Phone Fraud by Industry | The Public Sector Story
Citizens expect to be able to contact their government agencies over the phone. Even though contact center representatives are trained to look out for red flags and call characteristics associated with fraud, the lack of multi-layered authentication, the use of social engineering, and the exploitation of the black market enables fraudsters to gain access to […]
On the Wire Podcast: Yanick Fratantonio and Simon Chung
A team of researchers from the University of California at Santa Barbara and Georgia Tech this week published detailed research on a set of weaknesses and vulnerabilities in Android that can allow an attacker to use a malicious app to completely control the UI of a device. The Cloak & Dagger attacks, as they’re called, […]
Researchers Find Deeper Links Between WannaCry and Lazarus Group
The links between the WannaCry ransomware and the Lazarus group, which is believed to be responsible for several high-profile attacks, are deeper and more substantial than previously thought, according to new evidence unearthed by security researchers. The Lazarus group is a hacking team tied to North Korea that researchers have linked to a number of […]
Decryption Tools Help Turn Tide Against WannaCry
As the WannaCry ransomware campaign stretches on into its second week, researchers have had more and more success developing tools to help users decrypt the files on infected PCs. Last week, French researcher Adrien Guinet released a tool called Wannakey that could recover the private keys used to encrypt files on Windows XP machines. The […]
WannaCry is the Future of Ransomware
We knew this was coming. We’ve known for years that a ransomware attack on the scale of WannaCry was not just possible, but probable. What we didn’t know was that when it came it would involve a vulnerability discovered by the NSA, an exploit developed by the NSA, and a backdoor written by the NSA. […]
Tool Released to Recover Private Key for WannaCry on Windows XP
A researcher has released a tool that can recover the decryption key for the WannaCry ransomware on infected Windows XP systems. The tool, called Wannakey, is the work of Adrien Guinet of Quarkslab, a French security firm. Wannakey takes advantage of a quirk in the way that WannaCry uses the Windows Crypto API on XP […]
Google Play Protect Adds App Scanning to Android
Google is introducing a new system that scans all of the apps on Android devices continuously, looking for unwanted behavior, malware, and other problems. The new Play Protect framework is Google’s latest attempt to shore up the security of the Android ecosystem. Any apps that are in the Play store already are subject to a […]
On the Wire Podcast: Kurt Baumgartner
The WannaCry ransomware campaign has had a remarkable effect on the Internet as a whole and the security community specifically. It has shown users just how vulnerable many of the world’s computers are, and it also has reminded experts of the lessons they learned during the heyday of Internet worms such as Code Red and Slammer. […]
Experts: WannaCry Kill Switches Just a Temporary Fix
While security researchers have had some success in preventing the WannaCry ransomware campaign from becoming a true epidemic with the use of kill switches hidden in the malware’s code, experts say those are just temporary solutions that may not last much longer. The two versions of WannaCry that have emerged so far each have included […]