Attackers Use Microsoft Office To Push BlackEnergy Malware (csoonline.com) 51
itwbennett writes: Researchers at SentinelOne reverse engineered the latest variant of the BlackEnergy 3 rootkit (the same malware used in recent attacks against Ukraine's critical infrastructure) and found indicators that suggest it is being used by insiders and that it is the byproduct of a nation-sponsored campaign. 'BlackEnergy 3 exploits an Office 2013 vulnerability that was patched some time ago, so it only works if the target machine isn't patched or an employee (either deliberately or after being tricked into it) executes the malicious Excel document,' writes CSO's Steve Ragan.
To all the idiots ... (Score:3)
... Who turn off Windows update. All I can say is told you so.
Re:To all the idiots ... (Score:4, Insightful)
Turning off Windows Update puts you are grave risk of malware infection. Turning it on makes it a certainty. The only winning move is not to play. Use Linux. :)
Re:To all the idiots ... (Score:4, Insightful)
I assume you meant https://www.libreoffice.org/ [libreoffice.org] Libre Office rather than Linux although subtlety in there no M$ Office on Linux of course, although in this case you could call it M$ 'open' Orifice, eww, that's bad ;).
Re: (Score:1)
I assume you meant https://www.libreoffice.org/ [libreoffice.org] Libre Office rather than Linux
you assumed incorrectly but it may have to do with your apparent illiteracy. :)
Re: (Score:1)
there no M$ Office on Linux of course
Wrong. You can use Office 365 on Linux.
Re: (Score:2)
Wine or Android?
Re: (Score:2)
Web version.
Re: (Score:2)
Linux can get infections too. The only winning move is not to use computers. ;)
Re: (Score:1)
Re: (Score:1)
1) If I don't want systemd installed on my Linux computer, does that make systemd a form of malware if it is installed?
No, unwanted software is not malware. If I install Ubuntu but don't want Gnome installed on my computer that does not make Gnome a form of malware.
2) If systemd prevents a Linux installation from booting properly, does that make systemd a form of malware?
No, an application that crashes is not malware.
3) If systemd comes with a Linux distribution, and the distribution's installer does not include a menu for easily choosing an init system other than systemd, is that Linux distribution considered to be infected with malware?
No, see response to point 1.
Re: (Score:2)
It depends maybe if the software that's unwanted causes noticeable loss in performance, has unwanted side effects or causes other programs to stop working, etc. The software update may cause more damage than real malware, then the only real difference is intentional versus unintentional harm to your computer.
Re: (Score:2)
Not really. I should think of using set. Malware is a subset of unwanted software. An unwanted software may or may not have any effect on your computer and/or your info entered or stored via/in the computer but rather occupies spaces in storage. A malware is both unwanted and intend to do something that in turn harm the user and/or computer. However, some malware may have a side effect but its creator doesn't intend to have (e.g. leaves a computer vulnerable and that allows other malwares in).
BIZX (Score:1)
Re: (Score:2)
Cool, thanks for the news. Google seems to confirm what you say: http://www.streetinsider.com/C... [streetinsider.com]
Or here as well: http://www.marketwired.com/pre... [marketwired.com]
Looking forward to have the same overlords as www.MyRatePlan.com, www.VoipReview.org and www.Voip-Info.org!
Re: (Score:2)
Re: (Score:2)
Google confirms, slashdot is dying. And its google, not netcraft. Google is never wrong.
Re: BIZX (Score:2)
Oh my..an SEO company..if we thought Dice was bad..
Ukraine's critical infrastructure (Score:1)
Re: (Score:2)
I for one, would like to welcome our new Putin Jugend overlords.
Re: (Score:2)
Re: (Score:2)
How do you catch 30 million unique rabbits?
PAY CMDRTACO 100 KILODOLLARS AND UNIQUE UP ON THEM.
Re: (Score:2)
Re: (Score:2)
Re: TRANSLATION (Score:2)
Anyone managing a Windows machine has used DOS, unlike Linux you pretty much cannot manage the damn system without. (I wish I was kidding)
Re: (Score:2)
I'm not sure how many people are expecting to manage a Linux system using DOS.
Nation-sponsored campaign? (Score:2)
Open networks that face the internet, commercial OS's and older applications should be replaced with more robust solutions.
Re "... deployed in NATO countries, and more broadly across the European Union" Would an older vulnerability that might not exist or be updated even be of interest to an advanced nation-sponsored effort?
The penetration products offered to nations are new, fancy and work on t
It's interesting how... (Score:1)
... I no longer feel shocked by reading "microsoft" and "malware/virus" in the same sentence. When you read some news about OS X, or some FUD about Linux, and malware there is room for some banter. But with microsoft it is kind of expected. Isn't it sad that the name of a company is that linked to malware?
Re: (Score:2)
'BlackEnergy 3 exploits an Office 2013 vulnerability that was patched some time ago, so it only works if the target machine isn't patched or an employee (either deliberately or after being tricked into it) executes the malicious Excel document,' writes CSO's Steve Ragan.
A vulnerability that is still present if user behavior allows triggering the payload is NOT PATCHED. It's a workaround, at best.
Nonsense. If the user is running as administrator, then the user triggering the payload is perfectly acceptable as far as Windows is concerned, because an admin user is allowed to do whatever they want to the machine. And before you say that it is still MS fault because users need to run as admin - that hasn't been true in years. Some sites still allow users to be admins of their own machines, but that is a policy decision, not something that Windows forces on them.