Welcome, Guest. Please login or register.

Recent Posts

Pages: 1 [2] 3 4 ... 10
Tech News & Reviews / Re: Global ransomware attack causes chaos
« Last post by Den1 on 28 June 2017, 09:04:54 »
Oh dear here we go again chaps    :'(
Tech News & Reviews / Global ransomware attack causes chaos
« Last post by 1bit on 27 June 2017, 19:10:05 »

Companies across the globe are reporting that they have been struck by a major ransomware cyber-attack.
British advertising agency WPP is among those to say its IT systems have been disrupted as a consequence.
Ukrainian firms, including the state power company and Kiev's main airport, were among the first to report issues.

The Chernobyl nuclear power plant has also had to monitor radiation levels manually after its Windows-based sensors were shut down.
Experts suggest the malware is taking advantage of the same weaknesses used by the Wannacry attack last month.
"It initially appeared to be a variant of a piece of ransomware that emerged last year," said computer scientist Prof Alan Woodward.

"The ransomware was called Petya and the updated version Petrwrap.
"However, now that's not so clear."

The Russian cybersecurity firm Kaspersky Lab reported that it believed the malware was a "new ransomware that has not been seen before" despite its resemblance to Petya.
As a result, the firm has dubbed it NotPetya. Kaspersky added that it had detected suspected attacks in Poland, Italy, Germany, France and the US in addition to the UK, Russia and Ukraine.

Andrei Barysevich, a spokesman for security firm Recorded Future told the BBC such attacks would not stop because cyber-thieves found them too lucrative.
"A South Korean hosting firm just paid $1m to get their data back and that's a huge incentive," he said. "It's the biggest incentive you could offer to a cyber-criminal."
A bitcoin wallet associated with the outbreak has received several payments since the outbreak began. The wallet currently holds 1.5 bitcoins - equivalent to $3,500.

An email address associated with the blackmail attempt has been blocked by German independent email provider Posteo.
It means that the blackmailers have not been able to access the mailbox.

Network down
Others reporting problems include the Ukrainian central bank, the aircraft manufacturer Antonov, and two postal services.
Russian oil producer Rosneft and Danish shipping company Maersk also say they face disruption, including its offices in the UK and Ireland.
"We can confirm that Maersk IT systems are down across multiple sites and business units due to a cyber-attack," the Copenhagen-headquartered firm said via Twitter.
"We continue to assess the situation. The safety of our employees, our operations and customers' business is our top priority."

Maersk tweeted that its computer systems had been taken offline
Spanish media reports that the offices of the food giant Mondelez - whose brands include Oreo and Toblerone - had suffered attacks.

Netherlands-based shipping company TNT said some of its systems needed "remediation".
And French construction materials company St Gobain has said that it had fallen victim.
In the US, the pharmaceuticals-maker Merck and local offices of the law firm DLA Piper have been affected.

"Please remove all laptops from docking stations and keep turned off - no exceptions," read a sign erected in the lobby of DLA Piper's Washington DC office.
The attacks come two months after another global ransomware assault, known as Wannacry, which caused major problems for the UK's National Health Service.

No defence
Veteran security expert Chris Wysopal from Veracode said the malware seemed to be spreading via some of the same Windows code loopholes exploited by Wannacry. Many firms did not patch those holes because Wannacry was tackled so quickly, he added.

The UK's National Crime Agency is investigating the threat
Those being caught out were also industrial firms that often struggled to apply software patches quickly.
"These organisations typically have a challenge patching all of their machines because so many systems cannot have down time," he said. "Airports also have this challenge."

Copies of the virus have been submitted to online testing systems that check if security software, particularly anti-virus systems, were able to spot and stop it.
"Only two vendors were able to detect it so many systems are defenceless if they are unpatched and relying on anti-virus," he said.

Ukraine seems to have been particularly badly hit this time round.
Reports suggest that the Kiev metro system has stopped accepting payment cards while several chains of petrol stations have suspended operations.
Ukraine's deputy prime minister has tweeted a picture appearing to show government systems have been affected.
His caption reads: "Ta-daaa! Network is down at the Cabinet of Minister's secretariat."


A fix is available for Linux systems; Windows users will have to use firmware updates.

Under certain conditions, systems with Skylake or Kaby Lake processors can crash due to a bug that occurs when hyperthreading is enabled. Intel has fixed the bug in a microcode update, but until and unless you install the update, the recommendation is that hyperthreading be disabled in the system firmware.

All Skylake and Kaby Lake processors appear to be affected, with one exception. While the brand-new Skylake-X chips still contain the flaw, their Kaby Lake X counterparts are listed by Intel as being fixed and unaffected.

Systems with the bad hardware will need the microcode fix. The fix appears to have been published back in May, but, as is common with such fixes, there was little to no fanfare around the release. The nature of the flaw and the fact that it has been addressed only came to light this weekend courtesy of a notification from the Debian Linux distribution. This lack of publicity is in spite of all the bug reports pointing to the issue—albeit weird, hard-to-pin-down bug reports, with code that doesn't crash every single time.

Microcode updates can be sourced in two ways. The system firmware can include new microcode that gets installed each time the system boots, and operating systems can also update processor microcode through use of special (proprietary) drivers. For Linux, this typically means using packages from a distribution's "non-free" repository, as no source code for these updates is available. For Windows, this means letting Windows Update do its job; Windows contains drivers for both AMD and Intel microcode updates.

Updated microcode drivers for Linux are available. At the time of writing, the Windows microcode driver does not appear to contain the fix. On the system I'm using, at least, the driver was last updated in March. Insider builds of Windows have a newer driver, updated in June, but that, too, does not appear to include the updated microcode. Although Microsoft does not appear to document which updates are included in each driver version, the information is visible in a hex editor or similar tool; the Linux microcode updater includes four microcodes not found in the Windows driver, including the ones necessary to address this problem.

One would expect that Microsoft will update its microcode driver in due course, at least for Windows 10. Less likely, however, is that the microcode drivers in Windows 7 and 8.1 receive the update. This is one of the implications of the company's new policy of only supporting Skylake and Kaby Lake in Windows 10; there's no need for Redmond to add Kaby Lake updates to Windows 7 and 8.1 when Windows 7 and 8.1 aren't supported on Kaby Lake chips anyway.

In the meantime, a firmware fix—if available—is the best option, though again, availability may be spotty. Microsoft's Surface Book, for example, does not appear to have a system firmware that includes the fix. I don't mean to call out Microsoft specifically—I daresay many motherboard firmwares have similarly not been updated in the month and a half since Intel issued its patch—but rather to indicate that even systems that are still supported and do receive regular firmware updates may not have Intel's latest and greatest microcode yet.

On systems without either a firmware fix or updated driver, disabling hyperthreading is believed to be a robust solution. Most users, however, will probably just want to take their chances; the exact sequence of instructions and runtime conditions that cause problems seem to be rare (certainly rarer than Intel's description of the bug, "Short Loops Which Use AH/BH/CH/DH Registers May Cause Unpredictable System Behavior," might otherwise indicate), and, under most circumstances, affected systems appear to be stable anyway. More than 18 months passed before this bug was fixed, after all, and there haven't been too many reports of Skylake machines crashing left and right because of it.

Eying up AMD systems as an alternative might be tempting, but they're susceptible to comparable issues, too, in which certain sequences of instructions under certain system conditions can cause crashes or other misbehavior. The workaround in AMD's case is to disable the micro-op cache. Processors are certainly more reliable than software, but they all have bugs, no matter what chip you choose.

Latest from AV-Comparatives - May 2017

Real World Protection: (Higher is better)

Impact on System: (Lower is Better)

Tech News & Reviews / Google hit with record EU fine over Shopping service
« Last post by Jay9 on 27 June 2017, 16:50:12 »

Google has been fined 2.42bn euros ($2.7bn; £2.1bn) by the European Commission after it ruled the company had abused its power by promoting its own shopping comparison service at the top of search results.

The amount is the regulator's largest penalty to date against a company accused of distorting the market.

The ruling also orders Google to end its anti-competitive practices within 90 days or face a further penalty.

The US firm said it may appeal.

However, if it fails to change the way it operates the Shopping service within the three-month deadline, it could be forced to make payments of 5% of its parent company Alphabet's average daily worldwide earnings.

Based on the company's most recent financial report, that amounts to about $14m a day.

The commission said it was leaving it to Google to determine what alterations should be made to its Shopping service rather than specifying a remedy.

"What Google has done is illegal under EU antitrust rules," declared Margrethe Vestager, the European Union's Competition Commissioner.

"It has denied other companies the chance to compete on their merits and to innovate, and most importantly it has denied European consumers the benefits of competition, genuine choice and innovation."

Tech News & Reviews / 'Powerful' cyberattack on Ukraine goes global
« Last post by 1bit on 27 June 2017, 16:47:19 »

A "powerful" cyberattack that started in Ukraine has spread across the world, hitting banks, government IT systems and energy firms.

British advertising group WPP said its computer networks in several locations had been targeted.

The UK's National Cyber Security Centre is investigating how many more UK firms have been hit and is "trying to get an understanding of a fast-moving situation".

Russian, US and German companies were also among those hit, after Ukraine declared it had been struck by the biggest cyberattack in its history.

The country's interior ministry said the hack was a modified version of the 'Wannacry' virus - a type of ransomware that crippled NHS computer systems in May.

Costin Raiu, head of global research at Kaspersky Lab, the world's biggest cybersecurity analysis firm, identified the virus as 'Petrwrap'.

Ukraine's security council secretary said an hour after the news broke: "It is possible to talk of Russian fingerprints."

So far, companies in the following countries have been affected:

:: UK - WPP
:: US - DLA Piper
:: Ukraine - Central bank, energy firms and aircraft manufacturer
:: Russia - Evraz, Rosneft
:: German - Metro
:: Denmark - Maersk
:: Norway - Unnamed "international company"
:: The Netherlands - APM Terminals

Ukranian Deputy Prime Minister Pavlo Rozenko posted a picture of his computer screen, which warned it was experiencing "errors".

News of the cyberattack emerged when the country's government IT network was crippled by an "unknown virus".

The hack then spread, attacking several Ukranian banks, its state energy distributor, postal service and largest telephone firm. Kiev Airport was also hit.

Russian oil giant Rosneft and steel manufacturer Evraz followed, reporting they were affected by the virus.

The disruptions follow a spate of hacking attempts on Ukrainian state websites in late-2016 and repeated attacks on the country's power grid that prompted security chiefs to call for improved cyber defences.

Chit-Chat / more of roco's deep thoughts
« Last post by Roco on 26 June 2017, 00:11:39 »
Hey guys appreciate  your life indeed it ain’t forever , life does have Merde if you look around , had more then my fair share , for me my old Citroen 2CV has kept me locked into reality ( maybe ? ),  indeed I figure it will see me out , same as win 10   ? lol: i never saw diese  as the future ,seems like V.W has proved me right >
BTW, a American road testers view of a Citroen 2cv ,  just had a USA offer for mine , it equals  about the price of a new A class Merc,  it ain’t for sale ,+ it makes me laugh https://www.youtube.com/watch?v=niEG4Z1Ikjs

It’s my grandkids inheritance, sure electric is the future , once  battery  has a new revolution ,
Best regards
Ex test engineer  with SAFT , https://www.youtube.com/watch?v=pNfQ5kODNRg
Computers / Re: Any thoughts ? on Linux
« Last post by Roco on 25 June 2017, 22:23:09 »
Decided I am too old a dog to learn new tricks , I now  have sold my soul to M.S. totally , been with them since Win 3.11, still think XP was their best O/S ?,
but time moves on , now beginning to love 10, now installed on my 3 desktops  + my Levano slate ,  2 of the desktops are in guests rooms , rarely used   :'(  apart from a continental Euro 2cv club member doing the "tour" ,   but kept updated monthly , the levano slate with detachable keyboard  is never used ,even giving it the1 finger salute makes no difference, me and touch screens don’t get on , most unhygienic , it rarely acknowledges  my finger input anyway , not just the levano my banks touch screen never works for me ,  but never fails when the assistant helps , she says you must be a Alien ,  indeed partly true in the UK ,
Computers / Re: Kaspersky Software Updater
« Last post by thar on 25 June 2017, 20:18:10 »
Kaspersky has a cool Software Updater

keeps most of your software up to date, be a good assistant with Secunia PSI (which only includes vulnerability updates)

it can auto install as well, highly recommended
I would never use Kaspersky again after issues I've had with it in the past. Likewise Norton.

Sent from my Nexus 6P using Tapatalk

I had to round to my dad's on Friday to change his, he has this router.

Sent from my Nexus 6P using Tapatalk

Pages: 1 [2] 3 4 ... 10
Powered by EzPortal