'Security researchers have a uncovered a Mac OS based espionage malware they have named "Quimitchin.".. an IT admin noticed unusual traffic coming from a particular Mac, and has been seen infecting Macs at biomedical facilities.'
How exactly does the malware get onto the Mac without the end user downloading and installing the malware and providing it with the admin password?
I think Charlie Brookers Black Mirror got it depicted right as to the effect these unsocial networks will have on the real world: See episode one Nosedive..
"Writing a program that encrypts files is pretty straightforward. Getting it to run on the victim's computer is the tricky bit. Can anyone provide more information about how the payload is delivered?"
That's because KillDisk only runs on Microsoft Windows. Which must never be mentioned in relation to Windows.
"unlike what some robot experts might claim, many of those humans will be innocent civilians"
Not targeting 'innocent' civilians is a fiction told to the home population to protect them from the truth about their heroes in arms. Armies have never been squeamish about targeting the opposing civilian population.
"The messaging network in a Nov. 2 letter seen by Reuters warned banks of the escalating threat to their systems, according to the SWIFT letter. The attacks and new hacking tactics underscore the continuing vulnerability of the SWIFT messaging network"
As the Bangladeshi hack revealed, SWIFT isn't vulnerable. What was hacked was the underlying Windows interface that allowed remote transactions and disabling of the Oracle database confirmation messages. The hack consisted of altering two bytes in a running Windows process.
@Gravis Zero: "Sure sounds like some bank officials wanted the typical security exemptions of management and that it really bit them in the ass this time. Bangladesh isn't known for it's leniency and frankly, I hope they throw the book at them."
If they were inside accomplices then why the need to hack the Windows desktops that performed the SWIFT transactions?
"some bank officials had knowingly created vulnerabilities in the bank's connection to the SWIFT system, used for global transactions."
I thought the vulnerabilities were introduced by emailing them malware that reprogrammed their Windows desktops to perform unauthrorzed transactions and prevented the Oracle database from printing out an acknowlegment of the transactions. The hack consisted of altering two bytes in a running Windows process.
"This server would only accept connections from Internet Explorer users. The reason is that the gate would exploit the CVE-2016-0162 vulnerability that allowed the crooks to determine if the connection came from a real user or a reverse analysis system employed by security researchers."
The reason it only targets Internet Explorer is that the exploit only works on Microsoft windows.
"Investigators.. announced the takedown of a massive botnet named "Avalanche," estimated to have involved as many as 500,000 infected computers worldwide on a daily basis"
What was the name of the Operating System that facilitated this 'computer' botnet.
Is there a contest on slashdot as to how to talk about malware without mentioning that it will only run on Microsoft Windows?
"the attacker ran a server loaded with open source vulnerability scanning tools to identify and compromise servers to use in spreading the ransomware, known as HDDCryptor and Mamba, within multiple organizations' networks".
Slashdot Mirror
"From TFA it apparently runs in userspace not as root"
How exactly does 'Quimitchin' execute in userspace without the end user downloading and installing the malware?
'Security researchers have a uncovered a Mac OS based espionage malware they have named "Quimitchin." .. an IT admin noticed unusual traffic coming from a particular Mac, and has been seen infecting Macs at biomedical facilities.'
How exactly does the malware get onto the Mac without the end user downloading and installing the malware and providing it with the admin password?
"It's still not clear exactly how Game Mode will improve gaming performance, but it's likely that Windows 10 will simply suppress system processes"
Do you mean like renice does it on a Linux system.
How about putting a read-write switch that renders the core Operating System read-only except when you're updating it.
"Russian government recruiters .. placing prominent ads on social media sites"
Is there a link to the original adverts?
I think Charlie Brookers Black Mirror got it depicted right as to the effect these unsocial networks will have on the real world: See episode one Nosedive ..
Solution: change the default password on your IoT device and disable UPnP ..
nice: Runs a command with a modified scheduling priority.
"Writing a program that encrypts files is pretty straightforward. Getting it to run on the victim's computer is the tricky bit. Can anyone provide more information about how the payload is delivered?"
That's because KillDisk only runs on Microsoft Windows. Which must never be mentioned in relation to Windows.
Why is it I don't believe any of this?
"unlike what some robot experts might claim, many of those humans will be innocent civilians"
Not targeting 'innocent' civilians is a fiction told to the home population to protect them from the truth about their heroes in arms. Armies have never been squeamish about targeting the opposing civilian population.
What's the penalty for those allowing their 'computers' to be hijacked and used as part of a botnet?
"The messaging network in a Nov. 2 letter seen by Reuters warned banks of the escalating threat to their systems, according to the SWIFT letter. The attacks and new hacking tactics underscore the continuing vulnerability of the SWIFT messaging network"
As the Bangladeshi hack revealed, SWIFT isn't vulnerable. What was hacked was the underlying Windows interface that allowed remote transactions and disabling of the Oracle database confirmation messages. The hack consisted of altering two bytes in a running Windows process.
@Gravis Zero: "Sure sounds like some bank officials wanted the typical security exemptions of management and that it really bit them in the ass this time. Bangladesh isn't known for it's leniency and frankly, I hope they throw the book at them."
If they were inside accomplices then why the need to hack the Windows desktops that performed the SWIFT transactions?
"some bank officials had knowingly created vulnerabilities in the bank's connection to the SWIFT system, used for global transactions."
I thought the vulnerabilities were introduced by emailing them malware that reprogrammed their Windows desktops to perform unauthrorzed transactions and prevented the Oracle database from printing out an acknowlegment of the transactions. The hack consisted of altering two bytes in a running Windows process.
Don't you mean Microsoft Windows and Zeus Variant and Malware gangs
'Zeus, ZeuS, or Zbot is a Trojan horse malware package that runs on versions of Microsoft Windows'
Twenty mentions of Microsoft on the front page, since when did this become the Microsoft Slashdot?
"This server would only accept connections from Internet Explorer users. The reason is that the gate would exploit the CVE-2016-0162 vulnerability that allowed the crooks to determine if the connection came from a real user or a reverse analysis system employed by security researchers."
The reason it only targets Internet Explorer is that the exploit only works on Microsoft windows.
'Prugar worked as a systems administrator for Pa Online until June 2010, when after a series of "personal issues" with his employer, he was let go.'
What was the nature of these "personal issues" Prugar had with Pa Online?
Deart slashdot, do you have to repeat this cyberbullshit on this technology forum?
"Investigators .. announced the takedown of a massive botnet named "Avalanche," estimated to have involved as many as 500,000 infected computers worldwide on a daily basis"
What was the name of the Operating System that facilitated this 'computer' botnet.
Is there a contest on slashdot as to how to talk about malware without mentioning that it will only run on Microsoft Windows?
"the attacker ran a server loaded with open source vulnerability scanning tools to identify and compromise servers to use in spreading the ransomware, known as HDDCryptor and Mamba, within multiple organizations' networks".
Who finances themoscowtimes.com?
disclosure: i worked as a contractor for LA Metro
What platform does the backend system run on. What desktop application is used to access the backend system?