Last week was dominated by the WannaCry ransomware and the discussions ensuing it. We published:
- A quick roundup of everything we found out in the first few days.
- How did it spread? Was it by email, was it a targeted attack? Or was it just the worm?
- We found a decryptor that works in some cases and explained how to use it.
- Who’s to blame? Microsoft points at the NSA for stockpiling vulnerabilities.
- Kaspersky pointed out similarities to the Lazarus APT.
- The security researcher that registered the first killswitch got doxxed by the British tabloids.
- And statistics showing that Windows 7 computers were hit the hardest.
- Share with care.
- Trust and transparency.
Other important security news:
- Researchers from Carnegie Mellon University, Seagate, and the Swiss Federal Institute of Zurich published a paper entitled "Vulnerabilities in MLC NAND Flash Memory Programming: Experimental Analysis, Exploits, and Mitigation Techniques." Our friends at Bleeping computer explained the found vulnerability of SSD drives.
- A Croatian security investigator has discovered a new network worm that uses 7 tools and exploits from the US intelligence service NSA. The worm is called EternalRocks, but its original name is “MicroBotMassiveNet“.
- Wikileaks has brought out information about other CIA tools called Athena and Hera, spyware designed to take full, remote control over infected Windows PCs.
Safe surfing, everyone!
The Malwarebytes Labs Team