Security

WannaCry Ransomware Shares Code With North Korean Malware, Says Researchers (cyberscoop.com) 106

New submitter unarmed8 quotes a report from CyberScoop: The ransomware known as WannaCry that spread rapidly to 300,000 machines in 150 countries over the past few days shares code with malware written by a group of North Korean hackers known as the Lazarus Group. While the shared code is important, experts warned that it's far from proof about who created and launched the ransomware attacks. Neel Mehta, a security researcher at Google, first pointed out the shared code on Monday on Twitter. The link was quickly echoed by numerous other experts. "From a technical point of view those two functions and their references are identical," said Matt Suiche, founder of United Arab Emirates-based cybersecurity firm Comaeio. "From an attribution point of view a ransomware would subscribe to the narrative of Lazarus Group, which is stealing money like we saw with multiple financial institutions with fraudulent SWIFT transactions -- having a nation-state powered ransomware leveraging crypto currency would be a first."
Movies

Disney Chief Bob Iger Says Hackers Claim To Have Stolen Upcoming Movie (hollywoodreporter.com) 121

An anonymous reader quotes a report from Hollywood Reporter: Walt Disney CEO Bob Iger revealed Monday that hackers claiming to have access to a Disney movie threatened to release it unless the studio paid a ransom. Iger didn't disclose the name of the film, but said Disney is refusing to pay. The studio is working with federal investigators. Iger's comments came during a town hall meeting with ABC employees in New York City, according to multiple sources. The Disney chief said the hackers demanded that a huge sum be paid in Bitcoin. They said they would release five minutes of the film at first, and then in 20-minute chunks until their financial demands are met. While movie piracy has long been a scourge, ransoms appear to be a new twist. UPDATE: According to Deadline, the movie in question appears to be the upcoming film Pirates of the Caribbean: Dead Men Tell No Tales. Disney appears to be working with the FBI and will not pay the ransom.
Desktops (Apple)

Apple Releases macOS 10.12.5, iOS 10.3.2, watchOS 3.2.2, tvOS 10.2.1 (macworld.com) 45

On Monday, Apple released point updates to all its operating systems. Starting with the desktop, the macOS 10.12.5 update for Sierra is the fifth major update since the operating system was released in September of 2016. The iPhone-maker also released the iOS 10.3.2 for iPhones, iPads and iPods to the public. The update for Macs offers a range of bug fixes, improvements to Night Shift, and a long list of security patches. The iOS 10.3.2 update offers "bug fixes and improves the security." More details -- including what's new in tvOS, and watchOS -- here.
Security

UK Tabloids Doxxed the 'Hero' Hacker Who Stopped a Global Cyberattack (theoutline.com) 164

The UK-based security researcher, who "accidentally" halted the spread of the ransomware Wanna Decryptor over the weekend, has been doxxed by UK tabloids. From a report: [...] Journalists have published his name against his will, bringing him unwanted attention and sending a signal to privacy-sensitive researchers that no good deed goes unpunished. The researcher, writing under the username MalwareTechBlog, published a blog post on his personal site with findings about the virus, explaining how it was stopped and what would have to be done to prevent it from coming back. News outlets, including the Daily Mail, The Guardian, and CNN called the anonymous researcher a hero. The researcher was initially responsive to press inquiries. He told reporters that he was 22, lived in the south of England with his parents, and worked for an L.A. security firm. However, he told The Guardian that he wanted to remain anonymous "because it just doesn't make sense to give out my personal information, obviously we're working against bad guys and they're not going to be happy about this." It took about a day for UK papers, including The Mail, The Sun, The Telegraph, and The Mirror, to suss out the researcher's name and publish photos of him, show up at his house, and track down his friends and associates for interviews. "It's caused a fair bit of stress," he told Forbes. "I don't want fame."
Windows

'Don't Tell People To Turn Off Windows Update, Just Don't' (troyhunt.com) 507

Security researchers Troy Hunt, writing on his blog: Often, the updates these products deliver patch some pretty nasty security flaws. If you had any version of Windows since Vista running the default Windows Update, you would have had the critical Microsoft Security Bulletin known as "MS17-010" pushed down to your PC and automatically installed. Without doing a thing, when WannaCry came along almost 2 months later, the machine was protected because the exploit it targeted had already been patched. It's because of this essential protection provided by automatic updates that those advocating for disabling the process are being labelled the IT equivalents of anti-vaxxers and whilst I don't fully agree with real world analogies like this, you can certainly see where they're coming from. As with vaccinations, patches protect the host from nasty things that the vast majority of people simply don't understand. This is how consumer software these days should be: self-updating with zero input required from the user. As soon as they're required to do something, it'll be neglected which is why Windows Update is so critical.
Australia

How Australia Bungled Its $36 Billion High-Speed Internet Rollout (nytimes.com) 149

Not very pleased with your internet speeds? Think about the people Down Under. Australia's "bungled" National Broadband Network (NBN) has been used as a "cautionary tale" for other countries to take note of. Despite the massive amount of money being pumped into the NBN, the New York Times reports, the internet speeds still lagged behind the US, most of western Europe, Japan and South Korea -- even Kenya. The article highlights that Australia was the first country where a national plan to cover every house or business was considered and this ambitious plan was hampered by changes in government and a slow rollout (Editor's note: the link could be paywalled; alternative source), partly because of negotiations with Telstra about the fibre installation. From the report: Australia, a wealthy nation with a widely envied quality of life, lags in one essential area of modern life: its internet speed. Eight years after the country began an unprecedented broadband modernization effort that will cost at least 49 billion Australian dollars, or $36 billion, its average internet speed lags that of the United States, most of Western Europe, Japan and South Korea. In the most recent ranking of internet speeds by Akamai, a networking company, Australia came in at an embarrassing No. 51, trailing developing economies like Thailand and Kenya. For many here, slow broadband connections are a source of frustration and an inspiration for gallows humor. One parody video ponders what would happen if an American with a passion for Instagram and streaming "Scandal" were to switch places with an Australian resigned to taking bathroom breaks as her shows buffer. The article shares this anecdote: "Hundreds of thousands of people from around the world have downloaded Hand of Fate, an action video game made by a studio in Brisbane, Defiant Development. But when Defiant worked with an audio designer in Melbourne, more than 1,000 miles away, Mr. Jaffit knew it would be quicker to send a hard drive by road than to upload the files, which could take several days."
Government

Gizmodo Went Phishing With the Trump Team -- Will They Catch a Charge? (arstechnica.com) 122

Earlier this month, technology publication Gizmodo published a report on how it "phished" members of the administration and campaign teams of President Donald Trump. The blog said it identified 15 prominent figures on Trump's team and sent e-mails to each posing as friends, family members, or associates containing a faked Google Docs link. But did the publication inadvertently break the law? ArsTechnica reports: "This was a test of how public officials in an administration whose president has been highly critical of the security failures of the DNC stand up to the sort of techniques that hackers use to penetrate networks," said John Cook, executive editor of Gizmodo's Special Projects Desk, in an e-mail conversation with Ars. Gizmodo targeted some marquee names connected to the Trump administration, including Newt Gingrich, Peter Thiel, (now-ex) FBI director James Comey, FCC chairman Ajit Pai, White House press secretary Sean Spicer, presidential advisor Sebastian Gorka, and the administration's chief policymakers for cybersecurity. The test didn't appear to prove much. Gingrich and Comey responded to the e-mail questioning its provenance. And while about half of the targeted officials may have clicked the link -- eight devices' IP addresses were recorded accessing the linked test page -- none entered their login credentials. The test could not determine whose devices clicked on the link. What the test did manage to do is raise the eyebrows of security experts and some legal experts. That's because despite their efforts to make it "reasonably" apparent that this was a test, Gizmodo's phishing campaign may have violated several laws, ignoring many of the restrictions usually placed on similar tests by penetration-testing and security firms. At a minimum, Gizmodo danced along the edges of the Computer Fraud and Abuse Act (CFAA).
Android

Netflix Says No To Unlocked Android Smartphones (androidpolice.com) 255

An anonymous reader writes: Last week Netflix app started showing up as "incompatible" on the Play Store for rooted and unlocked Android devices. However, the app itself continued to work fine, leading some to think it could have been an accident. However, Netflix has now confirmed to blog AndroidPolice that blocking modified devices from downloading the app was intentional. This is the full statement: "With our latest 5.0 release, we now fully rely on the Widevine DRM provided by Google; therefore, many devices that are not Google-certified or have been altered will no longer work with our latest app and those users will no longer see the Netflix app in the Play Store."
Android

Slashdot Asks: In the Wake Of Ransomware Attacks, Should Tech Companies Change Policies To Support Older OSs Indefinitely? 360

In the aftermath of ransomware spread over the weekend, Zeynep Tufekci, an associate professor at the School of Information and Library Science at the University of North Carolina, writes an opinion piece for The New York Times: At a minimum, Microsoft clearly should have provided the critical update in March to all its users, not just those paying extra. Indeed, "pay extra money to us or we will withhold critical security updates" can be seen as its own form of ransomware. In its defense, Microsoft probably could point out that its operating systems have come a long way in security since Windows XP, and it has spent a lot of money updating old software, even above industry norms. However, industry norms are lousy to horrible, and it is reasonable to expect a company with a dominant market position, that made so much money selling software that runs critical infrastructure, to do more. Microsoft supported Windows XP for over a decade before finally putting it to sleep. In the wake of ransomware attacks, it stepped forward to release a patch -- a move that has been lauded by columnists. That said, do you folks think it should continue to push security updates to older operating systems as well?
Security

Cyberattacks From WannaCry Ransomware Slow But Fears Remain (bbc.com) 76

WannaCry ransomware, which has spread across 150 countries, appears to be slowing down with few reports of fresh attacks in Asia and Europe on Monday. A report on BBC adds: However staff beginning the working week have been told to be careful. The WannaCry ransomware started taking over users' files on Friday, demanding $300 to restore access. Hundreds of thousands of computers have been affected so far. Computer giant Microsoft said the attack should serve as a wake-up call. BBC analysis of three accounts linked to the ransom demands suggests only about $38,000 had been paid by Monday morning.
Cellphones

UK Group Fights Arrest Over Refusing To Surrender Passwords At The Border (theguardian.com) 284

An anonymous reader quotes The Guardian: The human rights group Cage is preparing to mount a legal challenge to UK anti-terrorism legislation over a refusal to hand over mobile and laptop passwords to border control officials at air terminals, ports and international rail stations... The move comes after its international director, Muhammad Rabbani, a UK citizen, was arrested at Heathrow airport in November for refusing to hand over passwords. Rabbani, 35, has been detained at least 20 times over the past decade when entering the UK, under schedule 7 of terrorism legislation that provides broad search powers, but this was the first time he had been arrested... On previous occasions, when asked for his passwords, he said he had refused and eventually his devices were returned to him and he was allowed to go. But there was a new twist this time: when he refused to reveal his passwords, he was arrested under schedule 7 provisions of the terrorism act and held overnight at Heathrow Polar Park police station before being released on bail. He expects to be charged on Wednesday.
Rabbani "argues that the real objective...is not stopping terrorists entering the UK, but as a tool to build up a huge data bank on thousands of UK citizens." And his position drew support from Jim Killock, executive director of the UK-based Open Rights Group. "Investigations should take place when there is actual suspicion, and the police should be able to justify their actions on that basis, rather than using wide-ranging powers designed for border searches."

Slashdot Top Deals