Toggle sidebar

News Article: That big ransomware attack yesterday

All of these copycats of the original malware, Cryptolocker, work the same way, encrypting your files in the background, which takes quite a while. (A lot of people are going to find their files encrypted when they go to work Monday.) A free detection program has been available for a long time from Foolsh.I.T.com. (He claims the 4 letter word ending was inadvertent - remove extra dots to reach the site.) The paid version automatically updates. Malwarebytes paid version, when run constantly, does the same now. If encryption starts, both stop it and ask you if you are the one doing it intentionally. It's nice for peace of mind. Bazza, here's an Infoworld article advocating for more Mac enterprise use: LINK
 
jthomas666 said:
I'm transitioning from 7 to 10. Didn't upgrade the home PC even though it was free, but my new laptop and my company laptop are both 10. They've moved enough controls around to make it annoying, but I'm getting there.
Click to expand...
I'm thinking about going back to 7. My network ran beautifully on it and has never run adequately on 10. Several MS techs have been unable to help me...
 
AUDub said:
Debian FTW :cool:
Click to expand...

Played around with Linux a bit back in the day, but admit I've never looked into Debian. The main thing that scares me away is compatibility with legacy software - word, excel, etc. I know there are copycat versions out there that are Debian-compatible, but I'm not so sure I'd want to relearn everything all at the same time I'm trying to learn a whole new OS.
 
AUDub said:
This is an exploit that takes advantage of a known vulnerability in Windows. Everyone runs Windows, so nobody puts much effort into exploiting UNIX like OSs like OSX. If they did, the situations would be similar. Windows rules the roost, so it gets targeted.



All OSs can be exploited. The problem is that this really stings the no longer supported legacy OSs like Windows XP, Server 03 etc. Ones MS no longer patches.

A lot of places run legacy hardware. Making a huge technology change such as an operating system at a hospital isn't easy. Cost, compatibility, people who are "tech challenged" and the amount of time and money that it would take to train the employees to make such a change is usually not financially worth it. Unfortunately, it results in situations like this.
Click to expand...

That and the fact that microsoft never wrote very good code to begin with.
 
2003TIDE said:
My understanding is he wrote and licensed it to IBM and retained rights to the source code. Not exactly stealing it.
Click to expand...
I was speaking figuratively. At the time, everyone felt like IBM didn't really know what they had and his deal with them was almost a "steal."
 
the stealing came from Xerox, both Gates and Jobs robbed Xerox PARC blind as did eventually a few others. Invented the mouse, GUI, Ethernet, Laser Printer among others. First time I went in that building I was in awe. Little known fact the building was owned by Roche Pharmaceuticals and was also where much of the work for the development of the Birth Control Pill took place. So 1 little building in Palo Alto California brought both the sexual revolution and modern technology
 
I knew when I heard this that NYBF would save the day. I just didn't know where he lived.

We got phone recalled for standby Friday night but far as we know nothing happened.
 
PacadermaTideUs said:
The link I posted to the real-time map is actually run by the guy who registered the domain. He's anonymous, British, and goes only by "MalwareTech". He and a guy in Michigan named Darien Huss together identified the kill-switch. But the Brit is who registered the domain name.

That's how he's tracking the real-time propagation - pings to his domain. The ransomware has a line of code that pings that domain name. If the domain is registered and active, the ransomware is turned off. Hense, the kill-switch. Before he registered the domain name, the ping wasn't answered, and the ransomware remained active.
Click to expand...

I see a Marcus Hutchins being reported in British publications. That him?
 
Sounds familiar. They interviewed him on TV. Sounded/looked like a typical guy you'd find in a computer lab. Lots of them around here...
 
looks like we are Ok here at my office. we got hit with one of these a couple of years ago. One of the partners clickeed on a link he shouldn't have. It took most of the day for our IT guys to fix it.
 
The problem here is ultimately that Microsoft, Apple, Google, and basically everyone else in the software or internet service business are not making their software like a life depends on it. When each started they weren't seeking the infrastructure market but eventually they got there and didn't turn away public and private infrastructure entities when they offered to give them tons of money to use their software products or services. But their software does not live up to the rigors of infrastructure, life-or-death type systems. They're failure prone, typically under-reviewed, often over-engineered. At this point, it is a free market failure because we accept their haphazard "fix it in post" patch approach instead of demanding that they eat some of their huge cash hordes to shore up their systems to make them infrastructure-capable. God forbid we tell our corporate betters who increasingly hold people's lives in the balance that they can't profit as much for awhile until they fix their mess. Bad programming kept ambulances off the road in Britain. There is a real human cost here and Microsoft and others can't keep getting away with it.
 
Bamaro said:
If you are running Windows and dont keep up to date with security updates you only have yourself to blame.
Click to expand...

It's really not that simple in an enterprise environment. You CAN patch windows, but things have to be certified and tested. A lot of time 3rd party products are involved that need to be recoded/patched first.
 
Exactly. Infrastructure needs to be reliable enough that it can run as-is for decades at a time with minor fixes. Major upgrade cycles is not a reality no matter how much the Tech world tries to bend reality to their will and laziness.
 
Just got an email form some coworkers and apparently several received the email but were smart enough to delete it without opening it. As I said we got one of these ransomwares before so… fool me once.
 
You must log in or register to reply here.

New Posts

Advertisement

Trending content

Advertisement

Latest threads

Top Bottom
Back