Petya ransomware is now double the trouble
CIO, 13 May 2016 – The Petya ransomware now bundles a second file-encrypting program for cases where it cannot replace a computer’s master boot record to encrypt its file table. Petya is an unusual ransomware threat that first popped up on security researchers’ radar in March. Instead of encrypting a user’s files directly, it encrypts the master file table (MFT) used by NTFS disk partitions to hold information about file names, sizes and location on the physical disk. [More]
Lenovo patches serious flaw in pre-installed support tool
CIO, 6 May 2016 – Lenovo has fixed a vulnerability in its Lenovo Solution Center support tool that could allow attackers to execute code with system privileges and take over computers. The Lenovo Solution Center (LSC) is an application that comes pre-installed on many Lenovo laptops and desktops. It allows users to check their system’s virus and firewall status, update their software, perform backups, check battery health, get registration and warranty information and run hardware tests. [More]
Think that printer in the corner isn’t a threat?
CSO, 3 May 2016 – A printer is a legitimate attack surface. Many companies don’t bother to update the firmware on older models, or don’t include every model in a security audit (such as the one in the CEO’s office everyone forgot about), or the organization assumes a hacker won’t bother with an Epson or HP that is barely even connected to Wi-Fi. Interestingly enough, because a printer is so innocuous and seemingly harmless, that’s the exact reason it poses a threat. Sometimes, the best attack vector for an attacker is the one no one bothers to think about. However, a recent IDC survey found that 35 percent of all security breaches in offices were traced back to an unsecured printer or multi-function device. [More]
IPv6 is the Future of the Internet
LinkedIn, 2 May 2016 – The future of the Internet depends on the continued growth of a solid and healthy underlying global network infrastructure supporting the demand for the next generation of the Internet using IPv6 (Internet Protocol version 6) as its communication protocol. In the era of Internet of Things (IoT), without the extensive global adoption and successful deployment of IPv6 as the primary version of the Internet Protocol (IP), not only the future deployment and growth of IoT is impossible, but the future of the Internet itself is at stake. [More]