Press "Enter" to skip to content

Tuesday, May 21st, 2019

Linux variant of Winnti malware spotted in wild

Windows 10’s May patches are borking McAfee and Sophos software

Ransomware Cyberattacks Knock Baltimore’s City Services Offline


May 21st Raw.mp3

 It’s Tuesday May 21st 2019 and this is security on the bayou. Today security news and why it matters to you. So today’s can be fun day. We’ve got a couple of really good ones too. Two they’re going to sort of follow ups one that’s pretty technical but this I’m pretty excited about today it is Tuesday.

All right first one from a SC magazine dot com written by Robert Abell Linux variant of win NTI malware spotted in wild. So normally I wouldn’t bring up something so technical but the reason I do here is because of who found it. This was found by Google’s chronicle security team which we’ve heard a lot about they had a big sort of deal at RSA about their new sim that they’re building you know in its Google anything Google touches tends to turn to gold security touch anything security people touch turn to gold. This is just a match made in heaven having Google and security so this is one of the first truly technical things I think I’ve seen from them. I found out today they have a blog. Of course they is why when they have a blog. But this is specific to that win A.I. malware malware has been a popular tool used by Beijing hackers over the last decade or so. Last used on a German pharmaceutical company in April of 2019. So essentially this this malware which most malware is written for Windows or Mac is typically the two you see attack the most more and more over the past four or five years we’ve seen them sort of take these tools if used in the past and start to adapt them for Linux start looking around the world. Linux is run everywhere in the U.S. Azure it’s all based on Linux right. So if you can compromise the big bad servers you have more power to do things so Chronicle has found how many versions of it where to go. I want to say there was five different versions that they found of the of when A.I. ported to Linux.

So next let’s move on. We’re moving to the Inquirer dot net. This is a update from what we talked about yesterday. So if you remember we’ve been having all this stuff with evey every vendor. So yesterday we discovered that Sophos was telling users to roll back their Windows patches because it was causing boot up issues with machines that were running Sophos. Well today gets even better from the inquired dot net windows tens may patches are balking. That’s a great great use of boarding McAfee and Sophos software. This is by Chris Merriam Mary Merryman at Chris the D.J. on Twitter. He’s got a pretty cool profile picture on here. Go click this link and read this and look at that picture. It’s worth it. So not only is Sophos having issues with the May security patch updates from Microsoft but apparently McAfee is and a vast in a virus in aka bit. So I mean most people are via and archive but I’ve never heard of. Well they’re out there they do Avey. You see a lot of virus total but it’s probably not widely used but a vast for sure. McAfee and so far she kidney that they’re all over the place. So this is an interesting. This is not near as bad as Sophos McAfee is having issues with their hips and their virus scan enterprise slowness on startup or may become unresponsive at restart after installing the update. McAfee doesn’t say anything about when they’re going to fix it just like cell phones I’m sure it’s a we’ll fix it soon we’ll get there. Right. Elise McAfee is not saying to uninstall patches right. I said this I want to caution people this could very quickly turn in to a blame Microsoft game. I don’t I don’t necessarily see it that way. So just remember that my remarks that Microsoft Windows is the underlying operating system here. So that’s the most important part right. You can get another Avey. You can’t typically get another operating system there’s only so many options so if you have McAfee or Sophos or vast or virus or Arca bed or or even we start looking at Symantec from the previous weeks or trend there’s other ones out there I highly recommend Malware bytes go grab them if you’d like try other ones there free ones out there although I don’t always recommend using free Avey for obvious reasons but in a subscription is fairly cheap in the long run it’s going to save you a lot of money in time and frustration over the years.

All right next let’s move on to another update. So this one was written by NPR not a typical source for us. The title is ransomware cyberattacks not Baltimore city services offline by Emily Sullivan. So this is we know this right. So first I saw the article was like well why are they sending you to know why are they writing this article on May 21st when this has been going on for two weeks. I didn’t know the title didn’t exactly allude to any new information. Well here we go. I found the new information today this morning the hackers have demanded 13 bitcoins. About one hundred grand. So they went from 72 grand or whatever it was from 16 all the way up to 100k and they still haven’t paid it. The FBI and Secret Service are on this. And at this point you just gotta pay the damn ransom move on right. So you’re going to the there are two or three options here. Here there’s three. Three ways this thing could go one. You had to wipe all your systems and you lose your data too. You pay the ransom they don’t give you the key yet to wipe all your systems and lose your data. Three you pay the ransom. They give you the key you unlock and you get all your data back. So I know two of those involve paying the ransom you tell me. So in here’s where my really form that opinion from. Let me go find this. This quote. Essentially what they said is that all the cryptic cryptographers in the world and the country the smartest MFA is out there have all said that this is an unbreakable algorithm. There is nothing technologically available that can break this algorithm which says to me that you just got to pay the ransom. If the FBI the Secret Service I’m sure everybody’s involved in this on the government side in all these really smart mathematicians and cryptographers are saying this can’t be broken. It’s time you just got to scream uncle and pay the ransom and move on. So it’s been an interesting day. Tuesday what a day to updates Baltimore a city of Baltimore I feel bad. That’s tough. I mean they’re having issues with medical staff processing home loans processing you know title transfers medical records. It’s just essentially everything that you would ever file with the city is just been it’s been encrypted. And then I’m sure the people it sucks right they’re going to pay it’s going to come out of their pocket at the end of the day. But at some point somebody is going to tell you the hard truth of things. You’ve got to pay it and hope it works out for the best. All right folks it is Tuesday May 21st 2019 and the security on the bayou. Thank you for listening. Hope everybody has a wonderful day. It’s almost hump day. We will talk again tomorrow.

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *