England’s healthcare system came under a withering cyberattack Friday morning, with ” at least 25 ” hospitals across the country falling prey to ransomware that locked doctors and employees out of critical systems and networks. The UK government now reports that this is not a (relatively) isolated attack but rather a single front in a massive regionwide digital assault. #nhscyberattack pic.twitter.com/SovgQejl3X — gigi.h (@fendifille) May 12, 2017 The attack has impacted hospitals and transportation infrastructure across Europe, Russia and Asia. Organizations in dozens of countries have all been hit with the same ransomware program, a variant of the WannaCry virus, spouting the same ransom note and demanding $300 for the encryption key, with the demand escalating as time passes. The virus’s infection vector appears to through a known vulnerability, originally exploited and developed by the National Security Agency. That information was subsequently leaked by the hacking group known as Shadow Broker which has been dumping its cache of purloined NSA hacking tools onto the internet since last year. The virus appears to have originally spread via email as compressed file attachment so, like last week’s Google Docs issue, make sure you confirm that you email’s attachments are legit before clicking on them. Also, make sure your computers are using software that’s still receiving security updates, and that you’ve installed the latest updates available. Microsoft released a fix for the exploit used as a part of its March “Patch Tuesday” release, but unpatched Windows systems remain vulnerable. Update : Reuters reports a statement from Microsoft indicating that engineers have added detection and protection against the “Ransom:Win32.WannaCrypt” malware, so make sure your Windows Defender or other antivirus is updated before logging on to any corporate networks that may be infected. In a statement, a FedEx representative confirmed its systems are being impacted, saying “Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware. We are implementing remediation steps as quickly as possible. We regret any inconvenience to our customers.” Source: New York Times
Read the article:
‘WannaCry’ ransomware attack spreads worldwide (update)
An anonymous reader writes: The audio driver installed on some HP laptops includes a feature that could best be described as a keylogger, which records all the user’s keystrokes and saves the information to a local file, accessible to anyone or any third-party software or malware that knows where to look. Swiss cyber-security firm modzero discovered the keylogger on April 28 and made its findings public today. According to researchers, the keylogger feature was discovered in the Conexant HD Audio Driver Package version 1.0.0.46 and earlier. This is an audio driver that is preinstalled on HP laptops. One of the files of this audio driver is MicTray64.exe (C:windowssystem32mictray64.exe). This file is registered to start via a Scheduled Task every time the user logs into his computer. According to modzero researchers, the file “monitors all keystrokes made by the user to capture and react to functions such as microphone mute/unmute keys/hotkeys.” Read more of this story at Slashdot. 