Ian Duncan reports on how your emergency backup might fail for reasons you didn’t anticipate, perhaps. Gmail accounts used by Baltimore officials as a workaround while the city recovers from a ransomware attack were disabled because the creation of a large number of new accounts in one place triggered Google’s automated security system, a spokesman…
Category: Malware
Use of EternalBlue in attacks on the increase despite patch
Bradley Barth reports: Cyber-attacks leveraging the Windows Server Message Block exploit known as EternalBlue have reportedly reached historically high levels over the last few months, even though the vulnerability it affects was patched by Microsoft more than two years ago. In a 17 May blog post, ESET security evangelist Ondrej Kubovic said his company’s telemetry data…
Louisville Regional Airport Authority hit by ‘ransomware’ attack
WDRB has only a short item on this, but reportedly no ransom has been paid and the airport is restoring from backup. Operations and security systems were reportedly not impacted.
TeamViewer Confirms Undisclosed Breach From 2016
Sergiu Gatlan reports: TeamViewer confirmed today that it has been the victim of a cyber attack which was discovered during the autumn of 2016, but was never disclosed. This attack is thought to be of Chinese origins and utilized the Winnti backdoor. The company behind the highly popular TeamViewer remote desktop software told German publisher Der Spiegel that…
Analysis of ransomware used in Baltimore attack indicates hackers needed ‘unfettered access’ to city computers
Ian Duncan and Christine Zhang report: Officials in the eastern North Carolina city of Greenville arrived to work one morning in early April to find the files on some 800 of their computers locked up. More than five weeks later, they’re still recovering from the debilitating cyberattack. The city of around 92,000 realized April 10…
Firms That Promised High-Tech Ransomware Solutions Almost Always Just Pay the Hackers
Renee Dudley and Jeff Kao report that two firms that advertised technology solutions to responding to ransomware incidents — Proven Data Recovery of Elmsford, New York and Florida-based MonsterCloud – were really just paying ransom to the attackers. Read more on ProPublica. I suspect that ransom payments have been the dirty little secret for the…