A security company decided it would teach people a lesson and set up several fake Wi-Fi access points around the Republican National Convention site in Cleveland last week.Would be interesting if they did the same thing at the Democrats' convention and compare the results. Read more about Avast's findings in their press release, they have a bunch of stats on who did what. It's not pretty:
Over the course of a day, more than 1,000 attendees used these open, unprotected Wi-Fi hotspots to check their mail, used smartphone apps, and even played Pokemon while everything they did was looked at by the security researchers. Imagine if they had been bad guys.
You should always watch what Wi-Fi hotspots you connect to, and use a VPN to help keep your sensitive information out of the hands of hackers.
In case you just came back from vacation, there literally is a new craze going on with an augmented-reality smartphone app called Pokémon Go. It's a geocaching game, meaning it's tied to real-world locations.
Locky is currently one of the top 3 ransomware threats, following closely behind CryptoWall. It's not surprising that this strain has undergone several updates since the beginning of the year, the most recent being discovered on July 12.
The Russian Cyber Mafia behind Dridex and Locky ransomware have added a fallback mechanism in the latest strain of their malware created for situations where their code can't reach its Command & Control server.
Researchers from antivirus vendor Avira blogged about this version which starts encrypting files even when it cannot request a unique encryption key from the C&C server because the computer is offline or a firewall blocks outgoing communications.
Brian Honan wrote a GREAT post at HelpnetSecurity. This is a cross-post of his excellent article, nothing changed, all the internal links to helpnet security were left in place.
"There is a phrase I am finding quite relevant lately. It is attributed to the philosopher George Santayana and it goes like this: “Those who cannot remember the past are condemned to repeat it.” The reason it comes to my mind a lot these days is the headlines we are seeing relating to the latest ransomware attacks against companies’, hospitals’ and government departments’ systems.
Previous headlines highlighted how criminals used DDoS attacks to extort money from victim companies, and we regularly see stories on how organizations lost money after falling victim to CEO fraud (i.e. BEC scams).
There is a new strain of "ransomware" that does not bother with the whole encryption thing at all. These bad guys seem to think it's just an unnecessary distraction and too much work. Better to just start nuking files and then present victims with a ransom note. It's called Ranscam and here is how it looks: