Don’t stare at the encrypted ball


In this very In an instant, a Ransomware attacks are hitting hundreds of companies All over the United States.This incident seems to be a so-called result Supply chain attack; Hackers can push malware to victims through legitimate IT management software from a company called Kaseya. To make matters worse, REvil ransomware operators attacked so-called “managed service providers” that provide IT infrastructure and support to companies that would rather outsource such things. When hackers break the MSPIn the words of a cybersecurity professional, customers who infect them usually work quickly, which makes the scale of this event “milestone.”

The severity of the REvil strike is almost enough to make people forget a particularly bad week for Microsoft. almost.In addition to the high-profile cybersecurity incidents that we will detail below, the company also found itself caught up in spontaneous Which computers will be allowed to run Windows 11. This New operating system It may require processors that were launched up to four years ago, which means that the large number of devices you can buy now will not be eligible. Not only that, Microsoft previously announced that it will end support for Windows 10 in 2025, which means that many users have only a few years to be forced to choose between completely losing security updates and buying a new PC—even if their current The PC works well.

In other not-so-good Microsoft news, behind the same hacker The devastating SolarWinds event Was found to have Install malware on customer service employees’ devicesMicrosoft said that three customers were affected by the hacker attack, but it is not clear who or what information was stolen.Shouldn’t be surprised Russian cyber espionage is engaged in cyber espionage activities, But still shocking is that they can get this level of access at a key company like Microsoft.

Another group of Russian hackers were also captured this week, which also caused trouble.US and British intelligence agencies warned that the notorious The Fancy Bear organization has been trying to “brute force” into hundreds of target networks. The technology is very basic. It just means throwing the password into an account until one of them works. However, this did not reduce its worries, especially since the event seems to be ongoing.

Finally, browser extensions are convenient and fun, but they can also pose security risks if installed incorrectly. This is our guide to determine which ones should be kept If you have privacy issues, which ones should you skip (in general, you should have these issues).

there are more. Every week we collect all safety news that WIRED has not covered in depth. Click on the title to read the full story and stay safe there.

If your new idea can also serve as the opening line for a technical dystopian thriller, maybe it’s best to put it aside?Just an idea after the Worldcoin project was announced this week, the project proposed that a reasonable and reasonable way to distribute new cryptocurrencies is to register people in the following way Let a basketball-sized sphere scan their irisesThe ultimate goal is to establish some kind of universal basic income. The founders of Worldcoin emphasized that they are scanning their eyes with a large sphere and paying great attention to privacy.But considering staring at the encrypted sphere and Is not In doing so, we strongly recommend the latter.

After the leak of a proof-of-concept vulnerability known as PrintNightmare, the Windows world was a bit messy this week, effectively providing a very hot zero-day vulnerability. PrintNightmare is serious because it allows remote code execution due to a flaw in Windows Print Spooler. However, almost as disturbing as the exploit itself is the apparent sloppiness that led to its release. In June, Microsoft released a patch to solve this problem. But this week a Chinese cybersecurity company claimed that the problem has not been completely resolved. Soon after, two researchers from another Chinese company published the exploit code on GitHub, and quickly copied and spread it there. When you are waiting for a really effective patch, you can disable Print Spooler, but then you will not be able to print from the server. So yes, it’s a bit messy!

Use VPN Always a little nonsense; the best It has been proven that they keep your browsing confidential, as advertised, but they are usually not sure. Then there are VPNs that are said to be favored by ransomware gangs, so much so that a consortium of international law enforcement agencies bans them completely. This is what happened to DoubleVPN this week. Its domain name and server were blocked by the Dutch National Police and authorities in the United States, Canada, and other parts of Europe. Europol stated in a statement that DoubleVPN is “used to disrupt networks around the world.” Of course, there are many other VPNs for them to choose from, but anything that helps disrupt the ransomware workflow — and possibly Leading to identifying the people who deployed it-is a welcome development.

Security researchers warned this week that Chinese hackers are launching a sophisticated phishing campaign, pretending to be the office of the President of Afghanistan, in an attempt to deliver malware to members of the country’s National Security Council. The organization uses a Dropbox account to avoid raising suspicions when leaking data, and it appears to have targeted other countries in Central Asia.


More exciting connected stories

Leave a Reply

Your email address will not be published. Required fields are marked *