypter Available for the Latest GandCrab Ransomware Versions
Ionut Ilascu reports: A newly released decryptor allows for the free recovery of files encrypted by some versions of GandCrab, a ransomware family that has affected hundreds of thousands of people since the beginning of the year. The free GandCrab decryption tool will decrypt files encrypted by versions 1, 4 and 5 of the ransomware. These versions…
Cyber attack exposed information for 40,000 patients of Sioux City vision clinic
Mason Doktor reports that Jones Eye Clinic and CJ Elmwood Partners, L.P., an affiliated surgery center, experienced a ransomware attack on the evening of August 22. The attack affected 40,000 patients seen between Jan. 1, 2003 and Aug. 23. The providers were able to restore from backup and did not pay any ransom. Their full notice…
Burned malware returns, says Cylance report: Is Hacking Team responsible?
J. M. Porup reports: Burning malware is like Hercules fighting the nine-headed Hydra. For every head he cuts off, two more grow back in its place. That’s the lesson from a new report by Cylance today, and one both enterprise network defenders—and the public at large—should pay attention to. Cyber mercenaries sell malware to oppressive…