jm + viruses   9

The World Is Getting Hacked. Why Don’t We Do More to Stop It? - The New York Times
Zeynep Tufekci is (as usual!) on the money with this op-ed. I strongly agree with the following:
First, companies like Microsoft should discard the idea that they can abandon people using older software. The money they made from these customers hasn’t expired; neither has their responsibility to fix defects. Besides, Microsoft is sitting on a cash hoard estimated at more than $100 billion (the result of how little tax modern corporations pay and how profitable it is to sell a dominant operating system under monopolistic dynamics with no liability for defects).

At a minimum, Microsoft clearly should have provided the critical update in March to all its users, not just those paying extra. Indeed, “pay extra money to us or we will withhold critical security updates” can be seen as its own form of ransomware. In its defense, Microsoft probably could point out that its operating systems have come a long way in security since Windows XP, and it has spent a lot of money updating old software, even above industry norms. However, industry norms are lousy to horrible, and it is reasonable to expect a company with a dominant market position, that made so much money selling software that runs critical infrastructure, to do more.

Microsoft should spend more of that $100 billion to help institutions and users upgrade to newer software, especially those who run essential services on it. This has to be through a system that incentivizes institutions and people to upgrade to more secure systems and does not force choosing between privacy and security. Security updates should only update security, and everything else should be optional and unbundled.

More on this twitter thread: https://twitter.com/zeynep/status/863734133188681732
security  microsoft  upgrades  windows  windows-xp  zeynep-tufekci  worms  viruses  malware  updates  software 
may 2017 by jm
Global ‘Wana’ Ransomware Outbreak Earned Perpetrators [just] $26,000 So Far
As thousands of organizations work to contain and clean up the mess from this week’s devastating Wana ransomware attack, the fraudsters responsible for releasing the digital contagion are no doubt counting their earnings and congratulating themselves on a job well done. But according to a review of the Bitcoin addresses hard-coded into Wana, it appears the perpetrators of what’s being called the worst ransomware outbreak ever have made little more than USD $26,000 so far from the scam.
money  fraud  ransomware  wana  brian-krebs  bitcoin  cryptocurrency  viruses 
may 2017 by jm
Microsoft Security Essentials reporting false positives on the Bitcoin blockchain
Earlier today, a virus signature from the virus "DOS/STONED" was uploaded into the Bitcoin blockchain, which allows small snippets of text to accompany user transactions with bitcoin.  Since this is only the virus signature and not the virus itself, there apparently is no danger to users in any way.  However, MSE recognizes the signature for the virus and continuously reports it as a threat, and every time it deletes the file, the bitcoin client will simply re-download the missing blockchain.


What a heinous prank! Hilarity ensues (via gwire)
via:gwire  av  antivirus  false-positives  fp  blockchain  microsoft  bitcoin  pranks  viruses 
may 2014 by jm
Russia: Hidden chips 'launch malware attacks from irons'
Cyber criminals are planting chips in electric irons and kettles to launch spam [jm: actually, malware] attacks, reports in Russia suggest. State-owned channel Rossiya 24 even showed footage of a technician opening up an iron included in a batch of Chinese imports to find a "spy chip" with what he called "a little microphone". Its correspondent said the hidden devices were mostly being used to spread viruses, by connecting to any computer within a 200m (656ft) radius which were using unprotected Wi-Fi networks. Other products found to have rogue components reportedly included mobile phones and car dashboard cameras.
wifi  viruses  spam  malware  security  russia  china  toasters  kettles  appliances 
october 2013 by jm
A Closer Look: Email-Based Malware Attacks
'The average detection rate for these samples was 24.47 percent, while the median detection rate was just 19 percent.' That is *atrocious*. (via Tony Finch)
via:fanf  fail  malware  filtering  av  smtp  email  viruses 
june 2012 by jm
The Cybercrime Wave That Wasn’t - NYTimes.com
MSFT researchers discover fundamental scientific failures in almost all data on cybercrime/spam/malware damages. 'In numeric surveys, errors are almost always upward: since the amounts of estimated losses must be positive, there’s no limit on the upside, but zero is a hard limit on the downside. As a consequence, respondent errors -- or outright lies -- cannot be canceled out. Even worse, errors get amplified when researchers scale between the survey group and the overall population. [...] The cybercrime surveys we have examined exhibit exactly this pattern of enormous, unverified outliers dominating the data. In some, 90 percent of the estimate appears to come from the answers of one or two individuals. In a 2006 survey of identity theft by the FTC, two respondents gave answers that would have added $37 billion to the estimate, dwarfing that of all other respondents combined.' my opinion: this is what happens when PR drives the surveys -- numbers tend to inflate to make headlines
fail  science  pr  press  cybercrime  ms  via:mark-russinovitch  data  surveys  spam  malware  viruses  phishing 
april 2012 by jm
Computer Virus Hits U.S. Drone Fleet
'Predator and Reaper crews use removable hard drives to load map updates and transport mission videos from one computer to another. The virus is believed to have spread through these removable drives.'
hmm, not quite sure how that air gap is supposed to work
air-gap  security  drones  viruses  firewalls 
october 2011 by jm
Computer gamers solve problem in AIDS research that puzzled scientists for years
“This is the first instance that we are aware of in which online gamers solved a longstanding scientific problem,” writes Khatib. “These results indi­cate the potential for integrating video games [like FoldIt] into the real-world scientific process: the ingenuity of game players is a formidable force that, if properly directed, can be used to solve a wide range of scientific problems.”
foldit  gaming  games  science  biology  aids  viruses  protease  protein-folding  proteins  vr 
september 2011 by jm
Signature-based AV is failing
on average across the AV industry, 40% block rates just after 0-hour of a new malware sample, rising to 60% after 5 days. sounds like the AV industry is losing, if this chart is valid. (via Terry Zink)
via:tzink  malware  av  fail  accuracy  detection  false-negatives  scanners  viruses  from delicious
june 2010 by jm

Copy this bookmark:



description:


tags: