Alert

NEWS - March 29, 2016

Petya ransomware goes for broke and encrypts hard drive Master File Tables

"Chances are you'll notice you've got a problem when the red skull appears during boot-up..."

A new strain of ransomware replaces the Master Boot Record (MBR) and encrypts the Master File Table on an infected Windows computer's hard drive, thereby essentially locking a victim out of all of their files.

Jasen Sumalapao, a malware analyst at Trend Micro, explains in a blog post that attackers were distributing the ransomware, which has been dubbed Petya, via a malicious email campaign targeting the human resource departments of German companies:

Continued: https://www.grahamcluley.com/2016/03/petya-ransomware/

Related:
Petya Ransomware Encrypts Master File Table
https://threatpost.com/petya-ransomware-encrypts-master-file-table/117024/
Ransomware now using disk-level encryption
http://www.theregister.co.uk/2016/03/29/petya_ransomware/

@ TrendLabs Security Intelligence Blog:
PETYA Crypto-ransomware Overwrites MBR to Lock Users Out of Their Computers
http://blog.trendmicro.com/trendlabs-security-intelligence/petya-crypto-ransomware-overwrites-mbr-lock-users-computers/
Discussion is locked
Follow
Reply to: NEWS - March 29, 2016
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: NEWS - March 29, 2016
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
FBI Breaks into Terrorist’s Encrypted iPhone

A six-week public standoff between Apple and the FBI ended today when the Department of Justice said it had accessed encrypted data stored on the San Bernardino terrorist’s iPhone.

The DOJ said in its motion that it no longer needed Apple’s help as mandated in a Feb. 16 court order and asked that the order be vacated.

“The government has now successfully accessed the data stored on Farook’s iPhone and therefore no longer requires the assistance from Apple Inc. mandated by Court’s Order Compelling Apple Inc. to Assist Agents in Search dated February 16, 2016,” today’s motion says.

Continued: https://threatpost.com/fbi-breaks-into-terrorists-encrypted-iphone/117043/

Related:
FBI hack raises questions about iPhone security
http://www.computerworld.com/article/3048787/personal-technology/fbi-hack-raises-questions-about-iphone-security.html
US govt has unlocked San Bernardino gunman’s iPhone
https://www.helpnetsecurity.com/2016/03/29/us-govt-unlocked-iphone/
The FBI Drops Its Case Against Apple After Finding a Way Into That iPhone
http://www.wired.com/2016/03/fbi-drops-case-apple-finding-way-iphone/

- Collapse -
Facebook Fixes Instagram Issue That Allowed Account Takeover

After receiving a critical bug report from Belgian security expert Arne Swinnen, Facebook patched Instagram in less than a day and awarded the researcher $5,000 (€4,500) for his diligence and expertise.

According to a blog post Swinnen penned this past Sunday, the issue affected only Instagram accounts that were locked for security reasons, either due to a long period of inactivity, spam, or repeated failed password attempts.

Continued: http://news.softpedia.com/news/facebook-fixes-instagram-issue-that-allowed-account-takeover-502277.shtml

Related:
Facebook Fixes Instagram Vulnerability That Opened 1M Accounts to Compromise
https://threatpost.com/facebook-fixes-instagram-vulnerability-that-opened-1m-accounts-to-compromise/117021/
Facebook rapidly patches Instagram bug which left one million users open to exploit
http://www.zdnet.com/article/facebook-rapidly-patches-instagram-bug-which-left-one-million-users-open-to-exploit/

- Collapse -
MedStar Health's network shut down by malware

A large healthcare provider in the Washington, D.C., area said it has resorted to paper transactions after malware crippled part of its network early Monday.

MedStar Health, a not-for-profit that runs 10 hospitals, said its clinical facilities were functioning and that it did not appear data had been compromised. The malware prevented "certain users from logging into our system."

"MedStar acted quickly to prevent the virus from spreading throughout the organization," it said in a statement posted on Facebook. "We are working with our IT and cybersecurity partners to fully assess and address the situation."

Continued: http://www.computerworld.com/article/3048959/security/medstar-healths-network-shut-down-by-malware.html

Related:
Virus hits MedStar Health hospital network; denies data theft
http://www.zdnet.com/article/virus-hits-medstar-health-hospital-network-but-denies-data-theft/
Ransomware forces hospital networks to shut down, resort to paper
http://www.tripwire.com/state-of-security/security-data-protection/ransomware-forces-hospitals-to-shut-down-network-resort-to-paper/

- Collapse -
1 million Gmail accounts victim of state-sponsored hacking

Google is improving its Gmail warning service to help protect the customers from state-sponsored hacking and surveillance activities.

Google confirmed that one million Gmail accounts might have been targeted by nation-state hackers.

The news is worrying, the company is observing a significant increase in the number of hacking attacks on user email accounts.

Google announced that it is able to identify operations carried out by state-sponsored hackers and it is its intention to notify potentially affected customers.

Continued: http://securityaffairs.co/wordpress/45729/breaking-news/google-state-sponsored-hacking.html

Related:
More Encryption, More Notifications, More Email Security
https://security.googleblog.com/2016/03/more-encryption-more-notifications-more.html
New alerts for Gmail users targeted by state-sponsored attackers
https://www.helpnetsecurity.com/2016/03/29/gmail-state-sponsored-hackers/
5 Things Google has Done for Gmail Privacy and Security
http://thehackernews.com/2016/03/gmail-security-privacy.html

CNET Forums

Forum Info