Category Archives: cryptocurrency

Resource updates May 1 2018

Updates to Anti-Social Media 

The Guardian: WhatsApp CEO Jan Koum quits over privacy disagreements with Facebook – “WhatsApp was built with a focus on privacy and a disdain for ads, but the Facebook-owned service is now under pressure to make money”

Selina Wang for Bloomberg: Twitter Sold Data Access to Cambridge Analytica–Linked Researcher. And commentary from Help Net.

ENISA: Strengthening network & information security & protecting against online disinformation (“fake news”) – “In this paper, ENISA presents some views on the problem of online disinformation in the EU from a Network and Information Security (NIS) perspective. A number of recommendations are presented which relate both to general NIS measures, as well as targeted measures to protect against online disinformation specifically.”

Updates to Cryptocurrency/Crypto-mining News and Resources

Coin Telegraph: Scammers Hijack Verified Twitter Account To Steal Crypto By Posing As Telegram CEO

Updates to Chain Mail Check

ESET: This test will tell you how likely you are to fall for fraud

David Harley

Advertisements

Intel gives up and Microsoft tries again…

Updates to Meltdown/Spectre – Related Resources

[April 4 2018] John Leyden for The Register: Badmins: Magento shops brute-forced to scrape card deets and install cryptominers

April 2nd/3rd 2018 updates

Updates to Anti-Social Media 

[2nd April 2018] Facecrooks: Facebook Is Making Its Privacy Settings Easier To Find

[3rd April 2018] John Leyden for The Register: One solution to wreck privacy-hating websites: Flood them with bogus info using browser tools – Chad Loder is quoted as saying “The internet ought to “route around” known privacy abusers, shifting from passive blocking of cookies, host names, and scripts to a more active deception model. ” Lots of other useful commentary.

Updates to Cryptocurrency/Crypto-mining News and Resources

Updates to Mac Virus

‘Android action updates’

David Harley

AVIEN resource updates 31st March 2018

Updates to Anti-Social Media

 (HT to Mich Kabay for pointing out the Economist articles – NB there’s a limit on how many you can view without subscribing.)

Updates to Cryptocurrency/Crypto-mining News and Resources

Updates to Meltdown/Spectre – Related Resources

Updates to Mac Virus

(1) iOS

(2) Android

Updates to Anti-Malware Testing Blog

David Harley

Resource updates March 29th 2018

Updates to Anti-Social Media

Updates to Specific Ransomware Families and Types

Updates to Cryptocurrency/Crypto-mining News and Resources

Updates to Meltdown/Spectre – Related Resources

  • Security|DMA|Hacking: Total Meltdown? (Analysis of the Windows 7 Meltdown patch fiasco)

David Harley

Resources updates, 26 March 2018

Updates to Anti-Social Media

Updates to Specific Ransomware Families and Types

Updates to Cryptocurrency/Crypto-mining News and Resources

David Harley

Resources updates, 23rd March 2018

Updates to Anti-Social Media

Updates to Specific Ransomware Families and Types

  • Catalin Cimpanu for Bleeping Computer: City of Atlanta IT Systems Hit by SamSam Ransomware
  • An older article (January) but well worth reading: SamSam – The Evolution Continues Netting Over $325,000 in 4 Weeks
  • ESET on the Atlanta ransomware attack City of Atlanta computers held hostage in ransomware attack
  • My response (not used) to a request for comment: “Lately, quite a few comparatively new security issues have tended to overshadow ransomware in the media: cryptojacking, vulnerabilities relating to hardware and firmware, even privacy issues relating to social media (and especially Facebook). Yet this incident is a salutary reminder that ransomware has not gone away just because it isn’t talked about so much, and there are some examples for which there is still no decryptor available except by the ‘goodwill’ of the criminals. As long as some of the bad guys are making money out of it, the attacks will continue. It should, therefore, still be a priority for organizations and individuals to ensure that their data and systems are safely backed up and that ransomware can’t reach the backups as well as the original files.”
  • Thomas Claburn for The Register: City of Atlanta’s IT gear thoroughly pwned by ransomware – “nasty Data gone with the wind as attacker goes full Sherman”

In other news… Richard Chirgwin, for the Register: ‘R2D2’ stops disk-wipe malware before it executes evil commands – ‘Reactive Redundancy for Data Destruction Protection’ stops the likes of Shamoon and Stonedrill before they hit ‘erase’. Summarizes research from Purdue university.

Updates to Meltdown/Spectre – Related Resources (Microsoft/Windows section)

Updates to Cryptocurrency/Crypto-mining News and Resources

Updates to Mac Virus

  • V3: Apple to fix iOS11 bug that enables Siri to read hidden notifications – “Bug means Siri can be asked to read aloud all your hidden notifications” (Yes, it’s more on that Siri silliness.)

Updates to Chain Mail Check

22nd March Resources Update

Cryptocurrency/Crypto-mining News and Resources

Anti-Social Media

Mac Virus

13th March 2018 resources updates

(1) New section on Trend Micro Resources in Meltdown/Spectre – Related Resources

Trend Micro: Detecting Attacks that Exploit Meltdown and Spectre with Performance Counters
“We worked on a detection technique for attacks that exploit Meltdown and Spectre by utilizing performance counters available in Intel processors. They measure cache misses — the state where data that an application requests for processing is not found in the cache memory — that can be used to detect attacks that exploit Meltdown and Spectre.”

(2) Cryptocurrency/Crypto-mining News and Resources

David Harley

March 5th 2018 resources update

Update to Ransomware Recovery and Prevention

Update to Cryptocurrency/Crypto-mining News and Resources

Update to Specific Ransomware Families and Types

Update to Meltdown/Spectre – Related Resources

David Harley