tao Posted June 27, 2017 Share Posted June 27, 2017 Bloomberg Mark Barton and Vonnie Quinn report on a massive cyberattack impacting thousands of companies worldwide. They speak on "Bloomberg Markets." (Source: Bloomberg) < Here > and < Many firms hit by global cyber-attacks > and < Massive ransomware attack is causing chaos in airports, banks and more worldwide > and < WannaCry Déjà Vu: Petya Ransomware Outbreak Wreaking Havoc Across the Globe > Link to comment Share on other sites More sharing options...
steven36 Posted June 27, 2017 Share Posted June 27, 2017 Quote Ukraine cyber attack: Chaos as national bank, state power provider and airport hit by hackers Russian energy firms and Danish shipping company also hit by hackers Ukraine’s national bank, state power company and largest airport are among the targets of a huge cyber attack on government infrastructure. Rozenko Pavlo, the deputy Prime Minister, said he and other members of the Ukrainian government were unable to access their computers. “We also have a network 'down',” he wrote. “This image is being displayed by all computers of the government.” The photo showed his PC displaying a message claiming a disk “contains errors and needs to be prepared”, urging the user not to turn it off. Quote Та-дам! Секретаріат КМУ по ходу теж "обвалили". Мережа лежить. pic.twitter.com/B74jMsT0qs — Rozenko Pavlo (@RozenkoPavlo) June 27, 2017 That attack hit NHS hospitals and trusts, Nissan and Renault, but there were no immediate reports of computers in the UK being affected on Tuesday. Ukrainian state-run aircraft manufacturer Antonov was among the companies hit, along with power distributor Ukrenergo, which said the attack did not affect power supplies. The National Bank of Ukraine said an “unknown virus” was to blame, saying several unnamed Ukrainian banks were affected along with financial firms. “As a result of cyber attacks, these banks have difficulties with customer service and banking operations,” a statement said. Cyber attack hit 200,000 victims across 150 countries, says Europol chief “The National Bank bank is confident that the banking infrastructure's defence against cyber fraud is properly set up and attempted cyber attacks on banks' IT systems will be neutralised.” Oschadbank, one of Ukraine's largest state-owned lenders, said some of its services had been affected by a “hacking attack” but guaranteed that customer data was safe. Computers and departure boards at Boryspil International Airport in Kiev – the largest in Ukraine – were also down. “The official site of the airport and the scoreboard with the schedule of flights aren't working!” the airport’s acting director, Pavel Ryabikin, wrote on Facebook. The Ukrposhta state postal service, television stations and transport were also affected by the attack, which left Kiev metro passengers unable to pay using bank cards. The website of Boryspil International Airport during a cyber attack targeting Ukrainian infrastructure on 27 June 2017 Many ATMs were disabled, displaying the message left by hackers, as were tills in supermarkets. Maersk said its IT systems were down across “multiple sites and businesses due to a cyber attack”, although it was unclear whether it was related to the situation in Ukraine. The Danish business congolmerate is the largest container shipping company in the world and also operates in the oil and gas sectors. Rosneft, a Russian government-owned oil firm, said it was also targeted by a “massive hacker attack” on its servers, as was steel maker Evraz. “The cyber attack could lead to serious consequences, however, due to the fact that the Company has switched to a reserve control system, neither oil production nor preparation processes were stopped,” a statement from Rosneft said. There were confirmed reports of the virus spreading to countries including Spain, France and India. The cyber attack – a day before Ukraine marks its Constitution Day - struck hours after a high-ranking intelligence officer was assassinated in a car bombing in Kiev. Police said Colonel Maksim Shapoval, a member of the defence ministry’s main intelligence directorate, was killed in the “terrorist act” on Tuesday. Ukraine has blamed Russia for repeated cyber attacks targeting crucial infrastructure during the past three years, including one on its power grid that left part of western Ukraine temporarily without electricity in December 2015. Relations between Kiev and the Kremlin collapsed in 2014 following Moscow's annexation of Crimea and support for pro-Russian separatists in eastern Ukraine, where fighting continues despite a ceasefire agreement. Russia denies carrying out cyber attacks on Ukraine and allegations it has fuelled the eastern conflict by supplying rebels with troops and weapons. The UK’s Houses of Parliament were targeted in a separate attack on Friday that compromised up to 90 accounts as part of efforts to access the accounts of MPs, peers and their staff by searching for weak passwords. Less than 1% of the system's 9,000 users were directly impacted by the “determined and sustained” attack, officials said, but some functions were temporarily shut down as a precaution. An increasing number of global cyber attacks, including those targeting the election campaigns of Hillary Clinton and Emmanuel Macron, have sparked warnings of a “permanent war” online. Guillaume Poupard, director general of the National Cybersecurity Agency of France (ANSSI) said intensifying attacks were coming from unspecified states, as well as criminal and extremist groups. “We must work collectively, not just with two or three Western countries, but on a global scale,” he added, saying attacks could aim at espionage, fraud, sabotage or destruction. “We are getting closer, clearly, to a state of war - a state of war that could be more complicated, probably, than those we've known until now.” http://www.independent.co.uk/news/world/europe/ukraine-cyber-attack-hackers-national-bank-state-power-company-airport-rozenko-pavlo-cabinet-a7810471.html Link to comment Share on other sites More sharing options...
knowledge-Spammer Posted June 27, 2017 Share Posted June 27, 2017 update russia was hit harder lol Link to comment Share on other sites More sharing options...
Dodel Posted June 27, 2017 Share Posted June 27, 2017 Updated constantly, shared resource. Link to comment Share on other sites More sharing options...
Dodel Posted June 27, 2017 Share Posted June 27, 2017 *********** KILLSWITCH Local kill switch - create file "C:\Windows\perfc" It kills WMI vector. Still need to patch MS17-010 for full protection. [NO PROOF] Source in my 1st post. Credit to kill switch finder & Source here Link to comment Share on other sites More sharing options...
knowledge-Spammer Posted June 27, 2017 Share Posted June 27, 2017 Link to comment Share on other sites More sharing options...
gipsy Posted June 27, 2017 Share Posted June 27, 2017 man i know paid 300 bucks today or his factory ,pretty big one, could to loose about 20k USD. Link to comment Share on other sites More sharing options...
stylemessiah Posted June 28, 2017 Share Posted June 28, 2017 3 hours ago, Dodel said: *********** KILLSWITCH Local kill switch - create file "C:\Windows\perfc" It kills WMI vector. Still need to patch MS17-010 for full protection. [NO PROOF] Source in my 1st post. Credit to kill switch finder & Source here unproven and speculation stop reading twitter for your IT solutions.... Link to comment Share on other sites More sharing options...
straycat19 Posted June 28, 2017 Share Posted June 28, 2017 3 hours ago, stylemessiah said: unproven and speculation stop reading twitter for your IT solutions.... Why not read twitter. Amit works for a cybersecurity company and does reverse engineering. He's putting out information to test and then verify. You don't need a webpage to post information on malware research. Of course people who aren't involved in security professionally probably don't realize that most of the security work collaboration takes place on twitter or facebook because many people from many areas can participate and share information in real time. It's just another tool. And probably a better use of those two social sites than what most people use them for. Link to comment Share on other sites More sharing options...
Holmes Posted June 28, 2017 Share Posted June 28, 2017 AMEN to that stray. I cant stand posts like OMG this is bullshit and doesnt say anything else. Also post's like Having dinner and then going to bed and thats it im like what a complete waste of my time. A friend of mine is in IT to and he posted some security articles that were good reading and thats what I want to read. One of the main reasons I visit my facebook to keep updated on family matters and to read entertainment post's not stupid bullshit like fishs I love them. Link to comment Share on other sites More sharing options...
pc71520 Posted June 28, 2017 Share Posted June 28, 2017 Here, we go again... Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted June 28, 2017 Administrator Share Posted June 28, 2017 Quite concerning all this. The confusing updates mechanism does not make it easy either. What I mean is that no, there should not have been a cumulative update for the SMB fix, but a single, same version for all the OSes, SMB fix specific update for it. Link to comment Share on other sites More sharing options...
stylemessiah Posted June 28, 2017 Share Posted June 28, 2017 9 hours ago, straycat19 said: Why not read twitter. Amit works for a cybersecurity company and does reverse engineering. He's putting out information to test and then verify. You don't need a webpage to post information on malware research. Of course people who aren't involved in security professionally probably don't realize that most of the security work collaboration takes place on twitter or facebook because many people from many areas can participate and share information in real time. It's just another tool. And probably a better use of those two social sites than what most people use them for. No, ive never worked in cyber security *sigh*...oh wait, there were those years i worked for the largest ISP here, and assisted the federal police, but other than that... twitter...please.... all he did was spout unproven theories most of the day....anyone could do that ill read a legitimate security vendors page thanks Link to comment Share on other sites More sharing options...
steven36 Posted June 28, 2017 Share Posted June 28, 2017 2 hours ago, stylemessiah said: No, ive never worked in cyber security *sigh*...oh wait, there were those years i worked for the largest ISP here, and assisted the federal police, but other than that... twitter...please.... all he did was spout unproven theories most of the day....anyone could do that ill read a legitimate security vendors page thanks Well Amit Serper's company has won many awards let's see yours? lol Anybody can take payoffs from the feds too tell on people even postal workers have been known too do this. Quote Awards Cutting Edge – Endpoint Security Most Innovative Company 2016 Emerging Vendor 20 Cybersecurity Startups to Watch in 2016 Rookie Security Company of the Year https://www.cybereason.com/awards/ Why should we take you're word over someone that works for a cybersecurity firm? Quote Cybereason discovers NotPetya Vaccination Post by: Cybereason Intelligence Team Cybereason Principal Security Researcher Amit Serper discovered a work around solution that disables the NotPetya ransomware that wreaked havoc in Europe on Tuesday. To activate the vaccination mechanisms users must locate the C:\Windows\ folder and create a file named perfc, with no extension name. This should kill the application before it begins encrypting files. https://www.cybereason.com/blog-cybereason-discovers-notpetya-kill-switch/ Link to comment Share on other sites More sharing options...
lordnsane Posted June 28, 2017 Share Posted June 28, 2017 12 hours ago, straycat19 said: Why not read twitter. Amit works for a cybersecurity company and does reverse engineering. He's putting out information to test and then verify. You don't need a webpage to post information on malware research. Of course people who aren't involved in security professionally probably don't realize that most of the security work collaboration takes place on twitter or facebook because many people from many areas can participate and share information in real time. It's just another tool. And probably a better use of those two social sites than what most people use them for. being working in infosec myself, i agree with this fellow 3 hours ago, stylemessiah said: No, ive never worked in cyber security *sigh*...oh wait, there were those years i worked for the largest ISP here, and assisted the federal police, but other than that... twitter...please.... all he did was spout unproven theories most of the day....anyone could do that ill read a legitimate security vendors page thanks and here's someone who shows off, but doesn't seem to know the actual security landscape these days. Let me give you just one example, ever heard of Tavis Ormandy? The guy works in Google Project Zero, is responsible for many of your M$ kernel exploits, AV privilege escalations, application exploits and so on. And guess what's the first mode of his communication about his discoveries? Twitter, if you follow him. Security researchers all over the world, even the writers of your "legitimate security vendors", first update their findings on twitter, and then only go on to write the article. Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted June 29, 2017 Administrator Share Posted June 29, 2017 I must admit, our forums have far more high level - simply put, security experts, than I had previously thought about here. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.