Detail of a calendar page with dates

A week in security (May 15 – May 21)

Last week was dominated by the WannaCry ransomware and the discussions ensuing it. We published:

Others discussed:

In other news we celebrated Privacy Awareness Week, highlighting the two main themes:

  1. Share with care.
  2. Trust and transparency.

And we gave out some pointers on what to consider and how to act when you have reason to believe that your personal information was stolen.

Other important security news:

  • Researchers from Carnegie Mellon University, Seagate, and the Swiss Federal Institute of Zurich published a paper entitled “Vulnerabilities in MLC NAND Flash Memory Programming: Experimental Analysis, Exploits, and Mitigation Techniques.” Our friends at Bleeping computer explained the found vulnerability of SSD drives.
  • A Croatian security investigator has discovered a new network worm that uses 7 tools and exploits from the US intelligence service NSA. The worm is called EternalRocks, but its original name is “MicroBotMassiveNet“.
  • Wikileaks has brought out information about other CIA tools called Athena and Hera, spyware designed to take full, remote control over infected Windows PCs.

In non-security news, we were amazed by this jewel telling us that scientists at UCLA and the University of Connecticut managed to create a protein-based battery-like device that extracts energy from the human body which could potentially be used to power implants like pacemakers.

Safe surfing, everyone!

The Malwarebytes Labs Team