The problem with targeted attacks is
that they often won't stay targeted...
"Iran's computer
emergency response team is reporting new malware targeting
computers in the country that is wiping
data from partitions D through I. It is set to launch on only
particular dates. 'Clearly, the attacker was trying to think ahead.
After trying to delete all the files on a particular partition the
malware runs chkdsk on said partition. I assume the attacker is
trying to make
the loss of all files look like a software or hardware failure.
Next to these BAT2EXE files there's also a 16-bit SLEEP file, which
is not malicious. 16-bit files don't actually run on 64-bit versions
of Windows. This immediately gives away the malware's presence on a
x64 machine.' While there has been other data-wiping malware
targeting Iran and other Middle East countries such as Wiper and
Shamoon, researchers said there is no immediate connection."
[From
the ThreatPost article:
“Other than the geographic region,
there doesn’t seem to be any commonality with this file-deleting
malware and the previous attacks we’ve seen,” Schouwenberg said.
“Even though the code is extremely simplistic, it looks like the
author managed to slip in a mistake by not deleting a line of old
code.”
The giveaway is a 16-bit SLEEP file
that won’t run on 64-bit Windows machines.
“This is as basic as it gets,”
Schouwenberg said. “But if it was effective, that doesn’t
matter. If it wasn’t clear already, the era of cyber sabotage has
arrived.”
Crime is better wholesale...
The Wii may be on the way out with the
recent arrival of the Wii U, but don’t tell this band of very gutsy
thieves that. This past weekend, a group of crooks managed to steal
7,000 Wii consoles from a Nintendo distribution site within SeaTec’s
Seattle Air Cargo. That equates to about $2 million in stolen
hardware, so we’ve got some big time thieves on our hands.
(Related)
3,600
iPad minis stolen from JFK cargo hold
Perhaps someone should actually read
the ToS before dropping it on an already suspicious user community?
Is this a job for a cynical old fart like me?
"Earlier,
we
discussed news that Instagram introduced a new version of their
Privacy Policy and Terms of Service that will take effect in thirty
days. The changes seemed to allow Instagram to sell users' photos,
and many users were upset. Instagram
now says 'it is not our intention to sell your photos' and that
'users own their content and Instagram does not claim any ownership
rights over your photos.' This is good news for Instagram users."
And so closes another chapter of "We
Let Lawyers Write a Legal Document and The Internet Freaked Out."
[From the ToS:
Some or all of the Service may be
supported by advertising revenue. To help us deliver interesting
paid or sponsored content or promotions, you agree that a business or
other entity may pay us to display your username, likeness, photos
(along with any associated metadata), and/or actions you take, in
connection with paid or sponsored content or promotions, without any
compensation to you.
This happens when you don't bother with
cost/benefit analysis. Security at any cost leads to the mythical,
"In order to save the village we had to destroy it."
"A 2011 ProPublica series found
that the TSA had glossed over the small cancer risk posed by its
X-ray body scanners at airports across the country. While countries
in Europe have long prohibited the scanners, the TSA is just now
getting
around to studying the health effects."
[From the article:
… , the Transportation Security
Administration has agreed to contract with the National Academy of
Sciences to study the health effects of the agency's X-ray body
scanners. But it is unclear if the academy will conduct its own
tests of the scanners or merely review previous studies.
No comments:
Post a Comment