Saturday, December 14, 2019

New Orleans city systems hit by malware, state of emergency declared.



New Orleans has been hit by a cyberattack and has declared a state of emergency, according to a CNN report on Friday, December 13, 2019.  

Ransomware was detected but no ransom demand has been found. 911 systems were said to be working. 

In July several school systems in Louisiana were infected by malware. 
   
The attack appears to have arrived by ordinary email phishing.  Employees in an organization are typically much less aware of risks than people at home on their own.  But organizational servers should be much better at detecting spam.

Thursday, December 05, 2019

CISA warns about an old nemesis, Dridex


Here is a significant malware alert from CISA in Pittsburgh, AA19-339A, called Dridex, known since 2012.


Dridex has been followed especially by the Treasury Department with respect to hacking at financial institutions.

The malware arrives by email and it appears to be directed to large financial employers.  The malware payload contains macros which often need to reach an FTP server or cloud server to download the actual malware, so infection may not be apparent to scans at first.
  
The malware can launch ransomware on work stations and networks, which in a large business would normally be backed up daily in normal processing cycles.

Tuesday, November 12, 2019

Warnings from Trend Micro on tiny url conversion in my Twitter profile


I’ve had a little issue this morning on Twitter.  My “doaskdotell.com” site was marked red with an x on my profile.  When I refreshed the page, it would go to green.  This happened a few times.  While on red, I overrode the block and it went to my site correctly but took a long time. I reported the problem to Trend Micro.

I’ve seen this happen to other sites before.

It seems that the “t.co …” tiny url does not convert right? Is it possible for that to be hacked?
  
The site is now gray on Google search as Trend has to redo the scan.  The automated scans from Sitelock have come back clean.  There is no Wordpress or other packages on this site, and no place for users to log on and make input.  It is an old legacy site.
  
I do have plans to make it clearer for people when they land on this site to know what I have done recently on my blogs, without having to thumb through them manually.  I also will remove some old and expired material (a few unnecessary directories) within the next two weeks, and continue modernizing the dynamic links, but this takes time.

Monday, November 04, 2019

Alexa, Siri, Google Assistant may have "bizarre" security flaws (ironically)


Siri, Alexa, and Google Assistant may all have bizarre vulnerabilities to laser attack, where an intruder can project commands by laser, Star Wars style, and open appliances or compromise a home.
  
  
Ars Technica has a story by Dan Goodin here
  
Wired has a story by Andy Greenberg.  

NBC Nightly News covered the vulnerabilities tonight in this video

The irony is that Alexa has its own “guard mode” for a security system.

This isn’t something that I would personally find useful.
  
John Fish had demonstrated Alexa in a Sept 7 video here

Friday, November 01, 2019

CISA warns on North Korean malware that may target older workplace Windows PC's


CISA (formerly US-Cert), with the Department of Homeland Security and apparently Carnegie Mellon in Pittsburgh, has an advisory about a North Korean malware exploit MAE 10135536-8 called “Hoplight”.
  
  
This seems to be a 32-bit Windows executable. That may limit its effect to older machines. The advisory includes a printout of the actual byte code. The printout shows IP’s that the affected machine would attempt to P2P to, some of which appear to be relatively well known US companies and others are obscure and overseas.

Friday, October 25, 2019

Physical and digital worlds mix: tips on preventing car theft (and personal danger)


I thought I would share this video from “Bright Side” here, on seven tricks car thieves use.


One of them involves a coin in your card door handle, and I had never heard of that.
  
Others involve complicated hacking of systems that enable keyless ignition (too popular with rental cars right now, which are often too high end for the consumer’s good when traveling).
   
Some can involved kidnapping and personal safety.  And this gets to be testy if some people want to see what they can get away with to make a “political statement” (either from the extreme right of Marxist Left) and feel that revenge against “you” as an “oppressor” is worth anything that can happen to them, as if to make a statement about sacrifice.  I think this kind of idea could grow more dangerous in today’s polarized climate.

Thursday, October 24, 2019

Tik Tok: Could China use it to spy on ordinary Americans?


BuzzFeed News somewhat downplays concerns that China will spy on users of TikTok, in this story by Ryan Broderick, claiming that users are posting only to see if China will try to censor them. 
  
But Tony Room and Drew Harwell report in the Washington Post that Senators Cotton and Schumer want an investigation.
  
If you pay attention to Edward Snowden (and I do) you would pay attention to this.  It sounds sensible to restrict apps developed in potential enemy countries, perhaps.  But doesn't this leap back to the tariffs and trade war (which will escalated Dec 15 for electronics as it stands now). 
  
  
This is a little closer to the possibility of “steganopraphy” practices from potential foreign enemies.